HealthVault and certificates


One of the confusing parts about HealthVault development has to do with certificates. If you’ve never worked with certificates, you might want to read this.


Under HealthVault, information is controlled based on three keys



  • The user id

  • The record id

  • The application id

The user id is determined by who is logged into HealthVault. The record id identifies a specific health record, and is necessary because HealthVault allows “custodial” access (my mother might grant me access to her record, for example).


The application id uniquely identifies an application to the HealthVault server, but the application id isn’t enough for the server to know that the application id *really* came from the application that we think it was.


That authentication is provided using a certificate that is registered by the server. Through a bit of public/private key magic, the HealthVault server can authenticate that the request really is coming from the proper application.


That has a few consequences for application development.


First, it means that you need to use an application id and certificate that the server recognizes to do your development. The development server recognizes the application id and certificates for the sample apps, so you are free to use those during your initial development.


That certificate must be registered and accessible to the web server process that’s running on the machine. If you look in the ‘cert’ directory of the samples, you’ll find a readme that explains this. Note that if you are developing with the VS web server, you need to grant NETWORK_SERVICE the access, while if you’re using IIS, you need to grant access to ASPNET.


Using one of the sample certificates is what we call the “anonymous development scenario”.


I omitted many details, but that’s the basic idea.


 

Comments (3)

  1. HealthVault says:

    A short introduction to certificates and how they relate to HealthVault HealthVault and Certificates

  2. Jim says:

    Eric, I’m interested in the application id. Is there a way to securely identify that the code that is running against the healthvault server is actually created by the original vendor. Surely anyone can spoof an application?

  3. Jim,

    Another application could use the same application id, but it would not have access to the proper cert, and therefore it would not be validated.