<status value="active"/> <experimental value="false"/> <date value="2020-12-28T16:55:11+11:00"/> <publisher value="HL7 (FHIR Project)"/> <contact> <telecom> <system value="url"/> <value value="http://hl7.org/fhir"/> </telecom> <telecom> <system value="email"/> <value value="fhir@lists.hl7.org"/> </telecom> </contact> <description value="Types of security services used with FHIR."/> <jurisdiction> <coding> <system value="http://unstats.un.org/unsd/methods/m49/m49.htm"/> <code value="001"/> <display value="World"/> </coding> </jurisdiction> <caseSensitive value="true"/> <valueSet value="http://hl7.org/fhir/ValueSet/restful-security-service"/> <content value="complete"/> <concept> <code value="OAuth"/> <display value="OAuth"/> <definition value="OAuth (unspecified version see oauth.net)."/> </concept> <concept> <code value="SMART-on-FHIR"/> <display value="SMART-on-FHIR"/> <definition value="OAuth2 using SMART-on-FHIR profile (see http://docs.smarthealthit.org/)."/> </concept> <concept> <code value="NTLM"/> <display value="NTLM"/> <definition value="Microsoft NTLM Authentication."/> </concept> <concept> <code value="Basic"/> <display value="Basic"/> <definition value="Basic authentication defined in HTTP specification."/> </concept> <concept> <code value="Kerberos"/> <display value="Kerberos"/> <definition value="see http://www.ietf.org/rfc/rfc4120.txt."/> </concept> <concept> <code value="Certificates"/> <display value="Certificates"/> <definition value="SSL where client must have a certificate registered with the server."/> </concept> </CodeSystem>

This code system http://hl7.org/fhir/restful-security-service defines the following codes:

Code	Definition
OAuth	OAuth (unspecified version see oauth.net).
SMART-on-FHIR	OAuth2 using SMART-on-FHIR profile (see http://docs.smarthealthit.org/).
NTLM	Microsoft NTLM Authentication.
Basic	Basic authentication defined in HTTP specification.
Kerberos	see http://www.ietf.org/rfc/rfc4120.txt.
Certificates	SSL where client must have a certificate registered with the server.