---
type: "codesystem"
title: "Restful Security Service"
codesystem: "restful-security-service"
---
# Restful Security Service

- **Official URL**: http://hl7.org/fhir/restful-security-service
- **Version**: 6.0.0
- **Status**: active
- **Name**: RestfulSecurityService
- **Title**: Restful Security Service
- **Publisher**: HL7 (FHIR Project)
- **Description**: Types of security services used with FHIR.
- **Case Sensitive**: true
- **Content**: complete

## Concepts

| Code | Display | Definition |
| --- | --- | --- |
| OAuth | OAuth | OAuth (unspecified version see oauth.net). |
| SMART-on-FHIR | SMART-on-FHIR | OAuth2 using SMART-on-FHIR profile (see http://docs.smarthealthit.org/). |
| NTLM | NTLM | Microsoft NTLM Authentication. |
| Basic | Basic | Basic authentication defined in HTTP specification. |
| Kerberos | Kerberos | see http://www.ietf.org/rfc/rfc4120.txt. |
| Certificates | Certificates | SSL where client must have a certificate registered with the server. |

## CodeSystem XML



```xml
<?xml version="1.0" encoding="UTF-8"?>

<CodeSystem xmlns="http://hl7.org/fhir">
  <id value="restful-security-service"/>
  <extension url="http://hl7.org/fhir/StructureDefinition/structuredefinition-wg">
    <valueCode value="fhir"/>
  </extension>
  <extension url="http://hl7.org/fhir/StructureDefinition/structuredefinition-standards-status">
    <valueCode value="normative"/>
  </extension>
  <extension url="http://hl7.org/fhir/StructureDefinition/structuredefinition-fmm">
    <valueInteger value="5"/>
  </extension>
  <url value="http://hl7.org/fhir/restful-security-service"/>
  <identifier>
    <system value="urn:ietf:rfc:3986"/>
    <value value="urn:oid:2.16.840.1.113883.4.642.4.1079"/>
  </identifier>
  <version value="6.0.0"/>
  <name value="RestfulSecurityService"/>
  <title value="Restful Security Service"/>
  <status value="active"/>
  <experimental value="false"/>
  <date value="2020-12-28T16:55:11+11:00"/>
  <publisher value="HL7 (FHIR Project)"/>
  <contact>
    <telecom>
      <system value="url"/>
      <value value="http://hl7.org/fhir"/>
    </telecom>
    <telecom>
      <system value="email"/>
      <value value="fhir@lists.hl7.org"/>
    </telecom>
  </contact>
  <description value="Types of security services used with FHIR."/>
  <caseSensitive value="true"/>
  <valueSet value="http://hl7.org/fhir/ValueSet/restful-security-service"/>
  <content value="complete"/>
  <concept>
    <code value="OAuth"/>
    <display value="OAuth"/>
    <definition value="OAuth (unspecified version see oauth.net)."/>
  </concept>
  <concept>
    <code value="SMART-on-FHIR"/>
    <display value="SMART-on-FHIR"/>
    <definition value="OAuth2 using SMART-on-FHIR profile (see http://docs.smarthealthit.org/)."/>
  </concept>
  <concept>
    <code value="NTLM"/>
    <display value="NTLM"/>
    <definition value="Microsoft NTLM Authentication."/>
  </concept>
  <concept>
    <code value="Basic"/>
    <display value="Basic"/>
    <definition value="Basic authentication defined in HTTP specification."/>
  </concept>
  <concept>
    <code value="Kerberos"/>
    <display value="Kerberos"/>
    <definition value="see http://www.ietf.org/rfc/rfc4120.txt."/>
  </concept>
  <concept>
    <code value="Certificates"/>
    <display value="Certificates"/>
    <definition value="SSL where client must have a certificate registered with the server."/>
  </concept>
</CodeSystem>
```