Validation result

Information

File Name
SAMLXUA.xml
OID :
1.3.6.1.4.1.12559.11.25.1.1359250
Schematron :
N/A (Version 6.3.0)
Schematron Validation Result :
N/A
Validation Date :
3/9/23 3:13:31 PM (CET GMT+0100)
Model Based Validator :
CH - IHE - ITI - XUA (Version 6.3.0) (Tool Version N/A)
Model Based Validation Result :
PASSED
Signature Validation Result :
FAILED
Permanent link :
https://ehealthsuisse.ihe-europe.net/EVSClient/detailedResult.seam?type=SAML&oid=1.3.6.1.4.1.12559.11.25.1.1359250
Data Visibility :
Public

Validation Results

$type Validation Report

Well-formednessPASSED

The document you have validated is supposed to be a well-formed document. The validator has checked if it is well-formed, results of this validation are gathered in this section.
The document is well-formed

Schema Validation detailed ResultPASSED

Your document has been validated with the appropriate schema, here is the detail of the validation outcome.
The document is valid regarding the schema

Gazelle Objects Checker validator resultsPASSED

Summary of checks
1
25
Test
consNPII - 1
Location
/Assertion/AttributeStatement[0]
Description
The SAML assertion sent by the X-Service User may contain an <AttributeStatement> element with a National Provider Identifier (NPI) attribute (ITI TF Vol2b, 3.40.4.1.2)[ Assertion... ]
Test
ch_xua_031_SubjetNameIDR - 1
Location
/Assertion
Description
In the Heathcare Professional Extension, the Assistant Extension and the Technical User Extension, The <NameID> child element of the <Subject> element MUST contain the GLN of the subject (responsible healthcare professional) with name qualifier attribute set to urn:gs1:gln.[ Assertion... ]
Test
ch_xua_032_OrganizationR - 2
Location
/Assertion
Description
In the Heathcare Professional Extension, the Assistant Extension and the Technical User Extension, The organization attribute ( urn:oasis:names:tc:xspa:1.0:subject:organization ) of the <AttributeStatement> MUST convey the name of the organizations or groups the subject is a member of.[ Assertion... ]
Test
ch_xua_033_OrganizationIdR - 3
Location
/Assertion
Description
In the Heathcare Professional Extension, the Assistant Extension and the Technical User Extension, The organization ID attribute ( urn:oasis:names:tc:xspa:1.0:subject:organization-id ) MUST convey the identifiers of the organizations or groups the subject is assigned to. The identifiers MUST be OID in the format of URN as registered in the healthcare provider directory.[ Assertion... ]
Test
ch_xua_034_SubjectConfNameIDR - 4
Location
/Assertion
Description
The <SubjectConfirmation> element MUST contain a <NameID> child element. The <NameID> element must convey the GLN of the assistant with name qualifier name qualifier attribute set to urn:gs1:gln (Assistant Extension) or the unique ID the technical user is registered within the community and NameQualifier urn:e-health-suisse:technical-user-id (Technical User Extension)[ Assertion... ]
Test
ch_xua_098_PurposeOfUseR - 5
Location
/Assertion
Description
The purpose of use attribute ( urn:oasis:names:tc:xspa:1.0:subject:purposeofuse ) of the <AttributeStatement> MUST be either code NORM or EMER from code system 2.16.756.5.30.1.127.3.10.5 of the CH:EPR value set.[ Assertion... ]
Test
ch_xua_002_SubjectIDR - 6
Location
/Assertion
Description
There MUST be one <Attribute> element with the name attribute urn:oasis:names:tc:xspa:1.0:subject:subject-id . The <AttributeValue> child element MUST convey the subject’s real world name as plain text as defined by IHE XUA in all extensions.[ Assertion... ]
Test
ch_xua_005_RoleR - 7
Location
/Assertion
Description
The User Assertion MUST contain the attribute: /AttributeStatement/Attribute[@name=”urn:oasis:names:tc:xacml:2.0:subject:role”]. The AttributeValue MUST be PAT, HCP, DADM, PADM or REP for Representative[ Assertion... ]
Test
ch_xua_006_ResourceIDR - 8
