Versions Compared

Old Version 39

changes.mady.by.user Søren Mikkelsen

Saved on

compared with

New Version 40

changes.mady.by.user Søren Mikkelsen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

SOSI-idkortet kan benyttes til på medarbejderens vegne , at foretage service-kald til nationale services på medarbejderens vegne, der følger DenGodeWebService (DGWS).

Der henvises til den generelle dokumentation for DenGodeWebservice på https://www.medcom.dk/standarder/webservice-standarder/den-gode-webservicefor DenGodeWebservice, samt service-udbydernes egen dokumentation af DGWS medarbejdersnitfladerne.

...

<?xml version="1.0" encoding="UTF-8"?>
<Assertion ID="id4dc7177d3dc14383b4f2d6e6b125dcd9" IssueInstant="2022-09-14T10:53:26.804Z"
    Version="2.0" xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
    <Issuer>https://t-seb.dkseb.dk/runtime/</Issuer>
    <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
        <SignedInfo>
            <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <Reference URI="#id4dc7177d3dc14383b4f2d6e6b125dcd9">
                <Transforms>
                    <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </Transforms>
                <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <DigestValue>...</DigestValue>
            </Reference>
        </SignedInfo>
        <SignatureValue>...</SignatureValue>
        <KeyInfo>
            <X509Data>
                <X509Certificate>...</X509Certificate>
            </X509Data>
        </KeyInfo>
    </Signature>
    <Subject>
        <NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
            >79f30dae-e945-4c7b-941f-94cd4c7a3cf1</NameID>
        <SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
            <SubjectConfirmationData InResponseTo="id7970d754ae48499886d89d78cd862f84"
                NotOnOrAfter="2022-09-14T10:58:26.804Z"
                Recipient="https://t-seb.dkseb.dk/samlclaimapp11/login.ashx"/>
        </SubjectConfirmation>
    </Subject>
    <Conditions NotBefore="2022-09-14T10:53:26.804Z" NotOnOrAfter="2022-09-14T11:53:26.804Z">
        <AudienceRestriction>
            <Audience>https://t-seb.dkseb.dk/samlclaimapp11/</Audience>
        </AudienceRestriction>
    </Conditions>
    <AuthnStatement AuthnInstant="2022-09-14T10:53:26.804Z" SessionIndex="DxtYXLE2lmxJyfM2BuiX2A==">
        <AuthnContext>
            <AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Unspecified</AuthnContextClassRef>
        </AuthnContext>
    </AuthnStatement>
    <AttributeStatement>
        <Attribute Name="https://data.gov.dk/model/core/eid/cprUuid"
            NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
            <AttributeValue>f094778e-9b64-45a8-a254-d299dbde7614</AttributeValue>
        </Attribute>
        <Attribute Name="https://data.gov.dk/model/core/eid/professional/uuid/persistent"
            NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
            <AttributeValue>79f30dae-e945-4c7b-941f-94cd4c7a3cf1</AttributeValue>
        </Attribute>
        <Attribute Name="dk:gov:saml:attribute:AssuranceLevel"
            NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
            <AttributeValue>3</AttributeValue>
        </Attribute>
        <Attribute Name="https://data.gov.dk/model/core/eid/privilegesIntermediate"
            NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
            <AttributeValue>...</AttributeValue>
        </Attribute>
        <Attribute Name="https://data.gov.dk/model/core/eid/bootstrapToken"
            NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
            <AttributeValue>...</AttributeValue>
        </Attribute>
        <Attribute Name="https://data.gov.dk/model/core/eid/fullName"
            NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
            <AttributeValue>Karl Kristensen</AttributeValue>
        </Attribute>
        <Attribute Name="https://data.gov.dk/model/core/eid/email"
            NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
            <AttributeValue>xxx@xxxxx.dk</AttributeValue>
        </Attribute>
        <Attribute Name="https://data.gov.dk/model/core/eid/cprNumber"
            NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
            <AttributeValue>231096xxxx</AttributeValue>
        </Attribute>
        <Attribute Name="https://data.gov.dk/model/core/eid/professional/cvr"
            NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
            <AttributeValue>25252525</AttributeValue>
        </Attribute>
        <Attribute Name="https://data.gov.dk/model/core/eid/professional/rid"
            NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
            <AttributeValue>85479288</AttributeValue>
        </Attribute>
        <Attribute Name="https://data.gov.dk/model/core/eid/professional/orgName"
            NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
            <AttributeValue>Organisation X</AttributeValue>
        </Attribute>
        <Attribute Name="https://data.gov.dk/model/core/specVersion"
            NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
            <AttributeValue>OIO-SAML-3.0</AttributeValue>
        </Attribute>
        <Attribute Name="https://healthcare.data.gov.dk/model/core/specVersion"
            NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
            <AttributeValue>OIOSAML-H-3.0</AttributeValue>
        </Attribute>
    </AttributeStatement>
</Assertion>

Eksempel på autorisationer, ydertilknytning og nationale roller indlejret i https://data.gov.dk/model/core/eid/privilegesIntermediate attributten

...