Formålet med dette dokument er at give en detaljeret beskrivelse af de konkrete services, der udbydes af STS i forbindelse med anvendelsesområdet eHDSI omvekslinger.
Dokumentet henvender sig primært til udviklere, der skal i gang med at anvende de konkrete eHDSI omvekslingssnitflader udbudt af STS.
Dokumentet bygger i høj grad på den overordnede STS - Guide til anvendere, som giver et overblik over STS og leverer i denne sammenhæng et mere dybdegående teknisk beskrivelse af de services i STS, der ligger i anvendelsesområdet eHDSI omvekslinger.
Som beskrevet i STS - Guide til anvendere, så findes der i STS følgende services indenfor anvendelsesområdet eHDSI omvekslinger:
| eHDSI omveksling | |
| /sts/services/DKNCPBST2EHDSIIdws | Omveksler et eHDSI IDWS XUA Bootstrap token (DKNCPBST) udsted af "Danish National Contact Point" til et eHDSI IDWS XUA Identity Token (IDWS-eHDSI) Bemærk, at den OIO Saml sikkerhedsbillet, der veksles, skal være signeret af troværdig tredjepart |
Afhængig af miljø udstilles tjenesten på:
|
I det følgende gives et eksempel på en omveksling af et DKNCP Bootstrap token til et eHDSI IDWS XUA Identity token
Request:
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512"
xmlns:wst14="http://docs.oasis-open.org/ws-sx/ws-trust/200802"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<soapenv:Header>
<wsse:Security mustUnderstand="1" wsu:Id="security">
<wsu:Timestamp wsu:Id="ts">
<wsu:Created>2025-06-12T06:06:34Z</wsu:Created>
</wsu:Timestamp>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#body">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>RdQR0LDoU6f6Ov0awyY0bbMIOD0=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#ts">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>4+ckBjVZEwbcGaOlvXSFietSe6E=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#messageID">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>MmKCUm87T8BKWHWXWKkRhLQBioA=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#action">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>3cXAhlhZH22NiSh7AttxKxBap7Q=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
FSWDj+bqlB+IAkWkFSfI7oBWgnr5Z5/aXNkS3hb0kovdbE/4qX/4L5tBsDD4yxWXYNAq+iEZ62MNoudbSDT6IliHFf7PAKUbW9MC2Yxf5XVmLA/bxXPG00K1IFcUDfv/v5sIuQzgJPpMbD52HIC/1KH9krqZKDCoKqBrUVq6CAFEpUmYINOw1jiMYHTS0Fi1OXJ2OLG0oebcl1ZfpqAr1xVlFOCsK/MQ0r+sUPSOeVHTN30YcvzVK/Yv9EQ35h48m4s0t9oovtEB8iSxdnRLEkvE3rZyKUci3f+Wc6j3fkZntS0h4RBTKoo1RL4f7OL0PGV716h6G8L2ZvQYfO9LBBLNUlzXWlFlGlr+nXsW4eppxhVfFPt/0bMLlqZqVQkpH+w26CK2xgcUIS93FwXCYQ+rlwJV+t3sbDgKz8/9dorg7+69cZNBcsf8h+yuV4X/asxffzz59561uZSQ9xP5qvToKoMQM+eCxfINNfnkbBo2nvLnGW9T/qVrOnM45Ktl</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGpTCCBNmgAwIBAgIUYJ0aPJz3wA7sSIY072JLnBOYu/IwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yNTAzMTkxOTE2MDlaFw0yODAzMTgxOTE2MDhaMIGbMRIwEAYDVQQDDAlWT0NFU19IT0sxNzA1BgNVBAUTLlVJOkRLLU86Rzo4YjQ2MTY1Ny1hZjliLTRkN2ItYThhYS0xMDY1YTdjNzUxZGIxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDxyntzZwKVYwyT2LCMuPvfGxGBVdbxVBA1w6OrJfaktgHTOC6/aP4Er/M6Ey0Yk37paf2QNwkX4R9OOpZtikKsnKAgAryy8lNW1/4vHv+m2lguT/lUcjn6Y02CeoA3hTs3wxup4Z/0SbFucMZ2HlyoUKGVgroFHIiDVw0S7zeAlh25IxiO2U1C4aGFNbX25/vcU0SclYWAaWTDNQv3dReIPU/uPjKE87Ng7BbjFqP9sFtL0O0TJhMvDw6uNdSyVYAicmhLQhvMXAn31pfYp284uu+OpSDlZ8XM/V9zBuK+LyOZU8xWIT3Sio5ZBH9i3tHXOaG3SaGpgrNg7figkewo6haRanQm8NmzOBD2rwcYJOf9A07NurRdr3yYdsN9cQjYxJ47ZjN0jNnEHorWMgzMaqBCYqSH59C2Oqt7Isvqpi6vI+wOAHrE3pLdRYAQ5a4hA6gFMnME27vPskC344mEkLAbnfGlFI7WUK4pwtlBhi0R1RHr6WdMghmPBlPBpq0CAwEAAaOCAaYwggGiMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAdBgNVHREEFjAUgRJ0a25Aa3ZhbGl0ZXRzaXQuZGswIgYDVR0gBBswGTAIBgYEAI96AQEwDQYLKoFQgSkBAQEDBwEwOwYIKwYBBQUHAQMELzAtMCsGCCsGAQUFBwsCMB8GBwQAi+xJAQIwFIYSaHR0cHM6Ly91aWQuZ292LmRrMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jcmwvaXNzdWluZy5jcmwwHQYDVR0OBBYEFEazl9U4mkXimPA+0Ev2r0LAuAPdMA4GA1UdDwEB/wQEAwIF4DBBBgkqhkiG9w0BAQowNKAPMA0GCWCGSAFlAwQCAQUAoRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogMCASADggGBALVDzuhJDYcr/DjKuvBLCGYsontwVBB5H4DT4XW9CoVjAwKuJMTrrpQZinKftjHR4Rn+QY5Mz0J/P8PgvXeyZ5FqLa46cCz/msBH+uqDWiH4jq1H0Yc/IYtxTb2jB2GArST905tb+aXoGmE3Gyus1PdmznPhHiGuImiZ5v8JITEdpHdi54Ywjmp9B/DRQ4o7x/oYTfQweq5a1ut0MlFukhdRL5K/wmNjH6FFbAOKWK7QBorKm+I0W2mZcQHUPKzryqM1FvZhWNJ76Kl3dDngRfOPZHpAMPIC0gPe2feC8850l3awYCA3c/hVKquteMPJcb3YQbqNB4z8iV0xZyXNiDxCUyT3ibiPltocEDnMGiVhNurRrOKCMX0l3q2kmWWO8JJn7Mif0avdSaOg+Z378VM6kSF6bdD4swiBZlMz6D3m3HeKKy/QCPWpaRAcAp1/oO0+gxs8UuMKusbxFHAQQ3InSoJhyOt+sv1ZnLKd9Iouvcy5v9yFGVsMsgbtB896ew==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
<wsa:Action wsu:Id="action">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</wsa:Action>
<wsa:MessageID wsu:Id="messageID">urn:uuid:0a28016a-0107-4d57-8768-82c363604b7c</wsa:MessageID>
</soapenv:Header>
<soapenv:Body wsu:Id="body">
<wst:RequestSecurityToken Context="urn:uuid:40acab9d-ce4f-415c-8d56-83d1c5510154">
<wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType>
<wst:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</wst:RequestType>
<wst14:ActAs>
<saml:Assertion xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
ID="_19f4cee0-636d-46a2-9919-39c9e5d2b1cf" IssueInstant="2025-06-12T06:06:34Z"
Version="2.0" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
<saml:Issuer>https://dkncpbst-issuer.dk</saml:Issuer>
<ds:Signature Id="OCESSignature">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod
Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
<ds:Reference URI="#_19f4cee0-636d-46a2-9919-39c9e5d2b1cf">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>c/p4hWVfHqvx03GA+LvjWssKxIIzuddh+fs4R7ZJRdg=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
rEA9SO7KcGhSXJ7w28oJ9jlNeMvb8NtpTsk32sWqpW4oR/8xOIYPzvpnvzMtPybUJDmpv797RF2/k211FVP/0rWcRoGwi8vW9Uwi+EZdKvWYhUhaw3urzkgMEW6me223TX5/rw2FG8Uyl8Jnm2bZvp7J0lxHQrO2FyTjNtAkzQI2eICgEbkGvuHPyPN8kasny+Q49d+3XzJtduY+Ha5fZg1DgHJiAqsOR3oqasxUGXlxcg3ZWmfkgWwym5nMADVQqKDySGcAWA62B2yWZnw//+gQOpZlEZ/hjsaytOiUqrx/01HB5IrBUNj/NbHyGEj08FW665p2si0qrkUXkDxGBwHEeWpAwaOWL07g3eBMdHrpz++JnJZVcZX7QXB18PxMI/GQuZHDCJ2WdVB/dBz1AWArdAe4lVCx+wlMCWQcb9Sdd+E4F77ESmqwJN+r/8Gpc/d2mCL3e1eXhm/xuTfLMXWLM5Cy0rpYO4+qVlgdanrPPUZVnlvP+lZWA7nA9UIB</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGqzCCBN+gAwIBAgIUbMuS2gXsAUxVt5B4LYli9Jh7G64wQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yNDA0MjkwNjU0MzhaFw0yNzA0MjkwNjU0MzdaMIGeMRUwEwYDVQQDDAxWT0NFU19neWxkaWcxNzA1BgNVBAUTLlVJOkRLLU86RzpjNzBiMDIwNy0xNjJlLTRkM2QtYTdmMS1hMTlhOGUwN2Q5OWIxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDMxeSBXyU1e/jdTJeC5C6qbKL/LosO1jyuwzVTr1OXUwNtWN47L3Xx/uflPcQUKvAj1DggEhraQRW3itGqeK6jktkKaz2SijYVoCXS1QbxXbWhSUkNXLwyDcRdhnj5DqfIYsifAFquX2BfzLweLudVWvIuggX4WVJA0GrpSFwmwIGcZpyu82XuW8wriw2NvUrjrfDjxpFkCoMZXT9Jr5YVVncPBiN9pxFVneoBhBeFnHmxdHSDILLPuGahsc57g/8o0BsgSWjWJNxGzST727bLb/rSCvRMWBIkUlsmx4HuNixJ8U0zITGgDGjVmv59OUXYOYq92QGaXBGnfVDKHK2uFC3Yqcx8MCD2gxg4Yr5Yl7wa0iXmLZXjvy14n0a+GOk5uH/DLD+uNU32HOSZ7ZMe1Hb/37ztBLklmUfhqS2jVdbR+5KuQegycNnbCRks8oUAFbeUnoJtXMPguBdTY1Uko/UXV+scl95w4XFj+BnVbgI13BRlmcKrTi8U5EphugMCAwEAAaOCAakwggGlMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAgBgNVHREEGTAXgRVuc3Auc3VwcG9ydEBhcm9zaWkuZGswIgYDVR0gBBswGTAIBgYEAI96AQEwDQYLKoFQgSkBAQEDBwEwOwYIKwYBBQUHAQMELzAtMCsGCCsGAQUFBwsCMB8GBwQAi+xJAQIwFIYSaHR0cHM6Ly91aWQuZ292LmRrMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jcmwvaXNzdWluZy5jcmwwHQYDVR0OBBYEFC7ffuHVkwJCJnx9k2t3oJr0IYcxMA4GA1UdDwEB/wQEAwIF4DBBBgkqhkiG9w0BAQowNKAPMA0GCWCGSAFlAwQCAQUAoRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogMCASADggGBAL/FUm1nnfOw6iTUxHdHJjFziHzYgVLhm56yTeB5I74AmQHJWDY58vu3VEvrPm1q1YsQGnzd4Ks95/C6Y3po2mXMyY2lZLDmZrFRfcP7X+LfdNMxGYCxNaIVtSqW5SYGPrkbCRvk9IXt2OhZaYqblYsq2/bOBDUZq9kL/dyVoPs2dxSUNqNlpuQrpgvPwMVQYLEClY1h6Bgx3LgF5Un6j4TNXX+fvCoJi/41OSlZUFXWY8C9I3hpSHHBLtzX1UlFhWuEfz9aELakFb4PSFzwzZ+7iBibngbWJUHF4j16FigO7zqST63jYPlvgg5WoPSkGpXdiSsRbwrl4eOjXTLljDgcMePqXG/vhxVtkTcGOk6nPoBGwN0nasbdXkg+ZYmov7nvIUvMGgkYhhrAis1OYYZDpwHLSsZHKD85/pWoUUMRhnXcKTOFIa8t2GApFhBVdPruiZaDIokaKMacer1D+3f4iU64AzXPSOc6TORfvVHC8uIvXaVnl34ifUgD4FV72Q==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml:Subject>
<saml:NameID
Format="urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName">
BstSubjectNameTest</saml:NameID>
<saml:SubjectConfirmation
Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key">
<saml:SubjectConfirmationData>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGpTCCBNmgAwIBAgIUYJ0aPJz3wA7sSIY072JLnBOYu/IwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yNTAzMTkxOTE2MDlaFw0yODAzMTgxOTE2MDhaMIGbMRIwEAYDVQQDDAlWT0NFU19IT0sxNzA1BgNVBAUTLlVJOkRLLU86Rzo4YjQ2MTY1Ny1hZjliLTRkN2ItYThhYS0xMDY1YTdjNzUxZGIxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDxyntzZwKVYwyT2LCMuPvfGxGBVdbxVBA1w6OrJfaktgHTOC6/aP4Er/M6Ey0Yk37paf2QNwkX4R9OOpZtikKsnKAgAryy8lNW1/4vHv+m2lguT/lUcjn6Y02CeoA3hTs3wxup4Z/0SbFucMZ2HlyoUKGVgroFHIiDVw0S7zeAlh25IxiO2U1C4aGFNbX25/vcU0SclYWAaWTDNQv3dReIPU/uPjKE87Ng7BbjFqP9sFtL0O0TJhMvDw6uNdSyVYAicmhLQhvMXAn31pfYp284uu+OpSDlZ8XM/V9zBuK+LyOZU8xWIT3Sio5ZBH9i3tHXOaG3SaGpgrNg7figkewo6haRanQm8NmzOBD2rwcYJOf9A07NurRdr3yYdsN9cQjYxJ47ZjN0jNnEHorWMgzMaqBCYqSH59C2Oqt7Isvqpi6vI+wOAHrE3pLdRYAQ5a4hA6gFMnME27vPskC344mEkLAbnfGlFI7WUK4pwtlBhi0R1RHr6WdMghmPBlPBpq0CAwEAAaOCAaYwggGiMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAdBgNVHREEFjAUgRJ0a25Aa3ZhbGl0ZXRzaXQuZGswIgYDVR0gBBswGTAIBgYEAI96AQEwDQYLKoFQgSkBAQEDBwEwOwYIKwYBBQUHAQMELzAtMCsGCCsGAQUFBwsCMB8GBwQAi+xJAQIwFIYSaHR0cHM6Ly91aWQuZ292LmRrMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jcmwvaXNzdWluZy5jcmwwHQYDVR0OBBYEFEazl9U4mkXimPA+0Ev2r0LAuAPdMA4GA1UdDwEB/wQEAwIF4DBBBgkqhkiG9w0BAQowNKAPMA0GCWCGSAFlAwQCAQUAoRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogMCASADggGBALVDzuhJDYcr/DjKuvBLCGYsontwVBB5H4DT4XW9CoVjAwKuJMTrrpQZinKftjHR4Rn+QY5Mz0J/P8PgvXeyZ5FqLa46cCz/msBH+uqDWiH4jq1H0Yc/IYtxTb2jB2GArST905tb+aXoGmE3Gyus1PdmznPhHiGuImiZ5v8JITEdpHdi54Ywjmp9B/DRQ4o7x/oYTfQweq5a1ut0MlFukhdRL5K/wmNjH6FFbAOKWK7QBorKm+I0W2mZcQHUPKzryqM1FvZhWNJ76Kl3dDngRfOPZHpAMPIC0gPe2feC8850l3awYCA3c/hVKquteMPJcb3YQbqNB4z8iV0xZyXNiDxCUyT3ibiPltocEDnMGiVhNurRrOKCMX0l3q2kmWWO8JJn7Mif0avdSaOg+Z378VM6kSF6bdD4swiBZlMz6D3m3HeKKy/QCPWpaRAcAp1/oO0+gxs8UuMKusbxFHAQQ3InSoJhyOt+sv1ZnLKd9Iouvcy5v9yFGVsMsgbtB896ew==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</saml:SubjectConfirmationData>
</saml:SubjectConfirmation>
</saml:Subject>
<saml:Conditions NotBefore="2025-06-12T06:06:34Z"
NotOnOrAfter="2025-06-12T08:06:34Z">
<saml:AudienceRestriction>
<saml:Audience>https://audience.nspop.dk/ehdsi</saml:Audience>
</saml:AudienceRestriction>
</saml:Conditions>
<saml:AuthnStatement AuthnInstant="2025-06-12T06:06:34Z"
SessionIndex="_19f4cee0-636d-46a2-9919-39c9e5d2b1cf">
<saml:AuthnContext>
