Our main goal here at HelseID is to make it easier for you and your organization to securely share and consume health information.
Our stake in security is focused on the authentication of the end-user and the system the end-user uses to get health information from APIs.
Strong authentication of end-users (health personnel) for your applications and systems
Threat modelling
Attacker modelling
Measures and mitigations for well-known threats and attacks on the mechanisms we provide
We provide security mechanisms and give you important information that you can use in runtime to make sure you only share information with the correct party.
Guidance and advice for building secure APIs and API clients
Choosing the right authentication for users
Choosing the right authentication for your API-clients
HelseID provides access control to your endpoints, and authenticates your clients to help you keep your data safe. Through our self service we also provide a trustworthy relation to the organization that uses the API-client software.
Access control for API-clients
Authorization on resource level (scopes)