Endpoint Access Control Mechanism Code System - TTL Representation - National Directory of Healthcare Providers & Services (NDH) Implementation Guide v2.0.0-current

National Directory of Healthcare Providers & Services (NDH) Implementation Guide
2.0.0-current - ci-build United States of America flag
National Directory of Healthcare Providers & Services (NDH) Implementation Guide, published by HL7 International / Patient Administration. This guide is not an authorized publication; it is the continuous build for version 2.0.0-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/fhir-us-ndh/ and changes regularly. See the Directory of published versions
: Endpoint Access Control Mechanism Code System

Page standards status: Trial-use
Maturity Level: 4
Raw ttl | Download

@prefix fhir: <http://hl7.org/fhir/> .
@prefix owl: <http://www.w3.org/2002/07/owl#> .
@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
@prefix xsd: <http://www.w3.org/2001/XMLSchema#> .

# - resource -------------------------------------------------------------------

<http://hl7.org/fhir/CodeSystem/NdhEndpointAccessControlMechanismCS> a fhir:CodeSystem ;
  fhir:nodeRole fhir:treeRoot ;
  fhir:Resource.id [ fhir:value "NdhEndpointAccessControlMechanismCS"] ;
  fhir:Resource.language [ fhir:value "en"] ;
  fhir:DomainResource.text [
     fhir:Narrative.status [ fhir:value "generated" ] ;
     fhir:Narrative.div "<div xmlns=\"http://www.w3.org/1999/xhtml\"><p class=\"res-header-id\"><b>Generated Narrative: CodeSystem NdhEndpointAccessControlMechanismCS</b></p><a name=\"NdhEndpointAccessControlMechanismCS\"> </a><a name=\"hcNdhEndpointAccessControlMechanismCS\"> </a><p>This case-sensitive code system <code>http://hl7.org/fhir/us/ndh/CodeSystem/NdhEndpointAccessControlMechanismCS</code> defines the following codes:</p><table class=\"codes\"><tr><td style=\"white-space:nowrap\"><b>Code</b></td><td><b>Display</b></td><td><b>Definition</b></td></tr><tr><td style=\"white-space:nowrap\">public<a name=\"NdhEndpointAccessControlMechanismCS-public\"> </a></td><td>Public</td><td>Public access without any specific access control.</td></tr><tr><td style=\"white-space:nowrap\">OAuth<a name=\"NdhEndpointAccessControlMechanismCS-OAuth\"> </a></td><td>OAuth</td><td>OAuth (unspecified version see oauth.net).</td></tr><tr><td style=\"white-space:nowrap\">SMART-on-FHIR<a name=\"NdhEndpointAccessControlMechanismCS-SMART-on-FHIR\"> </a></td><td>SMART-on-FHIR</td><td>OAuth2 using SMART-on-FHIR profile (see http://docs.smarthealthit.org/).</td></tr><tr><td style=\"white-space:nowrap\">NTLM<a name=\"NdhEndpointAccessControlMechanismCS-NTLM\"> </a></td><td>NTLM</td><td>Microsoft NTLM Authentication.</td></tr><tr><td style=\"white-space:nowrap\">basic<a name=\"NdhEndpointAccessControlMechanismCS-basic\"> </a></td><td>Basic</td><td>Basic authentication defined in HTTP specification.</td></tr><tr><td style=\"white-space:nowrap\">Kerberos<a name=\"NdhEndpointAccessControlMechanismCS-Kerberos\"> </a></td><td>Kerberos</td><td>see http://www.ietf.org/rfc/rfc4120.txt.</td></tr><tr><td style=\"white-space:nowrap\">Certificates<a name=\"NdhEndpointAccessControlMechanismCS-Certificates\"> </a></td><td>Certificates</td><td>SSL where client must have a certificate registered with the server.</td></tr><tr><td style=\"white-space:nowrap\">opaque-access-token<a name=\"NdhEndpointAccessControlMechanismCS-opaque-access-token\"> </a></td><td>Opaque Access Token</td><td>Uses an opaque token for access control, which is a token whose structure is not visible or meaningful to the client.