<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:X509</saml:AuthnContextClassRef>
</saml:AuthnContext>
</saml:AuthnStatement>
<saml:AttributeStatement>
<saml:Attribute FriendlyName="XSPA Subject"
Name="urn:oasis:names:tc:xspa:1.0:subject:subject-id" NameFormat="">
<saml:AttributeValue xsi:type="xs:string">Alfonso Gonzalez</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="XSPA Role"
Name="urn:oasis:names:tc:xacml:2.0:subject:role">
<saml:AttributeValue>
<Role xmlns="urn:hl7-org:v3" code="2221"
codeSystem="2.16.840.1.113883.2.9.6.2.7" codeSystemName="ISCO"
displayName="Nursing professionals" xsi:type="CE" />
</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="XSPA Organization Id"
Name="urn:oasis:names:tc:xspa:1.0:subject:organization-id" NameFormat="">
<saml:AttributeValue xsi:type="xs:string">urn:oid:1.3.6.1.4.1.44938</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="EHDSI Healthcare Facility Type"
Name="urn:ehdsi:names:subject:healthcare-facility-type" NameFormat="">
<saml:AttributeValue xsi:type="xs:string">Hospital</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="XSPA Purpose of Use"
Name="urn:oasis:names:tc:xspa:1.0:subject:purposeofuse">
<saml:AttributeValue>
<PurposeOfUse xmlns="urn:hl7-org:v3" code="TREATMENT"
codeSystem="urn:oasis:names:tc:xspa:1.0" xsi:type="CE" />
</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="XSPA Locality"
Name="urn:oasis:names:tc:xspa:1.0:environment:locality" NameFormat="">
<saml:AttributeValue xsi:type="xs:string">Klinik am Berg, 83242 Reit im
Winkl</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="XUA Patient Id"
Name="urn:oasis:names:tc:xacml:2.0:resource:resource-id" NameFormat="">
<saml:AttributeValue xsi:type="xs:string">
0205756078^^^&1.2.208.176.1.2&ISO</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="IDWS XUA SpecVersion"
Name="urn:dk:healthcare:saml:SpecVersion" NameFormat="">
<saml:AttributeValue xsi:type="xs:string">eHDSI-IDWS-XUA-1.0</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="IDWS XUA IssuancePolicy"
Name="urn:dk:healthcare:saml:IssuancePolicy" NameFormat="">
<saml:AttributeValue xsi:type="xs:string">test-ehdsi-bst-policy</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="EHDSI Country of Treatment"
Name="urn:dk:healthcare:saml:CountryOfTreatment" NameFormat="">
<saml:AttributeValue xsi:type="xs:string">DE</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="NIST AssuranceLevel"
Name="dk:gov:saml:attribute:AssuranceLevel" NameFormat="">
<saml:AttributeValue xsi:type="xs:string">3</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="XSPA permissions"
Name="urn:oasis:names:tc:xspa:1.0:subject:hl7:permission" NameFormat="">
<saml:AttributeValue xsi:type="xs:string">
urn:oasis:names:tc:xspa:1.0:subject:hl7:permission:PRD-004</saml:AttributeValue>
<saml:AttributeValue xsi:type="xs:string">
urn:oasis:names:tc:xspa:1.0:subject:hl7:permission:PRD-010</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="EHDSI OnBehalfOf"
Name="urn:ehdsi:names:subject:on-behalf-of">
<saml:AttributeValue>
<Role xmlns="urn:hl7-org:v3" code="333"
codeSystem="2.16.840.1.113883.2.9.6.2.7" codeSystemName="ISCO"
displayName="Medical Doctors" xsi:type="CE" />
</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="XSPA Organization"
Name="urn:oasis:names:tc:xspa:1.0:subject:organization" NameFormat="">
<saml:AttributeValue xsi:type="xs:string">Charité – Universitätsmedizin
Berlin</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
</saml:Assertion>
</wst14:ActAs>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>https://audience.nspop.dk/ehdsi</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
