The patterns presented here are different ways of ensuring that only the right people can access health and care data.
Every system needs to choose a pattern which works best for them, taking into account the benefits and limitations of each approach.
Some systems will need to use a combination of patterns.
All the patterns are designed for services which:
- need some level of authorisation (so aren't open to everyone)
- will use the OpenID connect standard