</td></tr><tr><td style=\"white-space:nowrap\">jwt-access-token<a name=\"NdhEndpointAccessControlMechanismCS-jwt-access-token\"> </a></td><td>JWT Access Token</td><td>Uses a JSON Web Token (JWT) for access control, which is a compact, URL-safe means of representing claims to be transferred between two parties.</td></tr><tr><td style=\"white-space:nowrap\">mutual-tls<a name=\"NdhEndpointAccessControlMechanismCS-mutual-tls\"> </a></td><td>Mutual TLS</td><td>Uses mutual Transport Layer Security (TLS) where both client and server authenticate each other using certificates.</td></tr><tr><td style=\"white-space:nowrap\">wss-saml-token<a name=\"NdhEndpointAccessControlMechanismCS-wss-saml-token\"> </a></td><td>WSS SAML Token</td><td>Uses a Security Assertion Markup Language (SAML) token within the Web Services Security (WSS) framework for access control.</td></tr><tr><td style=\"white-space:nowrap\">wss-username-token<a name=\"NdhEndpointAccessControlMechanismCS-wss-username-token\"> </a></td><td>WSS User Name Token</td><td>Uses a username token within the WSS framework for access control.</td></tr><tr><td style=\"white-space:nowrap\">wss-kerberos-token<a name=\"NdhEndpointAccessControlMechanismCS-wss-kerberos-token\"> </a></td><td>WSS Kerberos Token</td><td>Uses a Kerberos token within the WSS framework for access control.</td></tr><tr><td style=\"white-space:nowrap\">wss-x509-token<a name=\"NdhEndpointAccessControlMechanismCS-wss-x509-token\"> </a></td><td>WSS X509 Token</td><td>Uses an X.509 certificate token within the WSS framework for access control.</td></tr><tr><td style=\"white-space:nowrap\">wss-custom-token<a name=\"NdhEndpointAccessControlMechanismCS-wss-custom-token\"> </a></td><td>WSS Custom Token</td><td>Uses a custom token within the WSS framework for access control.</td></tr></table></div>"
  ] ;
  fhir:DomainResource.extension [
     fhir:index -1 ;
     fhir:Extension.url [ fhir:value "http://hl7.org/fhir/StructureDefinition/structuredefinition-wg" ] ;
     fhir:Extension.valueCode [ fhir:value "pa" ]
  ], [
     fhir:index -1 ;
     fhir:Extension.url [ fhir:value "http://hl7.org/fhir/StructureDefinition/structuredefinition-fmm" ] ;
     fhir:Extension.valueInteger [
       fhir:value "4"^^xsd:integer ;
       fhir:Element.extension [
         fhir:index -1 ;
         fhir:Extension.url [ fhir:value "http://hl7.org/fhir/StructureDefinition/structuredefinition-conformance-derivedFrom" ] ;
         fhir:Extension.valueCanonical [
           fhir:value "http://hl7.org/fhir/us/ndh/ImplementationGuide/hl7.fhir.us.ndh" ;
           fhir:link <http://hl7.org/fhir/us/ndh/ImplementationGuide/hl7.fhir.us.ndh>
         ]
       ]
     ]
  ], [
     fhir:index -1 ;
     fhir:Extension.url [ fhir:value "http://hl7.org/fhir/StructureDefinition/structuredefinition-standards-status" ] ;
     fhir:Extension.valueCode [
       fhir:value "trial-use" ;
       fhir:Element.extension [
         fhir:index -1 ;
         fhir:Extension.url [ fhir:value "http://hl7.org/fhir/StructureDefinition/structuredefinition-conformance-derivedFrom" ] ;
         fhir:Extension.valueCanonical [
           fhir:value "http://hl7.org/fhir/us/ndh/ImplementationGuide/hl7.fhir.us.ndh" ;
           fhir:link <http://hl7.org/fhir/us/ndh/ImplementationGuide/hl7.fhir.us.ndh>
         ]
       ]
     ]
  ] ;
  fhir:CodeSystem.url [ fhir:value "http://hl7.org/fhir/us/ndh/CodeSystem/NdhEndpointAccessControlMechanismCS"] ;
