:
Last modified: Mar 28, 2024

Solution

Authorization

The typical scenario is that some event will be triggered, or data will be read, updated, or created by a digital or analog service. A service owner owns this service and has defined some business rules for who is allowed to use the service. This service needs to control who can access and modify data. Altinn Authorization provides the capability to verify and enforce this. User scenario Users and organizations get rights to access a service from defined rules and policies. »

Altinn 3 Broker

This is work in progress Altinn Broker IntroductionIntroduction to the Altinn Broker Service. Altinn Broker ConceptsAltinn 3 Broker Concepts and terms. Altinn 3 Broker Capabilities and FeaturesAltinn 3 Broker Capabilities and Features System InterfacesAltinn 3 Broker System Interfaces Solution Architecture - Managed File TransfersAltinn 3 Broker Solution Architecture - Managed File Transfers (MFT) Altinn 3 Broker Advanced Use CasesAltinn 3 Broker Advanced Use Cases Altinn 3 Broker Future ExtensionsAltinn 3 Broker Anticipated and Possible Future Extensions »

Components & Modules

In 2022-2026, Altinn will modernize its authorization architecture and components. Therefore, the below description is a mix of as-is and to-be. Altinn uses attribute-based access control (ABAC). In short, Altinn authorization control access through rules defined in XACML Policies. Each rule defines which resource the rule describes, what operation, and who can perform it. Altinn Authorization - Components The diagram below shows the future components of a new Altinn Architecture. »

Altinn 3 Correspondence

This is work in progress Altinn 3 Correspondence IntroductionAltinn 3 Correspondence Introduction Altinn 3 Correspondence RequirementsAltinn 3 Correspondence Requirements Altinn 3 Correspondence Architecture PrinciplesAltinn 3 Correspondence Architecture Principles Altinn 3 Correspondence Technical StandardsAltinn 3 Correspondence Technical Standards Altinn 3 Correspondence Solution ArchitectureAltinn 3 Correspondence Solution Architecture Altinn 3 Correspondence Advanced use casesAltinn 3 Correspondence Advanced use cases Altinn 3 Correspondence Possible Future ExtensionsAltinn 3 Correspondence Possible Future Extensions Altinn 3 Correspondence SecurityAltinn 3 Correspondence Security »

Altinn Broker Introduction

What is Altinn Broker? The main use case for Altinn Broker is Managed File Transfer (MFT). It facilitates secure transmission of files of any size from one provider to one or more consumers. As such, it offers many benefits compared to alternative ad-hoc peer-to-peer file transfer solutions. Figure 1: Main use case of Altinn Broker illustrated. File F1 is conveyed from a provider to one or more consumers via intermediate storage While transfer of individual files is the main use case and original purpose of Altinn Broker, Altinn 3 Broker has been designed with some more advanced use cases and possible future extensions in mind. »

Notifications

API Public API The following API controllers are defined: OrdersController: API for retrieving one or more orders with or without processing details and notification summaries EmailNotificationsOrdersController: API for placing new email notification order requests EmailNotificationsController: API for retrieving email notifications related to a single order SmsNotificationsOrdersController: API for placing new sms notification order requests SmsNotificationsController: API for retrieving sms notifications related to a single order Internal API The API controllers listed below are exclusively for use within in the Altinn organization: »

Altinn Apps

The applications has a web native architecture and is deployed to Kubernetes Clusters as docker containers. The Kubernetes clusters are isolated between the different applications owners and hosted in a public cloud solution making it highly scalable. »

Notifications email

Integrations Kafka The Notifications email microservice has an integration towards a Kafka broker, and this integration is used both to publish and consume messages from topics relevant to the microservice. Consumers: The following Kafka consumers are defined: SendEmailQueueConsumer: Consumes email objects with recipient data that are ready to be sent EmailSendingAcceptedConsumer: Consumes pairs of notification and communications services operation ids Producers: A single producer KafkaProducer is implemented and used by all services that publish to Kafka. »

Notifications sms

API Public API DeliveryReportController Endpoint receiving delivery reports in XML-format from SMS provider. The controller is protected with basic authentication. Integrations Kafka The Notifications sms microservice has an integration towards a Kafka broker, and this integration is used both to publish and consume messages from topics relevant to the microservice. Consumers: The following Kafka consumers are defined: SendSmsQueueConsumer: Consumes sms objects with recipient data that are ready to be sent Producers: A single producer KafkaProducer is implemented and used by all services that publish to Kafka. »