Introduction

Journalføringstjenesten (JFT) offers APIs for submitting and retrieving events to be added to the related patient's health records on a per-municipality level. The figure below shows the typical information flow.

1. Events are recorded by welfare technology equipment and sent to a response center
2. The response center submits the event to JFT, and the event is added to JFT's event store
3. The municipality EHR system for health and care is synchronising with JFT, adding new events to the health records.

APIs

There are two APIs:

• WriteAPI: Endpoints for submitting new events and updating status
• ReadAPI: Endpoints used to search for events

Events are represented using the FHIR standard, version R4. OpenAPI documentation is available on the /swagger endpoint in the Test environments.

Access control

Authentication with HelseID

Accessing the JFT APIs requires clients to be authenticated using HelseID and DPoP (Demonstrating Proof-of-Possession):

1. Scope: Clients must request access to scope nhn:jft/api
2. DPoP required: Only requests including DPoP-tokens are accepted
3. Authorization header: Access token must be sent usingDPoP prefix (i.e. not Bearer)
4. DPoP-Proof: Requests must include a DPoP-header with signed proof generated by the client

See HelseID Dokumentasjon - DPoP for implementation details.

HelseID runtime checks in Test environment

It is possible to make reservations for synthetic test units and simulate service offers in the Test environment. See HelseID self-service for more information.

We have also made some test data available. See here for more information.