DAuth Technical Implementation

Directory Updates

After a Delegation Notice is validated, Particle (as the Principal’s Implementer) will update the Carequality Directory to include the Delegates OID in the Delegation of Authority field.

SAML Requirements

Each delegated query must include the correct Principal information within the SAML assertion. This ensures that the network correctly identifies the relationship between the Delegate and Principal.

Required SAML Attribute:

<saml:Attribute Name="QueryAuthGrantor">
  <saml:AttributeValue>Organization/[Principal OID]</saml:AttributeValue>
</saml:Attribute>

The Principal’s OID must match the entry published in the Carequality Directory.

Key points:

• The Directory must link the Principal and Delegate correctly.
• Any Downstream Delegates must also be listed according to policy.

For technical implementation questions:

• Contact Particle at [email protected]

Review and Approval Timelines

Once a Delegation Notice is submitted:

• The Principal's Implementer will review for accuracy within 5 business days.
• Once Principal Implementer comfirms Delegation Notice is correct, they have 1 business day to update the directory.

Final Notes

Please coordinate with Particle’s Technical Compliance Lead for questions about:

• SAML assertion structure
• Directory linking

Testing delegated transactions before going live in August-September.

• Testing can start on Aug 12 in Carequality's staging environment
• Cut over is the week of Sept 15, 2025.
• Final deadline is on Sept 22, 2025.