This is a developer-centric introduction to get started with HelseID integration.
First, get your product owner or similar to read this (Norwegian). Some non-technical stuff has to happen before your application or API can go into production. These actions can be performed while the application is developed.
Preparation
Read up on the protocols OpenID Connect and OAuth! You can find some information elsewhere on this site, but if you google the protocols there is a lot of excellent introductions floating around. Okta has a good one. HelseID is fully compliant with the protocols.
To see the protocol mechanisms we support, please refer to our discovery document here https://helseid-sts.nhn.no/.well-known/openid-configuration.
Before you start you also have to be clear on what you want to achieve through the use of HelseID. The most common scenarios are:
I want my users in the Norwegian Health sector to logon to my application using HelseID, possibly using Single Sign-on
I want to share data through the use of an API, and use HelseID and OAuth to secure it.
I want to access an API secured by HelseID
All of the above
When you are ready to begin, please fill out the form found here to get access to our test environment. We will provide you with the necessary information to get up and running.
Note: If you are want to integrate with Persontjenesten, use the form linked to on this page instead.
We have several test environments. They are available both on the internet and on Helsenett. You will get info on this after we have completed your setup.
Development
We provide some code samples on Github to get started. These samples are written in .NET, but most other frameworks have mature OpenID Connect and OAuth libraries.
If you are implementing user authentication, it might be a good idea to look at our "TestIDP" which provides a way to simulate user login without the need for actual test users. You can even automate your logins for automatic testing. See Authorize Endpoint (the "test_*" parameters) or try out a practical demo at https://hid-mvcdemo-test.azurewebsites.net/ - use the developer tools in your browser to look at the HelseID requests.
If you have issues, we have a Slack-channel where we provide support. Please send a mail to kundesenter@nhn.no and ask to get access to the channel #ext-helseid.
Production
When your job is complete, and you want to launch your application in production, HelseID might want to perform a code review of the integration. This depends on your application, and what kind of information it secures.
It's a good idea to contact us as soon as your development is complete to determine whether a review is necessary.
Useful links
Getting started with HelseID
General information on HelseID
https://www.nhn.no/helseid/hva-er-helseid/
https://www.nhn.no/helseid/hvordan-ta-i-bruk-helseid/
Test environment for HelseID
https://helseid-sts.test.nhn.no/
Live demo of an application integrated with HelseID
https://hid-mvcdemo-test.azurewebsites.net/
Samples on Github
https://github.com/HelseID/HelseID.Samples
Form for requesting access to our test environment
For persontjenesten, use the form linked to below.
Services requiring HelseID
Persontjenesten
https://www.nhn.no/persontjenesten/kom-i-gang-med-persontjenesten/tilgang-for-systemleverandoerer/
https://kunde.nhn.no/Account/AgreementsLogin?signingJobName=testmiljoPersontjenesten
e-resept / Sentral Forskrivningsmodul (SFM)
https://e-resept.atlassian.net/wiki/spaces/ERDOK/overview?mode=global
Kjernejournal
VKP
https://ehelse.no/velferdsteknologi/velferdsteknologisk-knutepunkt-vkp