How do I, as a developer, get started with HelseID
This is a developer-centric introduction to get started with HelseID integration.
First, get your product owner or similar to read this (Norwegian). Some non-technical stuff has to happen before your application or API can go into production. These actions can be performed while the application is developed.
Preparation
Read up on the protocols OpenID Connect and OAuth! You can find some information elsewhere on this site, but if you google the protocols there is a lot of excellent introductions floating around. Okta has a good one. HelseID is fully compliant with the protocols.
To see the protocol mechanisms we support, please refer to our discovery document here https://helseid-sts.nhn.no/.well-known/openid-configuration.
Before you start you must understand what you want to acheive by using HelseID. The most common scenarios are:
I want my users in the Norwegian Health sector to log on to my application using HelseID, possibly using Single Sign-on
I want to share data through the use of an API, and use HelseID and OAuth to secure it.
I want to access an API secured by HelseID
All of the above
When you are ready you need to fill in this form to get access to our test environment. We will provide you with the necessary information to get up and running.
Note: If you want to integrate with Persontjenesten, use this form instead.
We have several test environments. They are available on the internet and on Helsenett. You will get more information about this after we have completed your setup.
Development
We provide some code samples on Github to get started. These samples are written in .NET, but most other frameworks have mature OpenID Connect and OAuth libraries.
If you are implementing user authentication you should take a look at our "TestIDP" which provides a way to simulate user login without the need for actual test users. You can even automate your logins for automatic testing. See Authorize Endpoint (the "test_*" parameters) or try out a practical demo at https://hid-mvcdemo-test.azurewebsites.net/ - use the developer tools in your browser to look at the HelseID requests.
If you have issues please contact us on our Slack-channel where we provide support. Send a mail to kundesenter@nhn.no and ask to get access to the channel #ext-helseid.
Production
When your job is complete, and you want to launch your application in production, HelseID might want to perform a code review of the integration. This depends on your application, and the sensitivity of the information it secures.
It's a good idea to contact us as soon as your development is complete to determine whether a review is necessary.
Useful links
Getting started with HelseID
General information on HelseID
https://www.nhn.no/helseid/hva-er-helseid/
https://www.nhn.no/helseid/hvordan-ta-i-bruk-helseid/
Test environment for HelseID
https://helseid-sts.test.nhn.no/
Live demo of an application integrated with HelseID
https://hid-mvcdemo-test.azurewebsites.net/
Samples on Github
GitHub - NorskHelsenett/HelseID.Samples
Form for requesting access to our test environment
For persontjenesten, use the form linked to below.
Services requiring HelseID
Persontjenesten
https://www.nhn.no/persontjenesten/kom-i-gang-med-persontjenesten/tilgang-for-systemleverandoerer/
https://kunde.nhn.no/Account/AgreementsLogin?signingJobName=testmiljoPersontjenesten
e-resept / Sentral Forskrivningsmodul (SFM)
https://e-resept.atlassian.net/wiki/spaces/ERDOK/overview?mode=global
Kjernejournal
VKP
https://ehelse.no/velferdsteknologi/velferdsteknologisk-knutepunkt-vkp