{ "resourceType" : "CodeSystem", "id" : "NdhEndpointAccessControlMechanismCS", "text" : { "status" : "generated", "div" : "

Generated Narrative: CodeSystem NdhEndpointAccessControlMechanismCS

This case-sensitive code system http://hl7.org/fhir/us/ndh/CodeSystem/NdhEndpointAccessControlMechanismCS defines the following codes:

CodeDisplayDefinition
public PublicPublic access without any specific access control.
OAuth OAuthOAuth (unspecified version see oauth.net).
SMART-on-FHIR SMART-on-FHIROAuth2 using SMART-on-FHIR profile (see http://docs.smarthealthit.org/).
NTLM NTLMMicrosoft NTLM Authentication.
basic BasicBasic authentication defined in HTTP specification.
Kerberos Kerberossee http://www.ietf.org/rfc/rfc4120.txt.
Certificates CertificatesSSL where client must have a certificate registered with the server.
opaque-access-token Opaque Access TokenUses an opaque token for access control, which is a token whose structure is not visible or meaningful to the client.
jwt-access-token JWT Access TokenUses a JSON Web Token (JWT) for access control, which is a compact, URL-safe means of representing claims to be transferred between two parties.
mutual-tls Mutual TLSUses mutual Transport Layer Security (TLS) where both client and server authenticate each other using certificates.
wss-saml-token WSS SAML TokenUses a Security Assertion Markup Language (SAML) token within the Web Services Security (WSS) framework for access control.
wss-username-token WSS User Name TokenUses a username token within the WSS framework for access control.
wss-kerberos-token WSS Kerberos TokenUses a Kerberos token within the WSS framework for access control.
wss-x509-token WSS X509 TokenUses an X.509 certificate token within the WSS framework for access control.
wss-custom-token WSS Custom TokenUses a custom token within the WSS framework for access control.
" }, "extension" : [{ "url" : "http://hl7.org/fhir/StructureDefinition/structuredefinition-wg", "valueCode" : "pa" }, { "url" : "http://hl7.org/fhir/StructureDefinition/structuredefinition-fmm", "valueInteger" : 4, "_valueInteger" : { "extension" : [{ "url" : "http://hl7.org/fhir/StructureDefinition/structuredefinition-conformance-derivedFrom", "valueCanonical" : "http://hl7.org/fhir/us/ndh/ImplementationGuide/hl7.fhir.us.ndh" }] } }, { "url" : "http://hl7.org/fhir/StructureDefinition/structuredefinition-standards-status", "valueCode" : "trial-use", "_valueCode" : { "extension" : [{ "url" : "http://hl7.org/fhir/StructureDefinition/structuredefinition-conformance-derivedFrom", "valueCanonical" : "http://hl7.org/fhir/us/ndh/ImplementationGuide/hl7.fhir.us.ndh" }] } }], "url" : "http://hl7.org/fhir/us/ndh/CodeSystem/NdhEndpointAccessControlMechanismCS", "version" : "2.0.0-current", "name" : "NdhEndpointAccessControlMechanismCS", "title" : "Endpoint Access Control Mechanism Code System", "status" : "active", "experimental" : false, "date" : "2026-03-30T14:03:58+00:00", "publisher" : "HL7 International / Patient Administration", "contact" : [{ "name" : "HL7 International / Patient Administration", "telecom" : [{ "system" : "url", "value" : "http://www.hl7.org/Special/committees/pafm" }, { "system" : "email", "value" : "pafm@lists.hl7.org" }] }], "description" : "Endpoint Access Control Mechanism", "jurisdiction" : [{ "coding" : [{ "system" : "urn:iso:std:iso:3166", "code" : "US", "display" : "United States of America" }] }], "caseSensitive" : true, "content" : "complete", "count" : 15, "concept" : [{ "code" : "public", "display" : "Public", "definition" : "Public access without any specific access control." }, { "code" : "OAuth", "display" : "OAuth", "definition" : "OAuth (unspecified version see oauth.net)." }, { "code" : "SMART-on-FHIR", "display" : "SMART-on-FHIR", "definition" : "OAuth2 using SMART-on-FHIR profile (see http://docs.smarthealthit.org/)." }, { "code" : "NTLM", "display" : "NTLM", "definition" : "Microsoft NTLM Authentication." }, { "code" : "basic", "display" : "Basic", "definition" : "Basic authentication defined in HTTP specification." }, { "code" : "Kerberos", "display" : "Kerberos", "definition" : "see http://www.ietf.org/rfc/rfc4120.txt." }, { "code" : "Certificates", "display" : "Certificates", "definition" : "SSL where client must have a certificate registered with the server." }, { "code" : "opaque-access-token", "display" : "Opaque Access Token", "definition" : "Uses an opaque token for access control, which is a token whose structure is not visible or meaningful to the client." }, { "code" : "jwt-access-token", "display" : "JWT Access Token", "definition" : "Uses a JSON Web Token (JWT) for access control, which is a compact, URL-safe means of representing claims to be transferred between two parties." }, { "code" : "mutual-tls", "display" : "Mutual TLS", "definition" : "Uses mutual Transport Layer Security (TLS) where both client and server authenticate each other using certificates." }, { "code" : "wss-saml-token", "display" : "WSS SAML Token", "definition" : "Uses a Security Assertion Markup Language (SAML) token within the Web Services Security (WSS) framework for access control." }, { "code" : "wss-username-token", "display" : "WSS User Name Token", "definition" : "Uses a username token within the WSS framework for access control." }, { "code" : "wss-kerberos-token", "display" : "WSS Kerberos Token", "definition" : "Uses a Kerberos token within the WSS framework for access control." }, { "code" : "wss-x509-token", "display" : "WSS X509 Token", "definition" : "Uses an X.509 certificate token within the WSS framework for access control." }, { "code" : "wss-custom-token", "display" : "WSS Custom Token", "definition" : "Uses a custom token within the WSS framework for access control." }] }