Adopted Specifications
The HSPC has adopted the OpenId 2.0 specification for authentication and the OAuth2 specification for authorization.
OpenId 2.0 specification: http://openid.net/specs/openid-authentication-2_0.html.
OAuth2 specification: http://tools.ietf.org/html/rfc6749.
OAuth2 profiles defining authorization flows and security requirements for client applications have been adopted from the SMART on FHIR authorization specification. Details of that specification can be found here: http://docs.smartplatforms.org/authorization.