Adding a New Identity Domain

Adding a new Identity Domain to the system can be done by following the steps in this guide

1

Navigate to the Create Identity Domain View

  • Navigate to the Reference Data -> Identity Domains view

  • Click on the Create button in the Table Controls

After, you should be redirected to the Create Identity Domain Form

2

Register the General Properties of the Identity Domain

Locate the Identity Domain Properties Panel

Define a Namespace ID

Enter the Namespace ID into the Namespace ID input

Namespace ID

This is specialized ID of the Identity Domain.

Use of Namespace ID

The namespace identifier is used in the HDSI and HL7v2 to identify the identifiers. These must be unique in the system.

Format

The Namespace ID must only contain

  • 🔠letters (A to Z and a to z),

  • 🔢numbers(0 to 9), and

  • 🔣some special characters (-, _)

💼Examples

  • GS1 Global Trade Identification Number (GTIN)1.3.160

  • ISO-3166 Country Identifiers1.0.3166.1.2.3

  • LMIS Item Code ID1.3.6.1.4.1.52820.5.4.4.2

Define Universal ID

Enter the Universal ID into the Universal ID input

Universal ID

This is Universal ID of the Identity Domain that most systems will share.

Use of Universal ID

The object identifier of the identity domain is used by HL7v3 messages and HL7v2 messages to tag an identifier with the identity domain to which the identity domain belongs.

Format

The Universal ID must only contain numbers(0 to 9) and decimals (.)

These should be:

  • An IANA Private Enterprise Number

  • An HL7 Registered Assigning Authority

  • A UUID in format 2.25.XXXX

💼Examples

  • GS1 Global Trade Identification Number (GTIN)1.3.160

  • ISO-3166 Country Identifiers1.0.3166.1.2.3

  • LMIS Item Code ID1.3.6.1.4.1.52820.5.4.4.2

Define a URL

Enter the URL into the URL input

URL

This is the URL for this Identity Domain.

Use of URL

URLs are used by FHIR for correlating the Identity Domain with the identifier when FHIR Messages are received

Format

The formula for a URL<protocol>+ <hostname> + <path> + <query> + <fragment>, can be broken down into the following:

  • — protocol used to communicate with endpoint https://

  • — domain name example.com

  • — path to a resource /page

  • — ⭐(Optional) query parameters ?id=123

  • — ⭐(Optional) a fragment or anchor #section

Define a Display Name

Enter the Name into the Name input

Name

This is the display, or the human readable name of the Identity Domain

Format

The Name can contain the following:

  • 🔠letters (A to Z and a to z),

  • 🔢numbers(0 to 9), and

  • 🔣any special characters (-, _, etc..)

⭐(Optional) Define a Classification

Select the Classification in the Classification select input

Classification

This is the general classification which identifiers assigned to this Identity Domain carry, or regard.

You may only specify 0 or 1 Classification for 1 Identity Domain

3

Define Validation for the Identity Domain

Locate the Validation Panel

⭐(Optional) Define a Regular Expression for Validating the Identity Domain

Enter the Regular Expression into the Validation Regex input

Regular Expression

This is a value used to validate values carried out through this Identity Domain.

Use of Regular Expression

Use this field to specify the format of the identifier (the pattern that conformant identifiers need to have)

💼Example

  • ^\d{12,14}$ — starts and ends with only 12 to 14 numbers/digits (e.g. 123456789000, 1234567890000, 12345678900000)

🔣Format/Syntax for Regular Expressions

Format

The format for the Regular Expression input is simple if you are familiar with regular expression in other software interfaces.

Syntax

Here is a few syntax examples to get you started:

Positioning

  • match for start or end of a string

    • ^ — start of a line or string

      • This must be used at the beginning of the regular expression to work

    • $ — end of a line or string

      • This must be used at the end of the regular expression to work

Characters

  • common characters:

    • \d — digit (0-9)

    • \w — word character (letters, digits, or underscores)

    • \s — all whitespace characters (e.g. any of these characters [ \t\r\n\f\v])

    • \S — all non-whitespace characters (e.g. anything but these characters [^ \t\r\n\f\v])

    • \t — tab character

Sets

  • character sets:

    • [A-Z] — all capital letters

    • [a-z] — all lowercase letters

    • [0-9] — all digits

Ranges

  • exact or range of characters from a set or one individual character

    • + — (i.e. 1 or more)

    • * — (i.e. 0 or more)

    • ? — (i.e. 0 or 1)

    • {<start>,<end>} — min and max of character or set

      • {1,} — 1 to infinity

      • {2,4} — 2 to 4

      • {,5} — 0 to 5

⭐(Optional) Define the Check Digit Format when Validating

Select the Check Digit Format from the Check Digit Type select input

Check Digit Type

If the identifier uses a separate check digit in the check digit field (or required generation), select the check digit algorithm to be used

Available Options

  • None

  • ISO/IEC-7064 MOD-97,10

  • Custom MOD-97 Based Algorithm

⭐(Optional) Define a Custom Format Validation

Select the Custom Format Validation from the Custom Format Validator select input

Custom Format Validator

If the identifiers in this identity domain have a specialized format (for example, check digits or computational generation) select the implementation of the validation here.

Available Options

  • None

  • ISO/IEC-7064 MOD-97,10

  • Custom MOD-97 Based Algorithm

⭐(Optional) Flag an Identity Domain's Validation as Unique

Check the Unique checkbox input if this is considered a Unique validation

4

Define Authority and Scope for an Identity Domain

Locate the Authentication and Scope Panel

⭐(Optional) Define a Scope for the Identity Domain

Search and select any valid Scopes in the Scopes search input

Scope

Scope is the entity this Identity Domain is regarding

💼Examples

  • 💊Material

  • ©️💊Manufactured Material

  • etc...

⭐(Optional) Define a Disclosure Policy for the Identity Domain

Select a desired Disclosure Policy in the Disclosure Policy select input

Disclosure Policy

Disclosure Policy regards the Policy that this Authority has with the system.

This is similar to Policies that are applied with Devices, Applications, Groups, etc...

💼Examples

  • Alter Role Policy

  • OAUTH Policies

  • Clinical Data Policies

5

⭐(Optional) Register a Assigning Authority

Locate the Assigning Authority Panel

Select a Registered Application

Select a desired Application in the Application select input

Application

  • Whenever an identifier in this domain is registered from this application — it can be flagged as authoritative or informative.

  • ‼️You may restrict the ability of non-authoritative applications from issuing new identifiers — which will result in a data quality warning

Flag as an Authoritative Source

⭐(Optional) Check the Authoritative Source checkbox if you consider this to be an Authoritative Source

Authoritative Source

This checkbox indicates if the flag is authoritative or informative

6

⭐(Optional) Add Additional Assigning Authorities

Add more Assigning Authority Applications by clicking the Add button and repeating the last step until you have all possible Applications accounted for

7

Register the Identity Domain in the System

Finally, click the Save button at the bottom of the form to Save the new Identity Domain

PreviousSearching and Viewing Identity DomainsNextEditing an Identity Domain

Last updated