NHS Care Identity Service 2 (NHS CIS2), formerly known as NHS Identity, is a new, secure authentication service used by health and care professionals in England to access national clinical information systems.
NHS CIS2 has a number of main aims:
- Allow the use of new authentication methods where a smartcard may not be appropriate.
- Simplify the effort needed to integrate an application with the authentication service.
- Remove the need for outdated technology like IE11 or Java applets.
- Allow the use of the latest operating systems and browsers.
To enable these aims NHS Identity is providing an OpenID Connect (OIDC) solution. OIDC is an Internet Engineering Task Force (IETF) standard that defines a protocol for applications to request a user authentication from an Identity Provider (IdP) such as NHS Identity.
NHS Identity uses the Open ID Connect and OAuth2.0 protocols, along with FIDO (Fast Identity Online) UAF specification, which allows for biometric authentication.