UDAP

UDAP

The Unified Data Access Profiles, tested within the certification/accreditation process, are open standards that are free for any API ecosystem participant to implement and use, and extend OAuth and OpenID Connect to leverage trusted digital certificates. UDAP workflows eliminate the need for every FHIR endpoint to independently vet and manually register every client application and enable the reuse of OpenID credentials or digital certificates in JWT-based authentication. This solves the problem of having to generate and manage single-system credentials for each trio of client application, payer or provider data source, and consumer or other data requestor–a scalability challenge left unsolved by OAuth and OpenID as they stand. By using the UDAP extensions to these standards along with trusted digital certificates instead of client secrets, participants who successfully complete this program signal enhanced security and confidence in their systems as app operators, identity providers, and FHIR servers—which is essential to Da Vinci use cases and in FHIR exchange more generally – while also supporting real-time discovery of verified information about counter parties during dynamic (automated) client registration and authentication. See UDAP.org for information on Unified Data Access Profiles, enrollment for testing, educational materials and more.

There are four UDAP Accreditation Programs:

  • UDAP Client App – Basic
  • UDAP Client App
  • UDAP Server
  • UDAP Identity Provider

Ready to move forward?

Apply for Accreditation

Accredited Organizations