</wst:RequestSecurityToken>
</soapenv:Body>
</soapenv:Envelope> |
Svar fra STS:
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<soapenv:Header>
<wsse:Security mustUnderstand="1" wsu:Id="security">
<wsu:Timestamp wsu:Id="ts">
<wsu:Created>2025-06-12T06:06:47Z</wsu:Created>
</wsu:Timestamp>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#body">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>GlxRe3tQJGzGmw3tmxTulJHYtrg=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#ts">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>aftUF3ApRbGoqEc1mhE0xjl35wk=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#messageID">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>KW9LdThj4Ja48JvRosvaPBWWzy0=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#relatesTo">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>mN63BR11+1z3bi9hgKAa3s8XqJQ=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#action">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>3cXAhlhZH22NiSh7AttxKxBap7Q=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
nG7Er5xXFCqXVsmpwWb5jcbAjmWzFHg5MeP63eLF07TE666GzzhLSXb5+odIOfrTUcWzgtSnbhi4V8jQL3JW5hlWWB3N/Sr0EYZmHqgxvlNh4bBDy68u/vNTvgoL4KG6htzSXxP7oMlALE2OFNM0mS372rQ9wTzoe4KsN3O/lAS8n47ElEkArFTPTZKkMkGDRuET9ycNwaYbyzgOtomxZsWpagASezqaQLScsiNc6uNzSwCvSGdi4ZCpP6CLwGVY6Ooc6WanhH+pvG8qMhIPcTuDyzzBeuGxSscn9HnyfSfj3iB3efbMOUltN3yjLaEJOn/9puIv8EmYPm68aRGOiGgRV8n7Ry3+e3qACzvDLaZndTPANhqSssWUet+q52ryrAjf7dBWoEKzIo9arvzBpXaBTz7EHaxNBlPdZWaD1dyW6Zc92ZAvzqVbn7nXpZcmXcovhPnJfdL353st8gnF4D2SjZzgNOJFSmHsC69q5b1PuX02e0NHS7HlN4nPm13o</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGjTCCBMGgAwIBAgIUFy4h2LTxF4eZW2LC1kay4XM2HOkwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMjExMjkwOTMwMjVaFw0yNTExMjgwOTMwMjRaMIGjMSIwIAYDVQQDDBlOU1AgVGVzdCBTZXJ2aWNlIENvbnN1bWVyMTcwNQYDVQQFEy5VSTpESy1POkc6OGQzZmEwNDctYzc3ZS00N2U0LWJkZDItZTkxNDg4NjEwY2U2MR4wHAYDVQQKDBVTdW5kaGVkc2RhdGFzdHlyZWxzZW4xFzAVBgNVBGEMDk5UUkRLLTMzMjU3ODcyMQswCQYDVQQGEwJESzCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALyJRrV1jHkQtPZ5Yb1BQsVv7CsH2G7xMebZh6o7Opm/Pb2+u8QKnPK2dkPXtFDn4efC6adwMN7EeDulIOC+6S/2yNcUQvD9Nbk40TBX6wqHjcQoMA9a725m1cqQiHPGxlHhQVMRzeJLjpEVnkdush3NCZFfndu48bdtsxM2n6sJgB3wJhvVAb8PdABfZETRcpMVIU8gBEWhMFHZhKlzmZqPUf7OQCtF2Hd1N7F4Qzus/NCP98p9z92h07sVprZD8iwWLlN9GukssDoZTbHpYmeFRE74WnxibQwau8FRFXxHZVSMQ+b3rOPLw0fLL09wDIDcBdJZyK2S/qHWzCfxxNwUCMd5g5aEvXElxiVnNdSBNVz+9phvMz3T66Za64DxFbQ/cfQcCJgSQyGpGpAOEuv2Rl9xxiNHFkoYVTR85bsHPFm6zda7/WSRZbjrhWRsbcTNunu+ucK1STkb0jiupk951zwlGN/HFGPtYP6GEMbaln01Rc7XrQDO7Rc4VKBVlwIDAQABo4IBhjCCAYIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBR/KJ/ZcZlC4nXn1zV2Lk0IJW12XjB7BggrBgEFBQcBAQRvMG0wQwYIKwYBBQUHMAKGN2h0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jYWNlcnQvaXNzdWluZy5jZXIwJgYIKwYBBQUHMAGGGmh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY3NwMCEGA1UdIAQaMBgwCAYGBACPegEBMAwGCiqBUIEpAQEBAwcwOwYIKwYBBQUHAQMELzAtMCsGCCsGAQUFBwsCMB8GBwQAi+xJAQIwFIYSaHR0cHM6Ly91aWQuZ292LmRrMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jcmwvaXNzdWluZy5jcmwwHQYDVR0OBBYEFFNN5GI5Bd91v2k+3gh2tB79kMiJMA4GA1UdDwEB/wQEAwIFoDBBBgkqhkiG9w0BAQowNKAPMA0GCWCGSAFlAwQCAQUAoRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogMCASADggGBAAg7zaoHb0a4EKKoVc2SVcp6/x4Np2CfUmduosmoWxd5SboR2NV93MinTkhJRLPXjTYjETLKLNbmgrDm1oFtnw4rVRdKtpy06D0Zh5hKmR3KDjfXt/+KiHtjqs5fmB8GVo3TxFHGnS4sOmph6l/KG4tOPhMabVWcX7vJQfIBVJMak1QHWzig4ooREvupqefYTpvP13GIG4DsyRabAlR2M3pyvdrSAU899gxASvWI6LBQlEdd4tPodAvdEEb3fHS2pnWmI56Im881jOdVtmmjWMCyPD4kP6SaBUxs7XhqZMwH8X98d5NMwPUYyyKwOVJfPrsWdfhupshcdyn2AWpVLU5GfhdRkmSdLdTKzzJOt7pPH+fS95R5MyV0febSJnSOXgNq7ICdQdiKO/HQ8/zmePRq8Ax/7DGrEA0zXENH2un6AV+7bZtELmNoU+B0MoN/AuSteAxmfTTnc8Xu45rTIXh3Vx1OS3NFggGSBvawlVkE7kWKej3o2sKtfot8a+ILzw==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