Location
/Assertion
Description
The User Assertion MUST contain the attribute: /AttributeStatement/Attribute[@name=”urn:oasis:names:tc:xacml:2.0:resource:resource-id”].[ Assertion... ]
Test
ch_xua_007_PurposeOfUseR - 9
Location
/Assertion
Description
The User Assertion MUST contain the attribute: /AttributeStatement/Attribute[@name=”urn:oasis:names:tc:xspa:1.0:subject:purposeofuse”].[ Assertion... ]
Test
ch_xua_008_ResourceID_EPR_SPIDR - 10
Location
/Assertion
Description
The AttributeValue for ResourceID MUST be the EPR-PID of the patient, to which the transaction refers[ Assertion... ]
Test
ch_xua_099_homeCommunityIDR - 11
Location
/Assertion
Description
There MUST be one <Attribute> element with the name attribute: urn:ihe:iti:xca:2010:homeCommunityId . The <AttributeValue> child element MUST convey the value of the Home Community ID (an Object Identifier) assigned to the Community that is initiating the request, using the urn format (that is, “urn:oid:” appended with the OID).
Test
consAttrStatementR - 12
Location
/Assertion
Description
The Assertion may contain other statements (e.g. Attributes) (ITI TF 3.40.4.1.2)[ Assertion... ]
Test
consAuthnStatementR - 13
Location
/Assertion
Description
Assertion SHALL contain AuthnStatement with AuthnContextClassRef or AuthnContextDeclRef (ITI TF Vol2b, 3.40.4.1.2)[ Assertion... ]
Test
conssubjectR - 14
Location
/Assertion
Description
Assertion SHALL have a Subject (ITI TF Vol2b, 3.40.4.1.2)[ Assertion... ]
Test
conssubjconfR - 15
Location
/Assertion/Subject
Description
Subject SHALL have SubjectConfirmation element (ITI TF Vol2b, 3.40.4.1.2)[ Assertion... ]
Test
consAudienceRestR - 16
Location
/Assertion/Conditions
Description
Conditions SHALL contain an AudienceRestriction containing an Audience (ITI TF Vol2b, 3.40.4.1.2)[ Assertion... ]
Test
consOneTimeUseR - 17
Location
/Assertion/Conditions
Description
An X-Service User may ignore a OneTimeUse condition. (ITI TF Vol2b, 3.40.4.1.2)[ Assertion... ]
Test
consProxyRestrictionR - 18
Location
/Assertion/Conditions
Description
An X-Service User may ignore a ProxyRestriction condition. (ITI TF Vol2b, 3.40.4.1.2)[ Assertion... ]
Test
consnotbeforeR - 19
Location
/Assertion/Conditions
Description
NotBefore attribute SHALL be populated (ITI TF Vol2b, 3.40.4.1.2)[ Assertion... ]
Test
consHomeCommunityIdR - 20
Location
/Assertion/AttributeStatement[0]
Description
The SAML assertion sent by the X-Service User may contain an <AttributeStatement> element with a Home Community ID attribute (ITI TF Vol2b, 3.40.4.1.2).[ Assertion... ]
Test
consOrganizationIDR - 21
Location
/Assertion/AttributeStatement[0]
Description
The SAML assertion sent by the X-Service User may contain an <AttributeStatement> element with a Organization ID attribute (ITI TF Vol2b, 3.40.4.1.2).[ Assertion... ]
Test
consSubjectIdR - 22
Location
/Assertion/AttributeStatement[0]
Description
The SAML assertion sent by the X-Service User may contain an <AttributeStatement> element with a Subject ID attribute. (ITI TF Vol2b, 3.40.4.1.2)[ Assertion... ]
Test
consSubjectOrganizationR - 23
Location
/Assertion/AttributeStatement[0]
Description
The SAML assertion sent by the X-Service User may contain an <AttributeStatement> element with an Subject Organization attribute (ITI TF Vol2b, 3.40.4.1.2).[ Assertion... ]
Test
consvalR - 24
Location
/Assertion/AttributeStatement[0]/Attribute[1]
Description
The value of the patient identifier shall have a CX Syntax (ITI TF Vol2b, 3.40.4.1.2.2.1)[ Assertion... ]
Test
consValueOIDR - 25
Location
/Assertion/AttributeStatement[0]/Attribute[6]
Description
The value shall be the Home Community ID (an Object Identifier) assigned to the Community that is initiating the request, using the urn format (that is, urn:oid appended with the OID). (ITI TF Vol2b,, 3.40.4.1.2) (ITI TF Vol2b,[ Assertion... ]
$type Validation Report

