Guides

Opening the Viewer

Details about how to launch the viewer

Suggest Edits

To open the viewer, the iframe or embedded browser performs an HTTP POST request to the viewer endpoint. This can for example be done by sending an invisible, self-submitting HTML form to the browser. The authentication method used is (front-channel) SAML.

Endpoint information

ItemValue
Hosthttps://vitals.luscii.com (production); https://acc-vitals.luscii.com (acceptance)
URL/login/external/saml
MethodPOST
Content-Typeeither application/x-www-form-urlencoded or application/json

POST body parameters

ParameterTypeDescription
identifiersarrayOne or more identifiers for the patient (see below for details)
SAMLResponsestringA base64-encoded XML SAML Token (see below for details)
patientBsnstring (10)deprecated - use identifiers instead if you can
patientEmailstring (255)optional
patientFirstNamestring (50)optional
patientTussenvoegselstring (20)optional - infix of patient name, .e.g, van der
patientLastNamestring (50)optional
patientSexstring (1)optional - m or f
patientDateOfBirthdateoptional - dd-mm-yyyy, e.g. 13-05-2000 for 13th of May 2000
patientGroupIdintoptional - Luscii id of the patient's group
patientPhonestring (16)optional -
patientAddressStreetstring (100)optional -
patientAddressNumberstring (10)optional -
patientAddressAnnexstring (10)optional -
patientAddressPostcodestring (10)optional -
patientAddressCitystring (50)optional -
patientAddressCountrystring (2)optional - ISO-3166-1 two-letter code (e.g. NL or DE)
patientProgramIdintoptional - Luscii id of the program
patientProtocolUuidstringoptional - Luscii UUID of the protocol
patientCommentsstringoptional -

The optional fields are used to prefill the patient onboarding flow. The clinician can still enter any missing values by hand. If the user is already known in Luscii, optional fields will be ignored.

Examples

POST /login/external/saml HTTP/1.1
Host: acc-vitals.luscii.com
Content-Type: application/x-www-form-urlencoded

SAMLResponse=PER1bW15IC8%2B&identifiers%5B0%5D%5Bsystem%5D=http%3A%2F%2Ffhir.nl%2Ffhir%2FNamingSystem%2Fbsn&identifiers%5B0%5D%5Bvalue%5D=999999151

POST /login/external/saml HTTP/1.1
Host: acc-vitals.luscii.com
Content-Type: application/json

{"SAMLResponse":"PER1bW15IC8+","identifiers":[{"system":"http:\/\/fhir.nl\/fhir\/NamingSystem\/bsn","value":"999999151"}]}

Note: In the examples, the SAMLResponse is PER1bW15IC8%2B, which is the URL-encoded version of PER1bW15IC8+, which in turn is the base64-encoded version of <Dummy />. In reality, this will be a much longer value (see examples below), but a dummy is used to keep the example more readable

An HTML form that would produce these requests could look like this: 

<!DOCTYPE html>
<html lang="en">
  <head>
    <meta charset="utf-8">
    <title>Example</title>
  </head>
  <body>
    <form action="https://acc-vitals.luscii.com/login/external/saml" method="post">
      <input type="text" name="SAMLResponse" value="PER1bW15IC8+" />
      <input type="text" name="identifiers[0][system]" value="http://fhir.nl/fhir/NamingSystem/bsn" />
      <input type="text" name="identifiers[0][value]" value="999999151" />
      <input type="submit" />
    </form>
  </body>
</html>

Details about identifiers

Follows the FHIR Identifier standard (https://www.hl7.org/fhir/datatypes.html#identifier). Each identifier requires a system and a value parameter. If the value is known within Luscii, the corresponding patient will be loaded. If the value is unknown within Luscii, an onboarding flow will be presented.

Supported systems

Currently the following systems are supported (contact us if you need another one):

NameSystemDescription
BSNhttp://fhir.nl/fhir/NamingSystem/bsnDutch social security number
Workflow IDhttp://sts.zorgplatform.online/ws/claims/2017/07/workflow/workflow-idChipsoft Zorgplatform Workflow IDs
NHS Numberhttps://fhir.nhs.uk/Id/nhs-numberNHS number used in the UK
Zorg Bij Jou identifierurn:zorgbijjouIdentifier used by the Zorg Bij Jou system

Example


{
	"identifiers":[
		{"system":"http://fhir.nl/fhir/NamingSystem/bsn", "value":"035181011"},
		{"system":"http://sts.zorgplatform.online/ws/claims/2017/07/workflow/workflow-id", "value": "47f5a526-163d-4d57-9003-a85b10b2d6da"}]
}

Details about SAMLResponse

SAMLResponse is XML SAML token which is base64 encoded. The SAMLResponse needs to adhere to:

  • A <samlp:Response> as root element.
  • A <saml:Assertion> or <saml:EncryptedAssertion> as root or sub element.
  • When a <saml:EncryptedAssertion> is submitted, it needs to contain key info with at least <X509IssuerName>.
  • A <saml:Issuer> must be present, either in encrypted or unencrypted form, as we use it to recognize which certificate to check against.
  • The maximum length of the SAML <NameID> value (external user id) is 255 characters.
  • The assertion element must be signed with a valid <dsig:Signature>
  • Namespace samlp means: urn:oasis:names:tc:SAML:2.0:protocol.
  • Namespace saml means: urn:oasis:names:tc:SAML:2.0:assertion.
  • Namespace dsig means: http://www.w3.org/2000/09/xmldsig#.

Examples

(note that this still needs to be base64 encoded before sending)

