Getting Started with Fullmakt API

This service acts as a reverse proxy between yourself and Helsenorge's PVK Fullmaktinformasjon API.

See Helsenorge's PVK Fullmaktinformasjon for detailed developer documentation.

Authentication and Authorization

TL;DR: You must obtain a HelseID access token that is DPoP-bound and use it on every request with a matching DPoP proof.

Helse ID Client Configuration

You first need to set up a client in Helse ID Self-Service where you request access to the correct API, and enable the required scopes.

  • API: Fullmakt
  • Audience: nhn:fullmakt
  • Scope: nhn:fullmakt/read

We support most known OAuth flows, including:

  • Single-Tenant Client Credentials with DPoP
  • Multi-Tenant Client Credentials with DPoP
  • Authorization Code + PKCE with DPoP
  • Token Exchange

Regardless of which flow you're using we use the following claims for audit purposes;

  • Required
    • client_id
    • helseid://claims/client/claims/orgnr_parent
  • Optional
    • helseid://claims/client/claims/orgnr_child
    • helseid://claims/client/claims/orgnr_supplier

See the official Helse ID Documentation for details on how to implement your desired client flow.

Environments

Our API is available in two environments; test and production.

Environment Helsenett Internett
Test https://api.test.fullmakt.nhn.no Not Available
Production https://api.fullmakt.nhn.no Not Available