Schema Validation detailed ResultPASSED

Your document has been validated with the appropriate schema, here is the detail of the validation outcome.
The document is valid regarding the schema

Gazelle Objects Checker validator resultsFAILED

Summary of checks
3
7
2
Location
//ds:Signature[0]/ds:SignedInfo/ds:Reference[0]
Description
Verification of reference failed
Location
//ds:Signature[0]/ds:SignatureValue
Description
The signature value is invalid
Location
//ds:Signature[0]/ds:SignedInfo/ds:Reference[0]/ds:DigestValue
Description
The declared digest does not match the actual calculated digest
Test
Certificate valid fromI - 1
Location
//ds:Signature[0]/ds:KeyInfo/ds:X509Data/ds:X509Certificate
Description
2022-08-03 16:57:51 +0200
Test
Certificate valid untilI - 2
Location
//ds:Signature[0]/ds:KeyInfo/ds:X509Data/ds:X509Certificate
Description
2023-08-03 17:07:00 +0200
Test
Issuer DNI - 3
Location
//ds:Signature[0]/ds:KeyInfo/ds:X509Data/ds:X509Certificate
Description
CN=QuoVadis Europe EV SSL CA G1, O=QuoVadis Trustlink B.V., C=NL
Test
Subject DNI - 4
Location
//ds:Signature[0]/ds:KeyInfo/ds:X509Data/ds:X509Certificate
Description
CN=test.xua.hin.ch, O=Health Info Net AG, L=Wallisellen, ST=Zürich, C=CH, SERIALNUMBER=CHE-103.489.218, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Zürich, OID.1.3.6.1.4.1.311.60.2.1.3=CH
Test
Declared DigestValueI - 5
Location
//ds:Signature[0]/ds:SignedInfo/ds:Reference[0]/ds:DigestValue
Description
jblWvd6+Yyt0IOZY+vANV1vH4nZlfhPVyyZQJiSq8ww=
Test
Actual calculated digest valueI - 6
Location
//ds:Signature[0]/ds:SignedInfo/ds:Reference[0]/ds:DigestValue
Description
FwwFVc6qbgZkMEBUBE2JxALZpIgE5Et9JnABYG7P3Fc=
Test
Canonicalized referenced contentI - 7
Location
//ds:Signature[0]/ds:SignedInfo/ds:Reference[0]
Description
<saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="_32b42c75-2667-4d89-adc8-701ea8e64080" IssueInstant="2023-03-09T12:33:49.277Z" Version="2.0" xsi:type="saml2:AssertionType"> <saml2:Issuer>test.xua.hin.ch</saml2:Issuer> <saml2:Subject> <saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" NameQualifier="urn:gs1:gln">2000000010267</saml2:NameID> <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"></saml2:SubjectConfirmation> </saml2:Subject> <saml2:Conditions NotBefore="2023-03-09T12:33:49.277Z" NotOnOrAfter="2023-03-09T12:38:49.277Z"> <saml2:AudienceRestriction> <saml2:Audience>urn:e-health-suisse:token-audience:all-communities</saml2:Audience> </saml2:AudienceRestriction> </saml2:Conditions> <saml2:AuthnStatement