One login. Every product.
helpwave id is the identity layer underneath every helpwave product — and any third-party system you plug in. SSO, MFA, role-based access, audit trails, federated logins. Everything Keycloak does, with healthcare workflows on top.
Sign in to continue
Universitätsklinikum Aachen — Tenant ukaachen.helpwave.de
What's enforced
- MFA required for ward 4N
- Role: Attending · Cardiology
- Session: 8 h on-shift
- Audit log streaming → SIEM
Identity, done right for hospitals
Single sign-on
One identity across helpwave tasks, scaffold, assistant, netmanager and any SAML / OIDC system you bring with you. Federation with hospital AD, eHBA, and national health-IT directories.
Adaptive MFA
TOTP, WebAuthn passkeys, smartcard / eHBA, push approval. Step-up authentication when access is sensitive — and silent when it isn't.
Role & ward-aware access
RBAC + ABAC, scoped to scaffold's organizational hierarchy. A nurse on ward 4N sees ward 4N — and only ward 4N. Rotating shifts? helpwave id rotates the access with them.
Audit & compliance
Tamper-evident audit log of every authentication and authorization event. Stream to your SIEM, export to BSI / ISO / DSGVO reports — without writing a line of code.
Self-service for IT
Provision new staff in seconds, deprovision in one click. SCIM bridges to your HR system so leavers never linger. Your IT team stops being a ticket queue.
On-prem or hosted
Deploy in your data center next to the EHR, or let us run it in our German cloud. Same product, same APIs, same compliance posture.
Stop juggling logins. Start trusting them.
Bring helpwave id in once and the rest of your stack falls in line — including the systems you didn't buy from us.