The Authorization endpoint

The Authorization endpoint is available at the path /connect/authorize relative to the authority. For instance, the Authorization endpoint in the test environment will look like this:

https://helseid-sts.test.nhn.no/connect/authorize

The Authorization endpoint performs authentication of the user. This is done by using a web browser and send it to the Authorization endpoint in HelseID. HelseID will then authenticate the user by inspecting the parameters that was sent to the endpoint, and by sending the user to an IDP of choice.

Using the PAR (Pushed Authorization Request) endpoint

The following parameters are required:

• client_id: An identifier for the Client. You will receive this value from HelseID Selvbetjening.
• request_uri: The request URI that was sent in the PAR endpoint response

Response from the Authorization endpoint

Once the user is logged in, the browser will go to the redirect_uri that your client has sent to the PAR endpoint.

A success response from the Authorize endpoint will contain the following parameters:

https://your.software.com/callback?code=79EA0CAE054C5D1806FE6D7D6E8B78F9D82BED5AA7C018FCD0870716C8474CF7-1&
state=lIrgjj1COYdYNmKgCsli4w&
iss=https://helseid-sts.test.nhn.no&
session_state=voqqGDJDzOhYvLV2qva3c82HHijIVDZwlz4Wdk4rn130CB6CB113D3BCF6300B4103B00F065E

• code: The "Authorization Code" that should be passed on to the Token endpoint
• state: The state value that is set in the PAR endpoint
• iss: Issuer: identifies HelseID as the source
• session_state: Not used in HelseID