AuthnInstant="2023-03-09T12:33:49.277Z" SessionNotOnOrAfter="2023-03-09T12:43:49.277Z"> <saml2:AuthnContext> <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml2:AuthnContextClassRef> </saml2:AuthnContext> </saml2:AuthnStatement> <saml2:AttributeStatement> <saml2:Attribute Name="urn:oasis:names:tc:xspa:1.0:subject:purposeofuse" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"> <saml2:AttributeValue> <PurposeOfUse xmlns="urn:hl7-org:v3" code="EMER" codeSystem="2.16.756.5.30.1.127.3.10.5" codeSystemName="eHealth Suisse Verwendungszweck" displayName="Notfallzugriff" xsi:type="CE"></PurposeOfUse> </saml2:AttributeValue> </saml2:Attribute> <saml2:Attribute Name="urn:oasis:names:tc:xacml:2.0:resource:resource-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"> <saml2:AttributeValue xsi:type="xsd:string">761337615768284572^^^SPID&amp;2.16.756.5.30.1.127.3.10.3&amp;ISO</saml2:AttributeValue> </saml2:Attribute> <saml2:Attribute Name="urn:oasis:names:tc:xspa:1.0:subject:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"> <saml2:AttributeValue xsi:type="xsd:string">Noëla Daniela Guéillaume Loosli-Flückiger</saml2:AttributeValue> </saml2:Attribute> <saml2:Attribute Name="urn:oasis:names:tc:xspa:1.0:subject:organization" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"> <saml2:AttributeValue xsi:type="xsd:string">AD Swiss EPD INT Test Organisation</saml2:AttributeValue> </saml2:Attribute> <saml2:Attribute Name="urn:oasis:names:tc:xspa:1.0:subject:organization-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"> <saml2:AttributeValue xsi:type="xsd:string">urn:oid:2.16.756.5.30.1.221.3.3.2.9999123</saml2:AttributeValue> </saml2:Attribute> <saml2:Attribute Name="urn:oasis:names:tc:xacml:2.0:subject:role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"> <saml2:AttributeValue> <Role xmlns="urn:hl7-org:v3" code="HCP" codeSystem="2.16.756.5.30.1.127.3.10.6" codeSystemName="eHealth Suisse EPR Akteure" displayName="Behandelnde(r)" xsi:type="CE"></Role> </saml2:AttributeValue> </saml2:Attribute> <saml2:Attribute Name="urn:ihe:iti:xca:2010:homeCommunityId" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"> <saml2:AttributeValue xsi:type="xsd:string">urn:oid:2.16.756.5.30.1.221.3.1.1.3</saml2:AttributeValue> </saml2:Attribute> </saml2:AttributeStatement> </saml2:Assertion>
Location
//ds:Signature[0]/ds:KeyInfo
Description
A X509Data element is expected in the KeyInfo
Location
//ds:Signature[0]/ds:KeyInfo/ds:X509Data/ds:X509Certificate
Description
The certificate is valid in terms of dates

