Resource Registry
The resource registry contains information about resources where Altinn Authorization is used for access management and control.
Type of resources
There are different types of resources that can be registrated
- GenericAccessResource
- MaskinportenSchema
- Systemresource
Later it will be possible to registrate
- Altinn 3 Apps
- Legacy Altinn 2 services for legacy archive authorization (not finalized)
Generic Access Resources
GenericAccessResources will be used as linkServices are used in Altinn 2.
The resource would be any type of service provided by public organiazations.
We used cpsv:PublicService as inspiration to the data model.
This also allows Felles datakatalog to consume the definition for their service catalogue
See full list in production.
Some examples
- API’s exposing data Example3 XACML
- Portal functionality in Altinn Example 1 XACML
- Portal functionality in external portal Example 2
- Samordna registermelding Example 4 XACML
- Avtale om Arbeidstrening Example 6 XACML
- Lakselus MaskinPortenSchema Example 7 XACML
Resource attributes
The below table list the attributes a resource has in the resource registry. For attributes defined i cpsv:PublicService there is a link to the description.
| Attribute | Beskrivelse | Used for i Altinn | Format | Mand. |
|---|---|---|---|---|
| identifier | Identifes the resource. | Altinn tjenestekatalog + Tilgangsstyring + Tilgangskontroll. | Unik og persistent. Fritekst, max ? tegn. Bør være lesbar. | Yes |
| title | The resource title | Altinn tjenestekatalog + Tilgangsstyring. (search) | Fritekst, max ? tegn, på alle språk (nb, nn, en) | Yes |
| description | Describes the resource. | Altinn tjenestekatalog + Tilgangsstyring (search) | Fritekst, max ? tegn på alle språk (nb, nn, en) | Yes |
| hasCompetent Authority | Resource owner (when public) | Altinn tjenestekatalog + Tilgangsstyring (search/filter) | Orgnr, tjenesteeierkode (fra A2), navn (nb, nn. en) | Yes |
| ownedBy | Resource owner (when private) | Ingen private tjenester i Altinn i dag, attributt brukes ikke. | Orgnr | No |
| contactpoint | Who to contact aboute the service | Altinn tjenestekatalog | epost, telefonnummer eller url til kontaktside | Yes |
| homepage | Homepage for service | Altinn tjenestekatalog | url | No |
| keyword | A keyword, term or phrase to describe the Public Service. | Altinn tjenestekatalog? | fritekst, max ? tegn. | No |
| status | Indicates the status of a service | Altinn tjenestekatalog? | Mulige verdier i henhold til standard: “Completed”, “Deprecated”, “UnderDevelopment”, “Withdrawn” | No |
| isPartOf | Linkes to related services | Altinn tjenestekatalog + Tilgangsstyring | cpsv:PublicService eller cpsvno:Service. Skal det opprettes tjenestegruppe? | No |
| spatial | Area the public service is available to | Altinn tjenestekatalog? | En av følgende EUvoc verdier: Continent, Contry, eller Place. Angivelse i Norge benyttes Administrative enheter | No |
| produces | Linkes to the outcome of a public service | Altinn tjenestekatalog? + Tilgangsstyring? | cv:output: id + Fritekst | No |
| rights Description | Describes the power of attorney given in access management | Tilgangsstyring | Fritekst, max ? tegn. | Yes, if delgatble |
| limitedByRRR | Defines if RRR will be used to controll access | Tilgangsstyring + Tilgangskontroll | Boolean | Yes |
| availableForType | Defines what type of party that can use service | Altinn tjenestekatalog + Tilgangsstyring | Mulige verdier: Privatperson, Juridisk enhet (foretak), Bedrift, Konkursbo, Selvregistert bruker | Yes |
| SelfIdentified UserEnabled | The user acting on behalf of party can be a selfidentifed users | Tilgangsstyring + Tilgangskontroll | Boolean? | Yes |
| Enterprise UserEnabled | The user acting on behalf of party can be an enterprise users | Tilgangsstyring + Tilgangskontroll | Boolean? | Yes |
| Reference | Referance to other IDs or values | Tilgangsstyring + Tilgangskontroll | Mulige verdier: SerivdeEditionCode, ServiceCode, MaskinportenScope, DelegationschemeID, AppID, Uri | No |
| Resourcetype | Type of resource. | Tilgangsstyring | Mulige verdier: Systemresource, MaksinportenSchema, GenericAccessResource | Yes |
| delegable | Indicates if a rights to perfome a service can be given to others | Tilgangsstyring | Boolean? | Yes |
| visible | Indicates if a service should be visable to users i GUI | Tilgangsstyring | Boolean? | Yes |
Policies
Polices defined for apps and resources will be stored by resource registry.
App Policies
The App Policies are policies for Apps created in Altinn Studio. The policy is created in Altinn Studio and migrated to the Access Policy component when the app is deployed to a test or production environment.
An app policy contains information about the different resources in an App and who and what kind of operations they are allowed to perform. The who is identified using Altinn Roles, Access Groups, or roles/groups from other sources.
Example
Resource Registry Policies
The resource registry policies are policies for resources that is not comming from Altinn 3 apps. It could be any functionality hosted on any platform.
Both digital and analog services can be registrated in the resource registry.
Administration from Altinn Studio
Construction
See construction components if you want to see how the component is built.