The ONE ID OpenID Connect Specification is an open standard for token-based authentication (using OpenID protocols) and authorization (using OAuth 2.0 protocols) on the Internet.
At eHealth Ontario, OpenID Connect is used with the ONE ID Provincial Federation model to enable organizations to access EHR services containing information such as drug and immunization data. This access occurs through single sign-on (SSO) within the ONE ID Provincial Federation. SSO is the process where a user logs on once and is able to access a range of applications through multiple channels without having to log on again.
The ONE ID OpenID Connect Specification provides details regarding attributes and values required by the OpenID and OAuth 2.0 protocols to authenticate and authorize systems and users, thereby enabling access to the requested EHR services.
This specification provides application developers with step-by-step instructions to implement OpenID and OAuth 2.0 flows for integration with EHR services, including requirements for the HTTP requests and corresponding responses and tokens.
The current specification does not yet include the flows to enable organizations to join the ONE ID Provincial Federation as Identity Providers.
This specification is for trial use and will go through a formal governance committee review and approval process.