File Content

1 <saml2:Assertion
2     xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
3     xmlns:xsd="http://www.w3.org/2001/XMLSchema"
4     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="_32b42c75-2667-4d89-adc8-701ea8e64080" IssueInstant="2023-03-09T12:33:49.277Z" Version="2.0" xsi:type="saml2:AssertionType">
5     <saml2:Issuer>test.xua.hin.ch</saml2:Issuer>
6     <ds:Signature
7         xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
8         <ds:SignedInfo>
9             <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
10             <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
11             <ds:Reference URI="#_32b42c75-2667-4d89-adc8-701ea8e64080">
12                 <ds:Transforms>
13                     <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
14                     <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
15                         <ec:InclusiveNamespaces
16                             xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xsd"/>
17                         </ds:Transform>
18                     </ds:Transforms>
19                     <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
20                     <ds:DigestValue>jblWvd6+Yyt0IOZY+vANV1vH4nZlfhPVyyZQJiSq8ww=</ds:DigestValue>
21                 </ds:Reference>
22             </ds:SignedInfo>
23             <ds:SignatureValue>dC7WXItwwUsmv58kwhr3AgH8jt6auyDUt0J/8I1Ig54fnIve3L4yfuZro+DDsRHMYWTl8598B4Vu&#xD;GEGHy4FMB0gsPwqQI45tEkqyTAOMfeF+K7OQDo6R5KRWMqGU7p8EhbbYWDnu9eLfEpes3EvDsZit&#xD;pSiCNL7JuDqMaPzDw3MgHZZXBuOnZXfBkz52ELIiR5iqECFpKN/sWRxx/tXsfVxeTJMdmi0CN6qh&#xD;+GPUz6aHaHhCYgTCvWhNzmwfzFHY77gtJXfa8LNlanK2Avtnsf+5tflyfqnRFDa/vKMppGQtNbwH&#xD;toVSZjZz1XL2rPMCt15IF1mXsqkj70rWtIY9HRae1bPqRScHF+PE6FlqG2OAUuGSPdc+jBhzYWfK&#xD;6+HLlgfOy10Wt4Q30KOhdmLMFvCCoSV/CwCKvtcyonWXQaav1BdNkxTM+2Uz8Hhf/EdTDc0MFQb7&#xD;lTF5jo/b2pTy49mDj2G4MEz6WKbKkbpli0tuJCwN9LBvrlwV3xvCB0DR/m0aBlfn/lErVhtnzzzq&#xD;emxL7ahWx372X+sXIyc89zyHuWYIjy3XHA5Hf6FjGE+O096eYrGMvGlOtRFH2lxQqWLn25gFA1hL&#xD;cBKfxLuaHxtrA9HSOumHl3M+fagZXBDsplKzNLNpcVjH+6LQpme/YZN37N3Ovbww2Lqx/mOt4hE=</ds:SignatureValue>
24             <ds:KeyInfo>
25                 <ds:X509Data>
26                     <ds:X509Certificate>MIIJfzCCB2egAwIBAgIURvHteYSiumGzz75wrQP/f6dncf0wDQYJKoZIhvcNAQELBQAwVjELMAkGA1UEBhMCTkwxIDAeBgNVBAoMF1F1b1ZhZGlzIFRydXN0bGluayBCLlYuMSUwIwYDVQQDDBxRdW9WYWRpcyBFdXJvcGUgRVYgU1NMIENBIEcxMB4XDTIyMDgwMzE0NTc1MVoXDTIzMDgwMzE1MDcwMFowgdQxEzARBgsrBgEEAYI3PAIBAxMCQ0gxGDAWBgsrBgEEAYI3PAIBAgwHWsO8cmljaDEdMBsGA1UEDwwUUHJpdmF0ZSBPcmdhbml6YXRpb24xGDAWBgNVBAUTD0NIRS0xMDMuNDg5LjIxODELMAkGA1UEBhMCQ0gxEDAOBgNVBAgMB1rDvHJpY2gxFDASBgNVBAcMC1dhbGxpc2VsbGVuMRswGQYDVQQKDBJIZWFsdGggSW5mbyBOZXQgQUcxGDAWBgNVBAMMD3Rlc3QueHVhLmhpbi5jaDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKeZYw+9spsvoSt04FfY3AOZRf+LY0i4DQQg3qlEX/6bW49McSQlYkMera5lnXhf+y9S63FVCSZZXvnIuyy98PLBoFP0X5izaQiLlCEACdnV7YkpZ7qmY0216K5ctJGLsP6gwgbpO+75NXT1SZ8j/3sFld6DSiwrjEK4vd+G27BgULZRNgU/A1ZMwUDzDCnVkMqFH0ZK9klXpXzgr1EQHlrEfhf21Flqwv09wODWZq+k6wt+gnK5+DLyush0eXtVa9Dq8u5wUp6hT71ZToMFH85Ai+8W6smHhuvofQJ1S+t6/518QNfv5V70PAF+Lsc+pmYqam4rlXDe4ekcoWI12pYllEifks0s13H5VVHVSEFBviiuzVPZ2WWbOe45IvPQoCjpGj/adi5g4hoaL4I/Voiyww9e9bBWexpufPGqY6ulPdC80C0L2eB5EN+2V3AHwBwKXqrvnl2BAzphfuwZnLaDbDux0LVKCYh/5HYZKtSrr8w7esHXLjBLgsyV8yE1c3koz97xioXuF4ymcpnsIx1z9rgcxFvloXnaWP4wimfc5xpPdUqdfFD++qVNRDAc1yiezv9IcgzWFzx/czdxE5trEmQQ4pxcItwXWP7vblPgha1msuOiG4Se+KYHHjt4b7bbEFlF2450R2TWfczJNk/cHivuaSa1mCVERnghb2H9AgMBAAGjggPEMIIDwDAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFEk9Dtx5xcvbEqPVDavyz6mv42apMIGDBggrBgEFBQcBAQR3MHUwRwYIKwYBBQUHMAKGO2h0dHA6Ly90cnVzdC5xdW92YWRpc2dsb2JhbC5jb20vcXVvdmFkaXNldXJvcGVldnNzbGNhZzEuY3J0MCoGCCsGAQUFBzABhh5odHRwOi8vb2NzcC5xdW92YWRpc2dsb2JhbC5jb20wGgYDVR0RBBMwEYIPdGVzdC54dWEuaGluLmNoMFoGA1UdIARTMFEwRgYMKwYBBAG+WAACZAECMDYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL3JlcG9zaXRvcnkwBwYFZ4EMAQEwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMEoGA1UdHwRDMEEwP6A9oDuGOWh0dHA6Ly9jcmwucXVvdmFkaXNnbG9iYWwuY29tL3F1b3ZhZGlzZXVyb3BlZXZzc2xjYWcxLmNybDAdBgNVHQ4EFgQUK0Phs2oB05b9SYva/xGqr97D3UgwDgYDVR0PAQH/BAQDAgWgMIIB9QYKKwYBBAHWeQIEAgSCAeUEggHhAd8AdQCzc3cH4YRQ+GOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAAAYJkP7NoAAAEAwBGMEQCIGZdSMs006KULFw7BJ2bfF/TQHYpLwUcFU8oc47fDm7jAiA7Vn6ZkRYa9Ly3rjd98hSxhA/VTQO0Rhtz/weWELnNYwB2AOg+0No+9QY1MudXKLyJa8kD08vREWvs62nhd31tBr1uAAABgmQ/s24AAAQDAEcwRQIgCJYWEWbDe1aum/3xw3wcb8kardsPh0cZ92SE/3zFs0ICIQC4ZcJpcNBAN3cS05OVMI19oK4CsO3wV2P1YXSJ8TUovQB2ADXPGRu/sWxXvw+tTG1Cy7u2JyAmUeo/4SrvqAPDO9ZMAAABgmQ/s4oAAAQDAEcwRQIhAKLvw7Q6cSYHynEaLGxmtV9QfSv/tdo4K0BPIZ3hq4qPAiAFiPzkXsNYa3ScWYHCXHGA1fJeAFuqMUVcZm6WQCWIQwB2AK33vvp8/xDIi509nB4+GGq0Zyldz7EMJMqFhjTr3IKKAAABgmQ/szoAAAQDAEcwRQIhAMmrJpmuTsaJEfmgs3fGQ52WlfQXTtJgIhFqbTxxpoxMAiAlwUsFWBXILqyQEzKLFh/8VC6KFV65m94mgVMseoe4OTANBgkqhkiG9w0BAQsFAAOCAgEASbFtYgNHEW0hGytQQdQJ2Ass33eG2MiX52Zybb/DjrqecQCP/jf0USR+U9RQ41pqePEOEHeG+JOc+V4mw+cBThJLen0OMRit/LZc38ceLdWPCsVC6qPRJmHcfGlr7bXzFY0/AWgohlIRvjZFEUdbF9jzz1QX70T2PjsLAXYKPT9R0EP0xIQoXhswmgM/Otv73mn9Ofu3n3tw2xpIoYMSZeUO6qOIjtzLFDErjGnOz63xOehyjwLyT4wkw8U32GC5MFGoAgqziL2vm92bhei4f3GBD0Jk69qC5IL9XciUr07vP5DauD3sMhaZ12CtZidqM7mUCQxdKrtYzrWrB2EfcNVqVhTYjBkGuTXha+58gDDH/KwXgXVs+C5oGPLXfX8zYFxrc/+5CG5pwJOzb73VovJFREflE4R5t2yIyYIZX6kKNL6La0auO2XeSaGT6i91r/iUDp1/hpTQS3tVFNKbw2K3UBOEIOzmEnQXxDa1xb3YXzdpfLvQLg2S/pEPujl44P2lk+oxo+54G2gf7gG/dbenYUiS0I9PUUlJof8U/juLGBi0bBsh0dZmFIsiVWjDYS7GUSkxyGPjxYlZ3B0Q6q1U2Ik7U9vNp20DrwD6Qfhw3cTgCguH3eN1D6a/X4N60ePEyvEiGoi/HCLCckvyZxxgexTxFWGI26KqW9DSx7U=</ds:X509Certificate>
27                 </ds:X509Data>
28             </ds:KeyInfo>
29         </ds:Signature>
30         <saml2:Subject>
31             <saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" NameQualifier="urn:gs1:gln">2000000010267</saml2:NameID>
32             <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"/>
33         </saml2:Subject>
34         <saml2:Conditions NotBefore="2023-03-09T12:33:49.277Z" NotOnOrAfter="2023-03-09T12:38:49.277Z">
35             <saml2:AudienceRestriction>
36                 <saml2:Audience>urn:e-health-suisse:token-audience:all-communities</saml2:Audience>
37             </saml2:AudienceRestriction>
