Altinn Events API
An overview of the Altinn Events API
The Altinn Events API is an HTTP-based RESTful API that provides endpoints and actions for publishing of events and subscribing to events from Altinn 3 Apps and other registered sources.
Base URL
The following base urls correspond to each environment
AT (Private Altinn acceptance test environment)
https://platform.{environment}.altinn.cloud/events/api/v1
TT02 (Application owner test environment)
https://platform.tt02.altinn.no/events/api/v1
Production
https://platform.altinn.no/events/api/v1
Authentication & Authorization
Altinn token
The Events API is secured using OAuth2 and all requests must include a valid Altinn token either in the Authorization header or in the AltinnStudioRuntime cookie.
For clients within the Altinn eco-system representing an external user or organization, the Altinn token in an incoming request can be forwarded to the Events API.
If you are using the API from an external system you will need to generate a Maskinporten or ID-Porten token and exchange this for an Altinn token before calling the Events API.
Below are two guides on how to achieve this.
Maskinporten scopes
Some endpoints in the API may require additional authorization in the form of a Maskinporten scope. A scope represents a permission that a consumer has access to.
You can connect a given set of scopes to the specific Maskinporten integration instance that provides your API client with Maskinporten tokens upon request.
Platform Access token
The access to a subset of endpoints in the API is limited to callers within the Altinn ecosystem. These APIs require additional authorization in the form of a Platform Access Token.
Please reference developer documentation for the client system on how to generate the token.
Private APIs
The API contains a set of private APIs that are only accessible within the Events-component. These are marked as Private API in the OpenAPI specification and require an access token in the request header.