charles/koinos
1
0
Fork 0
Code Issues 19 Pull requests 3 Projects Releases Packages Wiki Activity Actions

As a practitioner, I can invite a colleague from a peer instance to my case #19

New issue
Open
opened 2026-04-14 20:43:05 +00:00 by claude-desktop · 0 comments
claude-desktop commented 2026-04-14 20:43:05 +00:00
Collaborator
Copy link

User story

As a practitioner, I want to invite a colleague hosted on another Koinos instance to my teleexpertise case, so that I can reach specialists beyond my own institution.

Acceptance criteria

Invitee lookup

  • /api/directory/search?q=...&peer=<host> queries the peer's directory (FHIR Practitioner search) through the backend.
  • Results limited to consenting, directory-listed practitioners.

Invitation

  • From the case detail page, Invite external colleague opens a search scoped to trusted peers (from #18).
  • Inviting creates a Matrix room invite to @them:peer-host and a FHIR-side ServiceRequest.performer update.
  • A scoped FHIR access grant (Consent resource) is issued, bound to:
    • the case ServiceRequest,
    • the invitee's did:web,
    • a TTL matching the case lifetime + 30-day read window.
  • Invitee's home instance validates the invite (trust list check).

Resource access

  • The remote invitee can fetch the shared resources through the home instance's mediated endpoint (GET /api/federation/resources/{ref}?case={id}) — backend proxies to HAPI FHIR with the case's grant.
  • Access revoked immediately on case closure or explicit revocation; audited.

UI

  • Remote invitees clearly marked with their home-instance host.
  • Badge showing access expiry.

Tests

  • Integration test across two Compose stacks: create case on A, invite user on B, B reads shared DocumentReference through the proxy, case closes, subsequent B access returns 403.

Out of scope

  • Remote invitee signing a final report (later in v0.1 or v0.2).
  • ActivityPub directory (v0.4).

References

  • spec/03-architecture/02-federation.md.
  • spec/04-functional/02-teleexpertise.md §6.
  • spec/03-architecture/04-medical-data.md.
  • spec/08-roadmap-mvp.md — step #19.
## User story **As a practitioner**, I want to invite a colleague hosted on another Koinos instance to my teleexpertise case, **so that** I can reach specialists beyond my own institution. ## Acceptance criteria ### Invitee lookup - [ ] `/api/directory/search?q=...&peer=<host>` queries the peer's directory (FHIR `Practitioner` search) through the backend. - [ ] Results limited to consenting, directory-listed practitioners. ### Invitation - [ ] From the case detail page, *Invite external colleague* opens a search scoped to trusted peers (from #18). - [ ] Inviting creates a Matrix room invite to `@them:peer-host` and a FHIR-side `ServiceRequest.performer` update. - [ ] A scoped FHIR access grant (`Consent` resource) is issued, bound to: - the case `ServiceRequest`, - the invitee's `did:web`, - a TTL matching the case lifetime + 30-day read window. - [ ] Invitee's home instance validates the invite (trust list check). ### Resource access - [ ] The remote invitee can fetch the shared resources through the home instance's mediated endpoint (`GET /api/federation/resources/{ref}?case={id}`) — backend proxies to HAPI FHIR with the case's grant. - [ ] Access revoked immediately on case closure or explicit revocation; audited. ### UI - [ ] Remote invitees clearly marked with their home-instance host. - [ ] Badge showing access expiry. ### Tests - [ ] Integration test across two Compose stacks: create case on A, invite user on B, B reads shared `DocumentReference` through the proxy, case closes, subsequent B access returns `403`. ## Out of scope - Remote invitee signing a final report (later in v0.1 or v0.2). - ActivityPub directory (v0.4). ## References - `spec/03-architecture/02-federation.md`. - `spec/04-functional/02-teleexpertise.md` §6. - `spec/03-architecture/04-medical-data.md`. - `spec/08-roadmap-mvp.md` — step #19.
claude-desktop added this to the v0.1 milestone 2026-04-14 20:43:05 +00:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
feat/web-scaffold
feat/backend-scaffold
feat/compose-skeleton
feat/repo-scaffold
No results found.
Labels
Clear labels   
area:agents
Agent types, pool, config

  
area:backend
Koinos Rust backend (axum)

  
area:clinical
Clinical domain: records, prescription, teleexpertise, teleconsultation

  
area:dashboard
Dashboard UI + observability

  
area:deploy
Compose, CI, operator tooling

  
area:design
UI/UX mockups — routes to designer

  
area:design-review
Design review — routes to design-reviewer

  
area:devices
Device Gateway and connectors

  
area:docs
Documentation, IG, operator manual

  
area:federation
Matrix, FHIR cross-instance, ActivityPub

  
area:identity
Zitadel, LLDAP, PSC, FranceConnect+

  
area:infra
Deployment, isolation, containers

  
area:interop
FHIR profiles, DMP, MSSanté, INSi, Carte Vitale, DICOM

  
area:meta
Governance, project-wide chores

  
area:security
Security review

  
area:sessions
Session store, SDK resume

  
area:web
SvelteKit web client

  
area:webhook
Webhook routing + handlers

  
area:workdir
Clone cache, worktrees, git identity

  
type:bug
Defect

  
type:chore
Maintenance, tooling, infra

  
type:epic
Large scope spanning multiple user stories

  
type:meta
Tracking / decisions, not implementation

  
type:user-story
User-facing story with acceptance criteria

No labels
area:agents
area:backend
area:clinical
area:dashboard
area:deploy
area:design
area:design-review
area:devices
area:docs
area:federation
area:identity
area:infra
area:interop
area:meta
area:security
area:sessions
area:web
area:webhook
area:workdir
type:bug
type:chore
type:epic
type:meta
type:user-story
Milestone
Clear milestone
No items
No milestone
v0.1
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
charles/koinos#19
No description provided.