<wsa:Action wsu:Id="action">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</wsa:Action>
<wsa:MessageID wsu:Id="messageID">urn:uuid:590701cc-8d75-446e-ba7a-e90078dae1c6</wsa:MessageID>
<wsa:RelatesTo wsu:Id="relatesTo">urn:uuid:0a28016a-0107-4d57-8768-82c363604b7c</wsa:RelatesTo>
</soapenv:Header>
<soapenv:Body wsu:Id="body">
<wst:RequestSecurityTokenResponseCollection>
<wst:RequestSecurityTokenResponse
Context="urn:uuid:40acab9d-ce4f-415c-8d56-83d1c5510154">
<wst:TokenType>
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType>
<wst:RequestedSecurityToken>
<saml:Assertion xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
ID="_c57adb56-5bd9-4cf0-ab77-5939ecef73f0"
IssueInstant="2025-06-12T06:06:47Z" Version="2.0"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
<saml:Issuer>TESTSTS</saml:Issuer>
<ds:Signature Id="OCESSignature">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod
Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
<ds:Reference URI="#_c57adb56-5bd9-4cf0-ab77-5939ecef73f0">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>XJ7O2d/ArdzvTLTfQIEkXbJqHXuimy2oowkWge+8uIY=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
bx8kuhLXHp4R0nXLpuH8gEJ+sdTyFImtUvhHzxHGde8sb/QWhysFBpoiTVShLRHtbH1eYGk34yrHI3nis/Y8QF0rlyTV7MLCwRx28WP4o7g52BLh5iNJJN1QqeTUGojpBuMc3yI4Hg6/HLDhFOpo5+8qpZ29MIyBY/COLvDhUUdElgLfCe0fFBAjQ8ayKy/l+X4Vke0i8G6ejYJp8WlkQP+5pq0A/aQV9Ipb7SV28BOvxydq/7ZATRbrRY49ur0TVVpcdFUt28yFQhGA0tGldRDGSLz54h2tYX1VSVZO29QIOsRMceD4EDOcOFLPd1VWjq/5W6yPOFMUN+11vSy6EiVdlQOQiiqR1O/gAmJneqEaWZlQaBYIxiBf0/d9B82s/iWExAz1htmnNfAQToIc6elCSh2lKJfn2X8iLmycvQLBp2MYI18g4C4QWIGUXzR7hB+cnBRdIZDP9bfr9Sk1MqvH2XIK3InJFVJBbgFcwK+vGMc3H8Sw9QoKDmtP10Q8</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGjTCCBMGgAwIBAgIUFy4h2LTxF4eZW2LC1kay4XM2HOkwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMjExMjkwOTMwMjVaFw0yNTExMjgwOTMwMjRaMIGjMSIwIAYDVQQDDBlOU1AgVGVzdCBTZXJ2aWNlIENvbnN1bWVyMTcwNQYDVQQFEy5VSTpESy1POkc6OGQzZmEwNDctYzc3ZS00N2U0LWJkZDItZTkxNDg4NjEwY2U2MR4wHAYDVQQKDBVTdW5kaGVkc2RhdGFzdHlyZWxzZW4xFzAVBgNVBGEMDk5UUkRLLTMzMjU3ODcyMQswCQYDVQQGEwJESzCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALyJRrV1jHkQtPZ5Yb1BQsVv7CsH2G7xMebZh6o7Opm/Pb2+u8QKnPK2dkPXtFDn4efC6adwMN7EeDulIOC+6S/2yNcUQvD9Nbk40TBX6wqHjcQoMA9a725m1cqQiHPGxlHhQVMRzeJLjpEVnkdush3NCZFfndu48bdtsxM2n6sJgB3wJhvVAb8PdABfZETRcpMVIU8gBEWhMFHZhKlzmZqPUf7OQCtF2Hd1N7F4Qzus/NCP98p9z92h07sVprZD8iwWLlN9GukssDoZTbHpYmeFRE74WnxibQwau8FRFXxHZVSMQ+b3rOPLw0fLL09wDIDcBdJZyK2S/qHWzCfxxNwUCMd5g5aEvXElxiVnNdSBNVz+9phvMz3T66Za64DxFbQ/cfQcCJgSQyGpGpAOEuv2Rl9xxiNHFkoYVTR85bsHPFm6zda7/WSRZbjrhWRsbcTNunu+ucK1STkb0jiupk951zwlGN/HFGPtYP6GEMbaln01Rc7XrQDO7Rc4VKBVlwIDAQABo4IBhjCCAYIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBR/KJ/ZcZlC4nXn1zV2Lk0IJW12XjB7BggrBgEFBQcBAQRvMG0wQwYIKwYBBQUHMAKGN2h0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jYWNlcnQvaXNzdWluZy5jZXIwJgYIKwYBBQUHMAGGGmh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY3NwMCEGA1UdIAQaMBgwCAYGBACPegEBMAwGCiqBUIEpAQEBAwcwOwYIKwYBBQUHAQMELzAtMCsGCCsGAQUFBwsCMB8GBwQAi+xJAQIwFIYSaHR0cHM6Ly91aWQuZ292LmRrMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jcmwvaXNzdWluZy5jcmwwHQYDVR0OBBYEFFNN5GI5Bd91v2k+3gh2tB79kMiJMA4GA1UdDwEB/wQEAwIFoDBBBgkqhkiG9w0BAQowNKAPMA0GCWCGSAFlAwQCAQUAoRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogMCASADggGBAAg7zaoHb0a4EKKoVc2SVcp6/x4Np2CfUmduosmoWxd5SboR2NV93MinTkhJRLPXjTYjETLKLNbmgrDm1oFtnw4rVRdKtpy06D0Zh5hKmR3KDjfXt/+KiHtjqs5fmB8GVo3TxFHGnS4sOmph6l/KG4tOPhMabVWcX7vJQfIBVJMak1QHWzig4ooREvupqefYTpvP13GIG4DsyRabAlR2M3pyvdrSAU899gxASvWI6LBQlEdd4tPodAvdEEb3fHS2pnWmI56Im881jOdVtmmjWMCyPD4kP6SaBUxs7XhqZMwH8X98d5NMwPUYyyKwOVJfPrsWdfhupshcdyn2AWpVLU5GfhdRkmSdLdTKzzJOt7pPH+fS95R5MyV0febSJnSOXgNq7ICdQdiKO/HQ8/zmePRq8Ax/7DGrEA0zXENH2un6AV+7bZtELmNoU+B0MoN/AuSteAxmfTTnc8Xu45rTIXh3Vx1OS3NFggGSBvawlVkE7kWKej3o2sKtfot8a+ILzw==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml:Subject>
<saml:NameID
Format="urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName">
BstSubjectNameTest</saml:NameID>
<saml:SubjectConfirmation
Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key">
<saml:SubjectConfirmationData NotOnOrAfter="2025-06-12T06:06:57Z">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGpTCCBNmgAwIBAgIUYJ0aPJz3wA7sSIY072JLnBOYu/IwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yNTAzMTkxOTE2MDlaFw0yODAzMTgxOTE2MDhaMIGbMRIwEAYDVQQDDAlWT0NFU19IT0sxNzA1BgNVBAUTLlVJOkRLLU86Rzo4YjQ2MTY1Ny1hZjliLTRkN2ItYThhYS0xMDY1YTdjNzUxZGIxJjAkBgNVBAoMHVRlc3RvcmdhbmlzYXRpb24gbnIuIDk0MzU0OTY5MRcwFQYDVQRhDA5OVFJESy05NDM1NDk2OTELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDxyntzZwKVYwyT2LCMuPvfGxGBVdbxVBA1w6OrJfaktgHTOC6/aP4Er/M6Ey0Yk37paf2QNwkX4R9OOpZtikKsnKAgAryy8lNW1/4vHv+m2lguT/lUcjn6Y02CeoA3hTs3wxup4Z/0SbFucMZ2HlyoUKGVgroFHIiDVw0S7zeAlh25IxiO2U1C4aGFNbX25/vcU0SclYWAaWTDNQv3dReIPU/uPjKE87Ng7BbjFqP9sFtL0O0TJhMvDw6uNdSyVYAicmhLQhvMXAn31pfYp284uu+OpSDlZ8XM/V9zBuK+LyOZU8xWIT3Sio5ZBH9i3tHXOaG3SaGpgrNg7figkewo6haRanQm8NmzOBD2rwcYJOf9A07NurRdr3yYdsN9cQjYxJ47ZjN0jNnEHorWMgzMaqBCYqSH59C2Oqt7Isvqpi6vI+wOAHrE3pLdRYAQ5a4hA6gFMnME27vPskC344mEkLAbnfGlFI7WUK4pwtlBhi0R1RHr6WdMghmPBlPBpq0CAwEAAaOCAaYwggGiMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAdBgNVHREEFjAUgRJ0a25Aa3ZhbGl0ZXRzaXQuZGswIgYDVR0gBBswGTAIBgYEAI96AQEwDQYLKoFQgSkBAQEDBwEwOwYIKwYBBQUHAQMELzAtMCsGCCsGAQUFBwsCMB8GBwQAi+xJAQIwFIYSaHR0cHM6Ly91aWQuZ292LmRrMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jcmwvaXNzdWluZy5jcmwwHQYDVR0OBBYEFEazl9U4mkXimPA+0Ev2r0LAuAPdMA4GA1UdDwEB/wQEAwIF4DBBBgkqhkiG9w0BAQowNKAPMA0GCWCGSAFlAwQCAQUAoRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogMCASADggGBALVDzuhJDYcr/DjKuvBLCGYsontwVBB5H4DT4XW9CoVjAwKuJMTrrpQZinKftjHR4Rn+QY5Mz0J/P8PgvXeyZ5FqLa46cCz/msBH+uqDWiH4jq1H0Yc/IYtxTb2jB2GArST905tb+aXoGmE3Gyus1PdmznPhHiGuImiZ5v8JITEdpHdi54Ywjmp9B/DRQ4o7x/oYTfQweq5a1ut0MlFukhdRL5K/wmNjH6FFbAOKWK7QBorKm+I0W2mZcQHUPKzryqM1FvZhWNJ76Kl3dDngRfOPZHpAMPIC0gPe2feC8850l3awYCA3c/hVKquteMPJcb3YQbqNB4z8iV0xZyXNiDxCUyT3ibiPltocEDnMGiVhNurRrOKCMX0l3q2kmWWO8JJn7Mif0avdSaOg+Z378VM6kSF6bdD4swiBZlMz6D3m3HeKKy/QCPWpaRAcAp1/oO0+gxs8UuMKusbxFHAQQ3InSoJhyOt+sv1ZnLKd9Iouvcy5v9yFGVsMsgbtB896ew==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</saml:SubjectConfirmationData>
</saml:SubjectConfirmation>
</saml:Subject>
<saml:Conditions NotBefore="2025-06-12T06:06:47Z"
NotOnOrAfter="2025-06-12T06:06:57Z">
<saml:AudienceRestriction>
<saml:Audience>https://audience.nspop.dk/ehdsi</saml:Audience>
</saml:AudienceRestriction>
</saml:Conditions>
<saml:AttributeStatement>
<saml:Attribute FriendlyName="XSPA Subject"
Name="urn:oasis:names:tc:xspa:1.0:subject:subject-id" NameFormat="">
<saml:AttributeValue xsi:type="xs:string">Alfonso Gonzalez</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="XSPA Role"
Name="urn:oasis:names:tc:xacml:2.0:subject:role">
<saml:AttributeValue>
<Role xmlns="urn:hl7-org:v3" code="2221"
