App Registration for Noah ES Apps

The Client Application which may be a native application or a browser based application will request the user via the default web-browser to be authenticated against HIMSA's IDP, which supports the OIDC specification (
Different types of client applications (native applications or a browser based applications) will have different recommended authentication flows related to their ability to 'keep a secret'.

When one wants to register an Application with Noah ES, they need a Client ID, and potentially a Client Secret, which will be required for utilizing the Noah ES API.

Some application types may also need to specify any CORS ( related requirements during the registration to obtain a ClientId - this will apply to certain browser based application types.
It must be decided which application types (e.g. native application or browser based applications … etc.) that will be supported in order to ensure that the IDP in conjunction with the NoahES Web API is configured correctly to support the required authorization flows.

To obtain a Client ID and/or Client Secret for your application, please create a support ticket here:

Please choose: “Noah ES App Registration Form“


Information needed when you create the ticket:

App Name: The name of your Application

Company Name: The name of your Company

Contact Email: The E-mail address that you want HIMSA to contact in case there are any important messages relevant to your Application

Contact Phone Number: The phone number that you want HIMSA to contact in case of emergencies relevant to your Application

Client Type: You need to provide information about the type of your client/application. HIMSA differentiates between 4 kinds :

  • Native Applications: These applications include mobile, desktop, or hybrid apps running natively on a device (e.g., i0S, Android).

  • Single-Page Web Applications: These applications include JavaScript apps that perform most of their user interface logic in a web browser, communicating with a web server primarily using APIs (e.g., AngularJS + Node.js or React).

  • Regular Web Applications: These applications are traditional web applications that perform most of their application logic on the server (e.g., Express.js, ASP.NET).

  • Machine-to-Machine Applications: These applications include non-interactive applications, such as command-line tools, daemons, IoT devices, or services running on your back-end.

App Type: You will also need to provide Noah-related information about your application. HIMSA differentiates between 4 app types :

  • User Interactive Apps

  • Service Apps

  • Business System User Interactive Apps

  • Business System Service Apps

Module ID: Your ModuleId - if this is an unknown term to you, read this:

RedirectURI (Context-based): This is where your application receives and processes the response from the IdP, and is the URL to which users are redirected once the authentication is complete. In case you need multiple redirect URLs, please separate them with commas like below.