Using Microsoft.Health.Web.dll in an ASP.NET application requires various permissions and security demands to work properly.  Some hosting providers will only allow ASP.NET applications to be hosted in a medium trust environment which doesn’t offer all the required permissions.  If this situation occurs you must negotiate with the hosting provider to get the following permissions for your application.


·         System.Web.AspNetHostingPermission

·         System.Security.Permissions.EnvironmentPermission

·         System.Security.Permissions.FileIOPermission

·         System.Security.Permissions.ReflectionPermission

·         System.Security.Permissions.RegistryPermission

·         System.Security.Permissions.KeyContainerPermission

·         System.Security.Permissions.SecurityPermission


In addition, certain features exposed through Microsoft.Health.Web.dll and Microsoft.Health.dll require additional permissions or security demands.



·         SerializationFormatter – All .NET API exceptions support serialization using the GetDataObject virtual method which requires a LinkDemand for SerializationFormatter

·         Full trust required to call HealthRecordItem.ValidateCertificate() and HealthRecordItem.IsSignatureValid() and will fail in partial trust environments.



·         AspNetHostingPermissionLevel.Minimal – LinkDemand and InheritanceDemand required to use HealthRecordItemDataGrid

·         AspNetHostingPermissionLevel.Minimal – LinkDemand and InheritanceDemand required to use HealthServicePage