Basic Audit Log Patterns (BALP)
1.1.3 - Trial-Implementation International flag

This page is part of the IHE Basic Audit Log Patterns (BALP) (v1.1.3: Publication) based on FHIR (HL7® FHIR® Standard) R4. This is the current published version. For a full list of available versions, see the Directory of published versions

Resource Profile: Basic AuditEvent pattern for oAuth Opaque

Official URL: https://profiles.ihe.net/ITI/BALP/StructureDefinition/IHE.BasicAudit.OAUTHaccessTokenUse.Opaque Version: 1.1.3
Active as of 2024-02-14 Computable Name: OAUTHaccessTokenUseOpaque

Used when:

  • only have an opaque oAuth token (e.g. clients).
  • have access to the oAuth token, but want to log minimal details.

  • oUser slice holds fragment of the opaque oAuth token
    • record only the last 32 characters of the oAuth token to limit risk or replay
    • presume 32 characters is enough to coorelate AuditEvent log entries

Usage:

Formal Views of Profile Content

Description of Profiles, Differentials, Snapshots and how the different presentations work.

This structure is derived from AuditEvent

NameFlagsCard.TypeDescription & Constraintsdoco
.. AuditEvent 0..*AuditEventEvent record kept for security purposes
... Slices for agent 1..*BackboneElementActor involved in the event
Slice: Unordered, Open by pattern:type
.... agent:oUser 1..*BackboneElementother elements may be filled in as needed.
..... type 1..1CodeableConceptHow agent participated
Required Pattern: At least the following
...... coding1..*CodingCode defined by a terminology system
Fixed Value: (complex)
....... system1..1uriIdentity of the terminology system
Fixed Value: https://profiles.ihe.net/ITI/BALP/CodeSystem/UserAgentTypes
....... code1..1codeSymbol in syntax defined by the system
Fixed Value: UserOauthAgent
..... requestor 1..1booleanWhether user is initiator
Required Pattern: true
..... policy S1..1urilast 32 characters of the oAuth token.
..... purposeOfUse S0..*CodeableConceptSAML subject:purposeofuse

doco Documentation for this format

 

Other representations of profile: CSV, Excel, Schematron