Last modified: Jul 15, 2026

Integrations and dependencies

Boundaries towards other Altinn teams, shared services and data sources.

This page describes why dependencies exist and which trust crosses a system boundary. It is not a setup guide for external consumers.

DependencyUse in the systemOwnership and boundary
ID-portenIdentity proofing for interactive usersExternal shared service; Authentication is the relying party
MaskinportenAuthentication of organisations and client systemsExternal shared service; client administration is not owned by the team
Altinn Access TokenPlatform token format/service in relevant flowsOwned by Team Platform
Altinn Studio/AppsPolicy administration and PEP close to the appOther component/team ownership; Authorization provides decisions
External role and register sourcesBasis for parties, roles, guardianship and representationSource authority is outside the system
PostgreSQLPersistence for several authorization components and Audit LogComponent schema and lifecycle boundaries must be respected
Azure Storage QueueAsynchronous transport of audit eventsDelivery, duplicates and failures require explicit handling

Trust in tokens

A token is not an authorization decision. Authentication validates the evidence and establishes identity context. Authorization then combines identity with representation, resource, rights and policy.

Ownership when contracts change

Changes to contracts across system boundaries require coordination with the other owner. This particularly applies to token claims, party identifiers, resource identifiers, event formats and decision-request semantics.