Last modified: Dec 15, 2023

Altinn 3 Broker Security Controls

Altinn 3 Broker Security Controls - Summary

On this page:

This is work in progress.

Authentication and Authorization

Maskinporten and Altinn Authorization



Virus check

  • Configurable per transfer via intitalization

In-transit protection

Encrypted file transfers with TLS/HTTPS.

At rest protection

Encrypted Broker File Storage; ref. Azure Storage encryption for data at rest | Microsoft Learn.

Encrypted Broker Metadata Storage, Metadata storage using the PostgreSQL Database. Detalis TBD

TBD: Specific encryption solution… firewall, not V-net…

Alternative file storage solutions


DDoS attack prevention

DDoS attack prevention via Azure API Management.


Private cloud hosting

On-premises hosting

Coding practices

TBD Open source

Key Vault

Azure Key Vault, Private keys, internals… identities (hidden tokens); secrets, Altinn authentication