codeSystem="2.16.840.1.113883.2.9.6.2.7"
codeSystemName="ISCO" displayName="Nursing professionals"
xsi:type="CE" />
</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="XSPA Organization Id"
Name="urn:oasis:names:tc:xspa:1.0:subject:organization-id"
NameFormat="">
<saml:AttributeValue xsi:type="xs:string">urn:oid:1.3.6.1.4.1.44938</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="EHDSI Healthcare Facility Type"
Name="urn:ehdsi:names:subject:healthcare-facility-type"
NameFormat="">
<saml:AttributeValue xsi:type="xs:string">Hospital</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="XSPA Purpose of Use"
Name="urn:oasis:names:tc:xspa:1.0:subject:purposeofuse">
<saml:AttributeValue>
<PurposeOfUse xmlns="urn:hl7-org:v3" code="TREATMENT"
codeSystem="urn:oasis:names:tc:xspa:1.0" xsi:type="CE" />
</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="XSPA Locality"
Name="urn:oasis:names:tc:xspa:1.0:environment:locality"
NameFormat="">
<saml:AttributeValue xsi:type="xs:string">Klinik am Berg, 83242 Reit
im Winkl</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="XUA Patient Id"
Name="urn:oasis:names:tc:xacml:2.0:resource:resource-id"
NameFormat="">
<saml:AttributeValue xsi:type="xs:string">
0205756078^^^&1.2.208.176.1.2&ISO</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="IDWS XUA SpecVersion"
Name="urn:dk:healthcare:saml:SpecVersion" NameFormat="">
<saml:AttributeValue xsi:type="xs:string">eHDSI-IDWS-XUA-1.0</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="IDWS XUA IssuancePolicy"
Name="urn:dk:healthcare:saml:IssuancePolicy" NameFormat="">
<saml:AttributeValue xsi:type="xs:string">test-ehdsi-sts-policy</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="EHDSI Country of Treatment"
Name="urn:dk:healthcare:saml:CountryOfTreatment" NameFormat="">
<saml:AttributeValue xsi:type="xs:string">DE</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="NIST AssuranceLevel"
Name="dk:gov:saml:attribute:AssuranceLevel" NameFormat="">
<saml:AttributeValue xsi:type="xs:string">3</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="XSPA permissions"
Name="urn:oasis:names:tc:xspa:1.0:subject:hl7:permission"
NameFormat="">
<saml:AttributeValue xsi:type="xs:string">
urn:oasis:names:tc:xspa:1.0:subject:hl7:permission:PRD-004</saml:AttributeValue>
<saml:AttributeValue xsi:type="xs:string">
urn:oasis:names:tc:xspa:1.0:subject:hl7:permission:PRD-010</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="EHDSI OnBehalfOf"
Name="urn:ehdsi:names:subject:on-behalf-of">
<saml:AttributeValue>
<Role xmlns="urn:hl7-org:v3" code="333"
codeSystem="2.16.840.1.113883.2.9.6.2.7"
codeSystemName="ISCO" displayName="Medical Doctors"
xsi:type="CE" />
</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="XSPA Organization"
Name="urn:oasis:names:tc:xspa:1.0:subject:organization"
NameFormat="">
<saml:AttributeValue xsi:type="xs:string">Charité –
Universitätsmedizin Berlin</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
</saml:Assertion>
</wst:RequestedSecurityToken>
<wsp:AppliesTo>
<wsa:EndpointReference>
<wsa:Address>https://audience.nspop.dk/ehdsi</wsa:Address>
</wsa:EndpointReference>
</wsp:AppliesTo>
<wst:Lifetime>
<wsu:Created>2025-06-12T06:06:47Z</wsu:Created>
<wsu:Expires>2025-06-12T06:06:57Z</wsu:Expires>
</wst:Lifetime>
</wst:RequestSecurityTokenResponse>
</wst:RequestSecurityTokenResponseCollection>
</soapenv:Body>
</soapenv:Envelope> |
[eHDSI IDWS XUA] | eHDSI IDWS XUA Token Profile V.02 https://github.com/Sundhedsdatastyrelsen/epps-bootstrap-poc/wiki/eHDSI-IDWS-XUA-Token-Profile-V.02 |