Our main goal here at HelseID is to make it easier for you and your organization to securely share and consume health information.
Our stake in security is focused on the authentication of the end-user and the system the end-user uses to get health information from APIs.
Strong authentication of end-users (health personnel) for your applications and systems
Threat modelling
Attacker modelling
Measures and mitigations for well-known threats and attacks on the mechanisms we provide
We want to help you make the correct choice regarding security mechanisms, and provide tools and mechanisms that help you
Guidance and advice for building secure APIs and API clients
Choosing the right authentication for users
Choosing the right authentication for your API-clients
HelseID provides Access Control to your endpoints, and provides and enforces Client Authentication.
Through our self service we also provide a trustworthy relation to the organization that uses the API-client software
Access control for API-clients
Authorization on resource level (scopes)