<?xml version="1.0"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
                ID="_bc588da13f3dfeb28a6726bcda911d67f709b6dd79" Version="2.0"
                IssueInstant="2021-06-02T12:05:35Z">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
        {{ Issuer }}
    </saml:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod
                    Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod
                    Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <ds:Reference URI="#_bc588da13f3dfeb28a6726bcda911d67f709b6dd79">
                <ds:Transforms>
                    <ds:Transform
                            Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                    <ds:Transform
                            Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </ds:Transforms>
                <ds:DigestMethod
                        Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                <ds:DigestValue>7gyW96pKXd1DgwwRcZB+QHafOoU=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>
            CPR8Wu//Ms9luIwcwkM+tlKjW7vkiiQSWP6AU73lLB6qWkm9FTN/AVM0bA8+m9AoyJhzg0NZmBX+p/eW9hMsg6q6zv7hmwKWeSszNd4S3zQOLumq3fAsuBFsicYJ0mH3Ss1yc81mExhjZiDIK2y9SeOr5DHQdLeL8H6LNsyj8Rectqb+R4AOp6ZlkNUb7Ri8H5MCcx7V4CqEafWYl3o7DGXxxS8O7vpw7Y7ekEb9MWh3fgw6ij7vQVQS5Bj5Imr6nSZM2jQK0MjYgu8MNLMwjlvvetyNubx285/oqUYn8JjPF8l0fK0XlXhbc/+/FifqpTcP6bozzpsZYUvgVXCLTA==
        </ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>
                    MIIDpTCCAo2gAwIBAgIJAJh5SZ9Naj3EMA0GCSqGSIb3DQEBCwUAMGkxCzAJBgNVBAYTAk5MMRYwFAYDVQQIDA1Ob29yZC1Ib2xsYW5kMRIwEAYDVQQHDAlBbXN0ZXJkYW0xFjAUBgNVBAoMDUZvY3VzY3VyYSBFTVIxFjAUBgNVBAMMDUZvY3VzY3VyYSBBU1AwHhcNMTcxMDIzMDgwNjUyWhcNMTgxMDIzMDgwNjUyWjBpMQswCQYDVQQGEwJOTDEWMBQGA1UECAwNTm9vcmQtSG9sbGFuZDESMBAGA1UEBwwJQW1zdGVyZGFtMRYwFAYDVQQKDA1Gb2N1c2N1cmEgRU1SMRYwFAYDVQQDDA1Gb2N1c2N1cmEgQVNQMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4nyAdVakRNrtArAeAcRX2RUQe0eCWRZhHFYtd9Xe2REKBNwIGvGbOvaRuFeI1mxmZ3t1GClauVx8BFtbUNoN86ItOs0QtQ2pmf1tuuWmdt9DcQ6FsqzV2NOAkeX+IZuGx2LLl/IvPN7ueMiYATG4pEFbXtGR+mwNl0Okk43kXVnISl/XLV7W9UYiKqKEKMKaUC6Ut9EOMqBA5RBLJZoE1ULrN1IVMxQ03tEtRQVUKMTrM6SWPhuaOc2fMJuXhQt7yiX1PTWdrWH/Ja6Sp0Vk94Bpv+3yfDa7U/K/HCDr+2fyK2gCbOM+pxJOsQx0CUSe2OZje6Ub9CCq48U8bVikwIDAQABo1AwTjAdBgNVHQ4EFgQUVBFvt6uoijuKlvo1WtxitMGUzkwwHwYDVR0jBBgwFoAUVBFvt6uoijuKlvo1WtxitMGUzkwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEASgHsiyzuqi6eGxze+kCVLUjvRwONpe4au3TsXlc3g2ESJZLhdK6BbH4xfd2bfhJJT1oDi7hdpsuqZeHBskfmXTO9S5Yv7R4T73av8S21c9d70iJ126AkFaY01XpwHA2gRAcGSZlkw9AhrReW9hHwdU/X1XRYY+7xqlSbp94RsgiJyW06SuxcDqTtS5Y44rjGrYFObgo9XIF2XnJYXsrv1EaHX77urSdwa+Gl+KJIc0N+FJUiGp29ykM60dgY9W3go1z1L+m3sCdXxIbo8jepSz0DZXbAx5lhDkOAIPCkYzpOvYpuA4e8hm76/kHtPJvwJMB1N3A4gT0bgaYvhD0npw==
                </ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <samlp:Status>
        <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    </samlp:Status>
    <Assertion xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
               ID="_b726f610a6fba37a537b155a52f775f41a52e59f5e" Version="2.0"
               IssueInstant="2021-06-02T12:05:35Z">
        <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
          {{ Issuer }}
        </saml:Issuer>
        <Subject>
            <NameID NameQualifier="{{ Your company name }}">{{ Your user id }}</NameID>
            <SubjectConfirmation Method="TestMethod">
                <SubjectConfirmationData NotBefore="2021-06-02T12:05:35Z"
                                         NotOnOrAfter="2021-06-02T12:10:35Z"/>
            </SubjectConfirmation>
        </Subject>
        <Conditions>
            <OneTimeUse/>
        </Conditions>
        <AttributeStatement>
            <Attribute Name="ApplicationName">
                <AttributeValue>{{ Your application name }}</AttributeValue>
            </Attribute>
        </AttributeStatement>
        <AuthnStatement AuthnInstant="2021-06-02T12:05:35Z"
                        SessionNotOnOrAfter="2021-06-02T12:10:35Z"
                        SessionIndex="_bc588da13f3dfeb28a6726bcda911d67f709b6dd79">
            <AuthnContext>
                <AuthnContextClassRef>
                    urn:oasis:names:tc:SAML:2.0:ac:classes:Password
                </AuthnContextClassRef>
            </AuthnContext>
        </AuthnStatement>
    </Assertion>
</samlp:Response>