38         </saml2:Conditions>
39         <saml2:AuthnStatement AuthnInstant="2023-03-09T12:33:49.277Z" SessionNotOnOrAfter="2023-03-09T12:43:49.277Z">
40             <saml2:AuthnContext>
41                 <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml2:AuthnContextClassRef>
42             </saml2:AuthnContext>
43         </saml2:AuthnStatement>
44         <saml2:AttributeStatement>
45             <saml2:Attribute Name="urn:oasis:names:tc:xspa:1.0:subject:purposeofuse" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
46                 <saml2:AttributeValue>
47                     <PurposeOfUse
48                         xmlns="urn:hl7-org:v3" code="EMER" codeSystem="2.16.756.5.30.1.127.3.10.5" codeSystemName="eHealth Suisse Verwendungszweck" displayName="Notfallzugriff" xsi:type="CE"/>
49                     </saml2:AttributeValue>
50                 </saml2:Attribute>
51                 <saml2:Attribute Name="urn:oasis:names:tc:xacml:2.0:resource:resource-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
52                     <saml2:AttributeValue xsi:type="xsd:string">761337615768284572^^^SPID&amp;2.16.756.5.30.1.127.3.10.3&amp;ISO</saml2:AttributeValue>
53                 </saml2:Attribute>
54                 <saml2:Attribute Name="urn:oasis:names:tc:xspa:1.0:subject:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
55                     <saml2:AttributeValue xsi:type="xsd:string">Noëla Daniela Guéillaume Loosli-Flückiger</saml2:AttributeValue>
56                 </saml2:Attribute>
57                 <saml2:Attribute Name="urn:oasis:names:tc:xspa:1.0:subject:organization" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
58                     <saml2:AttributeValue xsi:type="xsd:string">AD Swiss EPD INT Test Organisation</saml2:AttributeValue>
59                 </saml2:Attribute>
60                 <saml2:Attribute Name="urn:oasis:names:tc:xspa:1.0:subject:organization-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
61                     <saml2:AttributeValue xsi:type="xsd:string">urn:oid:2.16.756.5.30.1.221.3.3.2.9999123</saml2:AttributeValue>
62                 </saml2:Attribute>
63                 <saml2:Attribute Name="urn:oasis:names:tc:xacml:2.0:subject:role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
64                     <saml2:AttributeValue>
65                         <Role
66                             xmlns="urn:hl7-org:v3" code="HCP" codeSystem="2.16.756.5.30.1.127.3.10.6" codeSystemName="eHealth Suisse EPR Akteure" displayName="Behandelnde(r)" xsi:type="CE"/>
67                         </saml2:AttributeValue>
68                     </saml2:Attribute>
69                     <saml2:Attribute Name="urn:ihe:iti:xca:2010:homeCommunityId" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
70                         <saml2:AttributeValue xsi:type="xsd:string">urn:oid:2.16.756.5.30.1.221.3.1.1.3</saml2:AttributeValue>
71                     </saml2:Attribute>
72                 </saml2:AttributeStatement>
73             </saml2:Assertion>

XSL StyleSheet:

View XML with Stylesheet