Pre-requisites
The users would have to exists in RDCP. Have being previously on boarded by a separate process (e.g. EMR) as we'd only allow SSO to existing users in or RDCP platform.
Configuration details from Hospital Identity Provider (IdP)
To establish connection between Roche and Hospital Identity Provider (IdP) the following configuration need to be provided by IdP:
Certificate: Public certificate from the IdP to validate a later XML (SAML) signature. The certificate is stored on Roche side and used when a SAML Response arrives. Basically, the Roche needs a way to verify a later message from HCC that says, “Hey, Nike here. We’ve logged John in on our side, and we say he can use HCP Portal now.”
IdP Login & Logout URL: This is the endpoint on the IdP side where Roche redirects the User and sends along a SAML request that asks for the user in question to be authenticated.
Configuration details from Roche
To establish connection between Roche and Hospital Identity Provider (IdP) the following configuration need to be provided by Roche:
- ACS Endpoint (Assertion Consumer Service URL)
This is often referred to simply as the Service Provider Login URL. This is the endpoint provided by Roche where the IdP can send a POST request with a SAML Response that is the proof that the user is authenticated.
- Roche SSO URL
URL that the user would have to follow to initiate the SSO flow:
https://[Domain]/sso/login/sp?apiKey=[SSO_apiKey]&idp=[IdP_Name]
Parameters:
| Key | Value | Description |
|---|---|---|
| [Domain] | sso-demo1.rochedc.eu or access.rochedc.eu for production | DNS |
| [SSO_apiKey] | Example: C4rOvU_xM_O2hSS9rqaGxCa8c4YqU | The SSO apiKey provided to you |
| [IdP_Name] | Example: hcc001-idp | The IdP code assigned to you |
Patient view
To directly access a particular Patient data you may do so by adding an additional ‘next’ param to your SSO URL.
https://[Domain]/sso/login/sp?apiKey=[SSO_apiKey]&idp=[IdP_Name]&next=/patients/bg/[Your_patient_ID]?type=external
Next parameter:
| Key | Value | Description |
|---|---|---|
| [Your_patient_ID] | Example: 2352886 | The patient ID in your system |
SSO URL Example: