Scopes supporting Bearer authentication will be decommissioned and will only be available in a transition phase.

Description

Scope

Authentication

Api version

SFM portaler og integrasjoner2

Used for SFM Portals: SFM Data Sharing API and SFM Basis API.

Requires DPoP.

e-helse:sfm.api/sfm.api2

DPoP

v2

SFM migrering2

Used for the first time uploading patient and organization data from the EPJ system to SFM.

Requires DPoP.

e-helse:sfm.api/sfm-migrering.api2

DPoP

v2

SFM portaler og integrasjoner

Used for SFM Portals: SFM Data Sharing API and SFM Basis API.

Deprecated, supports only Bearer.

e-helse:sfm.api/sfm.api

bearer

--

SFM migrering

Used for the first time uploading patient and organization data from the EPJ system to SFM.

Deprecated, supports only Bearer.

e-helse:sfm.api/sfm-migrering.api

bearer

--

Claim

Description 

Mandatory

aud

e-helse:sfm.api

Yes

scope

Must contain one of the SFM scopes

Yes

nhn:sfm:journal-id     

Mandatory for multitennant clients

Yes*

e-helse:sfm.api/client/claims/sfm-id

Only used for singletenant clients

Yes*

helseid://claims/identity/pid

Represents national id of person that is logged in. This needs to be a Fnr or Dnr.

Yes

helseid://claims/hpr/hpr_number

Yes

helseid://claims/identity/security_level

Must be 4

Yes

helseid://claims/client/claims/orgnr_parent

Must always contain the top level of an organization in Brreg.

Yes

helseid://claims/client/claims/orgnr_child

Recommended to be a suborganization (underenhet).

Optional

helseid://claims/client/claims/orgnr_supplier

Indicates the owner of the HelseID client, usually vendor or supplier org. For multitennant, this number MUST correspond to a preregistered supplier in SFM. 

Yes

helseid://claims/client/client_tenancy

 is multi or single If missing, it will be interpreted as single.

Optional