<?xml version="1.0"?>
<saml:EncryptedAssertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
                        xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"
                        Type="http://www.w3.org/2001/04/xmlenc#Element">
        <xenc:EncryptionMethod
                Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
        <dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
            <xenc:EncryptedKey>
                <xenc:EncryptionMethod
                        Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
                <xenc:CipherData>
                    <xenc:CipherValue>
                        kd+Pd90ItCU0jnnvuabADBB7KdbWxt7bufIvoYBqhljMwqS5JrFtl7FOECfa+wdMIQ3lRmqiw+ZM0E7wrSatIaRjxHYq90PTmIwRx2phFtlO33Hmq3fCr23JzEhvvXszeaVj8tkfVHXgs45Ze9ae4xhNhZ+PJ87is3ylRZp12oQ9F6LGUG4a2l670xiHaMO7tN3J5hMLovmqTaj6fa9U5ef+6BEDAJDEXEnVkOcKpL6GASef1HH2N3Xi4NnhLoYy2DybskSuMZdvU31L5ZaGD93CFPR7E7WPiIeYaDC/Wmg7SWl2WNfPxLLHYQzAE1RTqsGJIAWP7V2NXAt01w6rFg==
                    </xenc:CipherValue>
                </xenc:CipherData>
            </xenc:EncryptedKey>
            <dsig:X509Data>
                <dsig:X509IssuerSerial>
                    <dsig:X509IssuerName>{{ Certificate Issuer }}</dsig:X509IssuerName>
                    <dsig:X509SerialNumber>{{ Certificate Serial Number }}</dsig:X509SerialNumber>
                </dsig:X509IssuerSerial>
                <dsig:X509Certificate>
                    MIIDzDCCArQCCQClCLUeC8zVGTANBgkqhkiG9w0BAQsFADCBpzELMAkGA1UEBhMCTkwxFjAUBgNVBAgMDU5vb3JkLUhvbGxhbmQxEjAQBgNVBAcMCUFtc3RlcmRhbTESMBAGA1UECgwJRm9jdXNDdXJhMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEfMB0GA1UEAwwWRkMgRU1SIEVuY3J5cHRpb24gVGVzdDEhMB8GCSqGSIb3DQEJARYSdGhpanNAZm9jdXNjdXJhLm5sMB4XDTE3MDkwNzA4NDcxMloXDTI3MDkwNTA4NDcxMlowgacxCzAJBgNVBAYTAk5MMRYwFAYDVQQIDA1Ob29yZC1Ib2xsYW5kMRIwEAYDVQQHDAlBbXN0ZXJkYW0xEjAQBgNVBAoMCUZvY3VzQ3VyYTEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxHzAdBgNVBAMMFkZDIEVNUiBFbmNyeXB0aW9uIFRlc3QxITAfBgkqhkiG9w0BCQEWEnRoaWpzQGZvY3VzY3VyYS5ubDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMdIn4l98iTL3/E8vcmAejJZIx30MmcVO71TnQA2G4Nnhsangu9efeW9ZKRPQwb3nsULTw7jfJEjPSkOtViQPxF97c/X+hOaD+aT1F8H90dAKHdje2rmREy9Ekv7LWCsMt1C22QkIxIxl7xXiyVDfy8KDktXz5GXaBPBcCLJQJaJX46o8sJLO+8fw5dvYdw+f//o8NlyXP0z+37bQsJu2vL/Ecvoe3ZbHNVkUhkR29PC+nMWc6mkiFTWs9yuU93eI0iKaSJ6pYWStgmWL+jJbcBI0b4vuMej+148ZC/QqBscPsTADTIPTM4G+xSBGlaTuOmJWSGU9AiTiNaofHvGyvECAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAw3DntqYbHs13g7kihGzbBLoq48ZJBeFbGO+mWq61EBs7yQO8cPrEXQUGpO2Dg8qYvs8BjxNs3/0AjJIQor3Ry5FAUu+rN5hh+0G4EXKG+OcFsgmnIqxFXylED27cGCTSuo5ysuOu1jr0G6wTnUOl8utEB/tDkL9vz6JvL0qDaK603hy1vGvpsMUrzyQr74776g2KfuflY1zGamlZKJkeB3nGdOt11eY8tt5e1zqhxCVzcANT5GbW65lPTn4hwmo6MDuuMtv2uB6G2DoO+XU4qUAe2KH5fBtkGqOOvqVUjMZ+hnQ8t6LERY2RTuQxNQS5h/LneZTq+iMizIZMGhcd6w==
                </dsig:X509Certificate>
            </dsig:X509Data>
        </dsig:KeyInfo>
        <xenc:CipherData>
            <xenc:CipherValue>
                mZI4WJqOHP/w1mw0sOICq0fpfDzpXv81bUkc7uvFiCs9QTnTdeIGdBVVL4CncX0kkuJhvYm+IVtOBXZe3UyrPuCBcoA4wnlUzBZhy4lwAn8IqX5bwKw6YH6gP0JLgKHH2yAkhvUlW/FyGKOWyZFJIMEJFK4ntJ3Er7J+kEhd4ktS+JXKT1cKGlCrsLN5RYneskzrm5zifKZPmjpY1Y1lTwWJK6oIQsv0lQa4AVmrmgfkPB76d7kG5olzBcAPfj5nnikIhU58I+UcJQCOGqdPwyXn5iYiQRJJ4NsYXucXNe/lrWyhMdrJm6aTwOG09TZl8Dgur0Wnqa20Z6vntG3VYbA55jzoC4XMX9ad96v21/ilLnAfHm87TJ9fFauJMyVqzR6d22p2B2hNN9annaPHx77DWj5YAYkfTi67/m+nytR5QllbutS9kzv+GBQiigP8d9daNP8LS1uRcGLVA9BD5pWi8DutY7uTWF4fw1QX4VmwkWuNJQ3fKdvzXiw5Kv4GSgeccVYggxAa4l+2oPVfz9s4+KHfIpyz5B1aNMiCwhJzwsSxR8CWNo/fkH/qY9xNMlWH9H7HUM5UDlhxmp323B23cKWQzFBRq811fMcGBgZlBnOBOwNujdCpNO3mjkKcimNs6ajmx+4mncj9hWKqdvrG/ebZKN1oSzzE3R8HAxjphJxbrWGrmZRtncIP3YcZLBC8tX77FtDYoFevNgtSquOxj+M8Y8hFVWF1lTUWUxq2IgNcXb32W+kJ7FwusBxfFIrad4TIv7EgBvLBox+m5xNMJOv2SUjfOUjNnfhWpFPzeYFzsqfE1hE9f27ImK0QHmMCIuWpMsM1VXYP440yIZvKdHOfSNq0TMc9yvtByk2b9HXS4nj2RsaFLH2JCJjOFNT1CjgscxlE9Eq5z/pf6Gb2HuvQ28H+4qP+aqOSS2G4ODeohTqEi8M5VxadJXd++YUPy/C1m/hh55/W6gyIRDYJdnbqQVrCR58xxZbnsxyLsxE8WCD2FG2SDCyZ3lpdaMNCYY776HQ2Gts6wPBaBvjqa34K7Mcb1Ano1UXTNxiM7GWz+w5JZXehqeUGAasa7t5nnnuTuG1N8ClSgx+AI33HC/k7STxlMvjiKU9vJHahsntp4XD3tis/syeQbIbGFTJXhNL4ETJQPqsrjGe4vOdp7YH0W0RjWCGq0/T/mFnFnmKR2GJRCR7tMtsKIbORfAdpSTfSpSfPJGKwhvQiVDBZNithD7pLme3MiF/FOQx7vsLmX1+bxGWEsPTp+1a5KqN6GyZEWroOLTptcndQgtdOqa41cWXUBQi4WOqsUwTLEhPMSa6PdnfXdMy8XqXR88NKeIMNwBDRNQ2mpxTO5jNaLKxArhjRHfxaxdgNA40mKbwU++MtEw43xqPeA8s/N6wjEs1/pCb6g6W/vHbiDXa27s4vku6VtN3SC2P30nezPb84BcFEhuHur8gsN4yT35J9VY5k2GUGzKPpqJvqUPsc0IdPon6yWKWMJJQc269kPXI8yZ9PX8T1IIkGJFR3ssuJbx44VjZkd2S8oAxyPMpm1Q0mhdQlUZYUS/2lPsGbIva4CazYqY6+6Jpy3U2hgCP6PajJUR7TdkelFrpXjBra7km5dgUaUW9hrzA4bSBy4/CQybBxUtzqaPUaOeWLkmxNj1cjj3k9Hb1mNJQzxNqSXIpNioNtPp7tghDBIU7EuUo/PTzyrd8N3VYmZzI2HisDd4ZsG98WWtL/8RMppuwvnhcRwDGAp0ZgmFiW05fsmPyxhoWxJnGXpG/YndPWCRaOFaoOivGaiFdoOmbCtS63tmWR8qAOHnOiI/9bETcnFy/SV5Ark6eogtq+u4UJbs60Ny822qb/kiy7sL1BGFIeJd1I0GoOvyQggf1Cb/PRV+HnU4SV09iyWi1Mp2+ZN8QJ8+aGTvKpCYTJ4aiG4EBAEMiD81ovUIVccH6LQN1hXUPlTRVwhn1e/MhjAIk0zTmtWna4nE+SWhcMwwmHHDmZ0RjVen+CKRMmb2HW9TncZRcyncM/2SjnGkDs/kZks7NvsyU//9GmCuwOAmNNBqcwIOp66DczJj2Sv11O+D9NqPV2f+oHzSGh+TKRc9lKSCz9STBEct0q/aLe4anQ/TlnV8xjbOrBqtznVKYG5otW3HM18B2nWQJsNDvCo6uEAa1Kv1lkS6UL1S0Y19/6oZKWkytaHsf0KMdvqh6W5SNkYy7b0Sj3UdZB9Nq9kPEBUHratTHDtfLbYZ5Np0hci9zfcW+TiVgqni2PDUdFHI1yLRodthxPkaksHIoHu8I7r81cUQVa6+vC3HBrtXYLoOmerzY6nSKrNaURg7Nl6aWcuEEB9/eKSzFRf7G0WSZ76rHE7maWt3/2V9nW+7RI9NVGyOWOsfWe9J32t6r5cA8Nx7ZgoG49oE8TQzra7uoicvARhY/+ds/J3S1qxRMap3ZSWh7Sr8lxIJCnnqwo/k3Lfv864Z0tyAiKiOkvbjURuwnPA08Kdq3GcP/+iIGD+G8MQKddqXsin1DB6A+kI92z1pXcCX+pEy6lPGYv/XxMMw9Px6/7zFeZypjAp5XmP9PF8nmAh5RLpAG3LbbsN6dUN9XmkiH0FVG4TcGqb9pGitJXUyMAs/cP9qWpugIKYDxACdMGPuQG81gsZn8hgh9xp9g/hAcO4oi12Yq34wMa9jIQf3c4OgqRPB1W3fKZyhFmiJvgU+McQBslvZeEG9p8hnZM3+vYDqOJsC20hO3TcHDZze6Uc0B4T8xnOA0VHxj4uPPW5o5cBtpRFcou0ZJZ3GeCvrQPrJWOHSwuKb+HrOlDQHY+OgONGxY5Whj+MDDn3m/UunLhTbLToVB8ADj0wy11Hg3uuBI3BTnyXyG4FoDtYCK+YYuHE1qaUbOSsiDQsmMLZ10bGnwqQvi+AROwkCvdQHKirm5yci414N8J6nZiN73H6woLCWp06M8ILCbQ4lcR88CEON0ry4FoBHa7iQcDYICLzQXckOrsFiXbJjrUWfJ+xrd5K9jNNMS+KOwKnJVyHRIgWUvoyr80qtZPiQ5mp/6fagks71iGBwch6EIGTP7cOcSGWb7G521wzvj9mJHelH56Gnl9qT0WWcr4R4g5fs9+cVOq9D4BYX/wQOeT1PfJZwqV67YXeOtt0XCT5OFcwP1c38hZIM009rzHQl79XxR3RMDWizc/3fFsk3FvjgzAFAocVSduws3YCfD4cVp91dXG8ubMXDR3D5wtTMW5py++wWg7Midl9YmjHJATEsTxgkhgEwydl8boo/4lhTGm10a7lf1SF1n2fO2/R6x6fABQZGspRrrQQ0LAUjTliNHMvjVcl7FTMFA3JB1Krnn8Zn+uP5EZB/6nmNjWK0Xk8RFziL9u/yPkNF6ANfUadNjj41SzrwIIV8SSXL39kbtY9eT3FHj2LWy3uClXtXgkMwoC8CmVynx0uftZo15kjOBzCJhn3ivGh3OdfPFua4ypgIBvBZv1rAkyO9QGtWWzmHvK+8ZiDxjzD9N+J3HVWzST7Txj/F3P6yrXCKSRTaA7L0dO+TifR4szxBE3uatEhRr2NGQYuaOTr8yKrD16UM6ZyOCJDBH1QHOyEM5nbEn29NJdR4ZBFUR8HFZgS0yuc2KntoMgt89eN12dK5rkTa6q77lt+EkJhdGUqCqJ/b47qOsdOR9+TfJb7RZloYB2Ef6HhiiWS2totWVahW1Svws52971oxP+uXs1CHq03+3a7i8vP3RvLL91ThhuWptRXyYUo+DwtkRl0BcjqBHcC/J+QfLcAMD3GIIQCTJY2APVeRIzRIjtOJZX3Hlp/KYJcUilN44sK7VwD9DS8lXZ4wp/CtVMmlqgM8YCA0qwAICMVFBhgK7pq3/Vus4elR316HFNayCWN0jUd0mCbJM65kc0gjISvet/xPV0zpT7iVxYIxDEdeG/7IOahLOSbbucfUiXDqO+NxU6/KNC2pxZqL3/8XGoOPwJuxnNmUxPBi9Xwz3wJUYYCPfHZjiCxNZE5HibUt+b0NjxG8BEAtpYHwLpMIyFaSquNh4vc29U6vXtxfB7/NIbcK2IRilgJrQ0VwNM62sdtVI3RE31ilSnXBP1qoviqTHOeaEtaR2so0mkuhQoObv+8T66x83Q6l8V6F0h3OtDi0kHs3XvYctduhXAcUo75lmmmdUUopB9pqzAFK64rTjAffX5VPmX+tRGmUQgwqkSjTgWK+6yJ9Ew+02YYZtxEj3W414DL0v1+YiyQZHSXkMIF13oveqEGF/5YPqCRP8dopMWxtY/YbxZJ3bh1J/VoYmh9qF70i2dHXUcqBlrfLKw0xrdSUSPaesaRnCVWFKAdvYFfB3QWm7XUmbGXERocL5DaZN+OHK3+DBVZKMbyp8pjCzrHkmr5+DOI39YUtYBCrbeSxaCIpuuM831Dt1pkWQ4YQ4queaeve9Or6Ed4mOUc7qg9XpFHPpqZiUYsI81GGJh3hnFrYDjOSsH0aVExGFjP/BTH8U5XbI5OzDEgtZ78qm3s3apinQsytZeIDl+ngXnkNSYsG5joPZor8AqfZ/lvdBpRjQ4GcGU8ts4JoNH6F2Qm5WwYUpfjM8j2o27RwzpsxKGH5wCKFRGs9xDyWji3HwXL1lQUadrhJHICUO5SSDMPIOls0YQKqFxi5zyZHWEH48j4cvv2cFMzdxmb3XhWGnKZY8ua34byo1d05WESNcQVpOqc4gPHBNEGoaSsnsZqV5u4wiF+d6yu1FTTXdt59pcEa6MJVbP95+OwXF7dtrhKmtW5uIdTWf1eNK+XPeSDKAxp13SwAS6orQvwy/2L24wC1gkK5nJbmMz/Fi9/lYjlwIJj4AOXkNSkcaLZXYjYCfG+nGvBbr3Clf4DfXSnEEKkwhx+MpzmaH6/C15nA4pUCEWHLauQDhNq6JpSHGX6sOug4NBXTwiRGvrlU6rHjV8PoUiIsjZ0ZIyJ1CfrQw5h2yPhEP7r1gDaw3t1wGd9hUALeZwpMDYtV9aNwe2T3pR3dUzrZbEiRSke51d9PXJP5lge5bNkyIgLK/zndCfezDS2JfsHGUzHqFvwxQ4mf7YTu+Nb9rL8xDcX8Y2KgB0Kn7wfC/gTzepx+aL7DHj2ib8
            </xenc:CipherValue>
        </xenc:CipherData>
    </xenc:EncryptedData>
</saml:EncryptedAssertion>

Updated about 1 month ago