Last modified: May 30, 2023

Delegate API Access to a Supplier

Description of how service owner can delegate API accesses (scopes) to a subcontractor.

Certain service owners want a subcontractor to be able to act on their behalf, e.g. suppliers of specialist systems. To achieve that, these API accesses must be delegated to the provider using Altinn.

It is the service owner’s responsibility to remove the delegations themselves if the supplier no longer need access.

Delegation of API access to the supplier

As a service owner key role user (typically general manager aka DAGL), open “Access to the Application Programming Interface - API”.

Others with rights
Access to the Application Programming Interface - API

Add delegation
Start delegation

Add the supplier
Add the supplier's organization

Proceed
Proceed to the next step

Then the necessary rights must be granted.

  • Altinn Service Owner API: App Instances (full access) - provides access to scopes for both read and write.
  • Altinn service owner API: App instances (read access) - only provides read access.

Grant rights to supplier
Grant the necessary rights to the supplier

Proceed
Proceed to the next step

Confirm
Confirm

To the overview
Go back to the overview

Removal of delegation

Delegations that have been made can also be removed. If a supplier no longer needs API access, it is the service owner’s responsibility to remove these.

Remove rights
Tap \"Edit Access\"

Select rights to remove
Select rights to remove

Save changes
Save changes

Undo remove rights
It is possible to undo the removal of rights

The overview page shows the remaining delegations
The overview page shows the remaining delegations

Scopes

Delegation gives access to these scopes for the supplier:

altinn:serviceowner/instances.read
altinn:serviceowner/instances.write