  fhir:CodeSystem.identifier [
     fhir:index -1 ;
     fhir:Identifier.system [ fhir:value "urn:ietf:rfc:3986" ] ;
     fhir:Identifier.value [ fhir:value "urn:oid:2.999.1.2.3.4.16.8" ]
  ] ;
  fhir:CodeSystem.version [ fhir:value "2.0.0-current"] ;
  fhir:CodeSystem.name [ fhir:value "NdhEndpointAccessControlMechanismCS"] ;
  fhir:CodeSystem.title [ fhir:value "Endpoint Access Control Mechanism Code System"] ;
  fhir:CodeSystem.status [ fhir:value "active"] ;
  fhir:CodeSystem.experimental [ fhir:value "false"^^xsd:boolean] ;
  fhir:CodeSystem.date [ fhir:value "2026-06-25T23:39:34+00:00"^^xsd:dateTime] ;
  fhir:CodeSystem.publisher [ fhir:value "HL7 International / Patient Administration"] ;
  fhir:CodeSystem.contact [
     fhir:index -1 ;
     fhir:ContactDetail.name [ fhir:value "HL7 International / Patient Administration" ] ;
     fhir:ContactDetail.telecom [
       fhir:index -1 ;
       fhir:ContactPoint.system [ fhir:value "url" ] ;
       fhir:ContactPoint.value [ fhir:value "http://www.hl7.org/Special/committees/pafm" ]
     ], [
       fhir:index -1 ;
       fhir:ContactPoint.system [ fhir:value "email" ] ;
       fhir:ContactPoint.value [ fhir:value "pafm@lists.hl7.org" ]
     ]
  ] ;
  fhir:CodeSystem.description [ fhir:value "This code system defines endpoint access-control mechanism concepts for NDH exchange, enabling consistent declaration of authentication and authorization approaches used to protect endpoint access."] ;
  fhir:CodeSystem.jurisdiction [
     fhir:index -1 ;
     fhir:CodeableConcept.coding [
       fhir:index -1 ;
       fhir:Coding.system [ fhir:value "urn:iso:std:iso:3166" ] ;
       fhir:Coding.code [ fhir:value "US" ] ;
       fhir:Coding.display [ fhir:value "United States of America" ]
     ]
  ] ;
  fhir:CodeSystem.caseSensitive [ fhir:value "true"^^xsd:boolean] ;
  fhir:CodeSystem.content [ fhir:value "complete"] ;
  fhir:CodeSystem.count [ fhir:value "15"^^xsd:nonNegativeInteger] ;
  fhir:CodeSystem.concept [
     fhir:index -1 ;
     fhir:CodeSystem.concept.code [ fhir:value "public" ] ;
     fhir:CodeSystem.concept.display [ fhir:value "Public" ] ;
     fhir:CodeSystem.concept.definition [ fhir:value "Public access without any specific access control." ]
  ], [
     fhir:index -1 ;
     fhir:CodeSystem.concept.code [ fhir:value "OAuth" ] ;
     fhir:CodeSystem.concept.display [ fhir:value "OAuth" ] ;
     fhir:CodeSystem.concept.definition [ fhir:value "OAuth (unspecified version see oauth.net)." ]
  ], [
     fhir:index -1 ;
     fhir:CodeSystem.concept.code [ fhir:value "SMART-on-FHIR" ] ;
     fhir:CodeSystem.concept.display [ fhir:value "SMART-on-FHIR" ] ;
     fhir:CodeSystem.concept.definition [ fhir:value "OAuth2 using SMART-on-FHIR profile (see http://docs.smarthealthit.org/)." ]
  ], [
     fhir:index -1 ;
     fhir:CodeSystem.concept.code [ fhir:value "NTLM" ] ;
     fhir:CodeSystem.concept.display [ fhir:value "NTLM" ] ;
     fhir:CodeSystem.concept.definition [ fhir:value "Microsoft NTLM Authentication." ]
  ], [
     fhir:index -1 ;
     fhir:CodeSystem.concept.code [ fhir:value "basic" ] ;
     fhir:CodeSystem.concept.display [ fhir:value "Basic" ] ;
     fhir:CodeSystem.concept.definition [ fhir:value "Basic authentication defined in HTTP specification." ]
  ], [
     fhir:index -1 ;
     fhir:CodeSystem.concept.code [ fhir:value "Kerberos" ] ;
     fhir:CodeSystem.concept.display [ fhir:value "Kerberos" ] ;
