Self service and terms of use

On this page you will find information about HelseID Selvbetjening (self-service) and the terms of use for HelseID.

Access to the test environment

To gain access to the test environment for HelseID, you must log in to the test environment for HelseID Selvbetjening (self-service).

If you encounter problems during the development process, we recommend that you contact us on our Slack channel. Send an e-mail to kundesenter@nhn.no, and ask for access to the channel #ext-helseid.

The Test token service (Test-token-tjenesten)

If you wish to test an API, you can use the HelseID Test-token-tjeneste in order to get tokens for testing.

Access to the production environment

In order for you to use your software against the HelseID production environment, the following steps must be followed:

  • Your company must be an approved third-party supplier for NHN
  • Your company must have signed the terms of use for HelseID
  • You must have set up access to HelseID Selvbetjening (self-service) in production (see below)
  • Your software must have been approved for use against HelseID with a code review (see below)

Terms of use for HelseID

Signing the terms of use for HelseID gives your company a set of responsibilities and tasks, including:

  • responsibility for information security
  • responsibility for testing and approval
  • notification of incidents and incident handling
  • use of crisis and emergency plans
  • stay up-to-date on changes to HelseID's security profile and introduce relevant changes to the software

HelseID Selvbetjening (self-service) in production

In order to create a client or API configuration in HelseID, you must have gained access to the production environment for HelseID Selvbetjening. For third-party suppliers who want to develop a HelseID client, information on how to make a system available in production can be found in this document.

Code review

Before you can go into production with your software, you must have passed a code review. In such a review, someone from the HelseID team goes through the relevant code and confirms that it has been made in accordance with the requirements of the Security Profile of HelseID.