Planned changes
As HelseID is a service that evolves over time, it is inevitable that certain parts of the service will eventually be changed or deprecated. The roadmap below shows the changes HelseID will make in the upcoming period and when changes will be implemented in test and production.
| Change | Description | Test | Prod |
|---|---|---|---|
Remove the endpoint clientinfo_endpoint |
This endpoint gives out metadata about a Client. The endpoint is scarcely used, and the metadata for a Client is readily available in HelseID Selvbetjening. | November 2024 | December 2024 |
| Reject implicit or hybrid flow | Reject all use of hybrid and implicit flow from clients. This only applies to old Clients that are not set up by use of HelseID Selvbetjening (self service). | November 2024 | December 2024 |
| Reject Shared Secret | Reject all clients attempting to use Shared Secret (client_secret) for client authentication. This only applies to old Clients that are not set up by use of HelseID Selvbetjening (self service). |
February 2025 | March 2025 |
| PKCE requirement | All clients with user login not using PKCE in the call to the Authorize endpoint will be rejected at runtime. | April 2025 | |
| PAR requirement | All clients with user login not using PAR will be rejected at runtime. | during 2025 |
Completed changes
| Change | Description | Test | Prod |
|---|---|---|---|
Change the typ header in Access Tokens |
The value of the typ header will be changed from JWT to at+jwt. |
October 2024 | November 2024 |
Remove old amr claim |
The old claim helseid://claims/client/claims/amr will be removed. The information will be replaced by the client_amr claim, which is already in production. |
October 2024 | November 2024 |
| Remove PREG | Personregisteret (PREG) will be deprecated in the test environment. All test persons will be fetched from Persontjenesten, which contains synthetic persons from SyntPop. | September 2024 | |
| Remove the old Test-IDP | The old Test-IDP will be removed. | October 2024 |