     fhir:CodeSystem.concept.definition [ fhir:value "see http://www.ietf.org/rfc/rfc4120.txt." ]
  ], [
     fhir:index -1 ;
     fhir:CodeSystem.concept.code [ fhir:value "Certificates" ] ;
     fhir:CodeSystem.concept.display [ fhir:value "Certificates" ] ;
     fhir:CodeSystem.concept.definition [ fhir:value "SSL where client must have a certificate registered with the server." ]
  ], [
     fhir:index -1 ;
     fhir:CodeSystem.concept.code [ fhir:value "opaque-access-token" ] ;
     fhir:CodeSystem.concept.display [ fhir:value "Opaque Access Token" ] ;
     fhir:CodeSystem.concept.definition [ fhir:value "Uses an opaque token for access control, which is a token whose structure is not visible or meaningful to the client." ]
  ], [
     fhir:index -1 ;
     fhir:CodeSystem.concept.code [ fhir:value "jwt-access-token" ] ;
     fhir:CodeSystem.concept.display [ fhir:value "JWT Access Token" ] ;
     fhir:CodeSystem.concept.definition [ fhir:value "Uses a JSON Web Token (JWT) for access control, which is a compact, URL-safe means of representing claims to be transferred between two parties." ]
  ], [
     fhir:index -1 ;
     fhir:CodeSystem.concept.code [ fhir:value "mutual-tls" ] ;
     fhir:CodeSystem.concept.display [ fhir:value "Mutual TLS" ] ;
     fhir:CodeSystem.concept.definition [ fhir:value "Uses mutual Transport Layer Security (TLS) where both client and server authenticate each other using certificates." ]
  ], [
     fhir:index -1 ;
     fhir:CodeSystem.concept.code [ fhir:value "wss-saml-token" ] ;
     fhir:CodeSystem.concept.display [ fhir:value "WSS SAML Token" ] ;
     fhir:CodeSystem.concept.definition [ fhir:value "Uses a Security Assertion Markup Language (SAML) token within the Web Services Security (WSS) framework for access control." ]
  ], [
     fhir:index -1 ;
     fhir:CodeSystem.concept.code [ fhir:value "wss-username-token" ] ;
     fhir:CodeSystem.concept.display [ fhir:value "WSS User Name Token" ] ;
     fhir:CodeSystem.concept.definition [ fhir:value "Uses a username token within the WSS framework for access control." ]
  ], [
     fhir:index -1 ;
     fhir:CodeSystem.concept.code [ fhir:value "wss-kerberos-token" ] ;
     fhir:CodeSystem.concept.display [ fhir:value "WSS Kerberos Token" ] ;
     fhir:CodeSystem.concept.definition [ fhir:value "Uses a Kerberos token within the WSS framework for access control." ]
  ], [
     fhir:index -1 ;
     fhir:CodeSystem.concept.code [ fhir:value "wss-x509-token" ] ;
     fhir:CodeSystem.concept.display [ fhir:value "WSS X509 Token" ] ;
     fhir:CodeSystem.concept.definition [ fhir:value "Uses an X.509 certificate token within the WSS framework for access control." ]
  ], [
     fhir:index -1 ;
     fhir:CodeSystem.concept.code [ fhir:value "wss-custom-token" ] ;
     fhir:CodeSystem.concept.display [ fhir:value "WSS Custom Token" ] ;
     fhir:CodeSystem.concept.definition [ fhir:value "Uses a custom token within the WSS framework for access control." ]
  ] .

# - ontology header ------------------------------------------------------------

<http://hl7.org/fhir/CodeSystem/NdhEndpointAccessControlMechanismCS.ttl> a owl:Ontology ;
  owl:imports fhir:fhir.ttl ;
  owl:versionIRI <http://build.fhir.org/CodeSystem/NdhEndpointAccessControlMechanismCS.ttl> .
< prev
top
next >
IG © 2023+ HL7 International / Patient Administration. Package hl7.fhir.us.ndh#2.0.0-current based on FHIR 4.0.1. Generated 2026-06-25
Links: Table of Contents | QA Report | Version History | | Propose a change