Skip to main content

Authentication and multi tenancy

Authentication

All authentication between Spreekuur.nl and the XIS is done using OAuth 2.0 specification.

Authentication from Spreekuur.nl to XIS

Almost all authentication (with some exceptions) from Spreekuur.nl to the XIS is done using OAuth Token Exchange.

Authentication from Spreekuur.nl to XIS without currently logged in patient

In some cases, Spreekuur.nl needs to access the XIS API without a currently logged in patient. In this case, Spreekuur.nl will use the OAuth Client Credentials Grant specification.

Authentication from XIS to Spreekuur.nl

The XIS must authenticate to Spreekuur.nl using the OAuth 2.0 Client Credentials Grant specification.

Authorization server / Identity Provider

Topicus.Healthcare can provide an authorization server that can be used for all authentication / authorization. It is also possible to use an authorization server provided by the XIS provider.

Multi tenancy

Spreekuur.nl is a multi-tenant application. This means that multiple organizations can use the same application, but each organization has its own data and settings.

To distinguish between different organizations, all API requests from Spreekuur.nl to XIS and vice versa must include the organisation AGB code in the organisation_agb header.