ONE ID OpenID Connect Specification
The ONE ID OpenID Connect Specification is an open standard for token-based authentication (using OpenID protocols) and authorization (using OAuth 2.0 protocols) on the Internet.
At eHealth Ontario, OpenID Connect is used with the ONE ID Provincial Federation model to enable organizations to access EHR services containing information such as drug and immunization data. This access occurs through single sign-on (SSO) within the ONE ID Provincial Federation. SSO is the process where a user logs on once and is able to access a range of applications through multiple channels without having to log on again.
The ONE ID OpenID Connect Specification provides details regarding attributes and values required by the OpenID and OAuth 2.0 protocols to authenticate and authorize systems and users, thereby enabling access to the requested EHR services.
This specification provides application developers with step-by-step instructions to implement OpenID and OAuth 2.0 flows for integration with EHR services, including requirements for the HTTP requests and corresponding responses and tokens.
The current specification does not yet include the flows to enable organizations to join the ONE ID Provincial Federation as Identity Providers.
This publication has been exempted from translation under the French Language Services Act as per O. Reg. 671/92. This publication is technical in nature and is available in English only due to its limited targeted audience.
January 16, 2020
Available to download
January 16, 2020
Strategic Committee Approval
December 11, 2019
Business Technical Committee
October 16, 2019 - November 18, 2019