solution

Solution-Specific (functional) Application Components

Functionality in Altinn is distributed between five different solutions Altinn Studio - The new application development solution Altinn Apps - The new hosting and infrastructure solution for applications Altinn Platform - The new supporting platform solution SBL - The old hosting solution for InfoPath services TUL - The old app development solution The diagram below shows where functionality is located in the five different solutions: Full screen | Visio »

Application architecture authentication component - Altinn Platform

The solution is available at https://platform.altinn.cloud/authentication/api/v1. Authenticate user The authentication resource enables authenticating a user and redirecting it to another Altinn-url. If the user is not authenticated already it will be sent to the login page before redirecting the user to its final destination {url}. GET /authentication?goto={url} Refresh a valid JwtToken GET /refresh Exchange a JWT token from an external token provider Accepted providers include: maskinporten and id-porten. Request must include a bearer token in the authorization header. »

Altinn Platform - Authorization

The authorization components are based on attribute based access control (ABAC). In short, a request is authorized based on attributes for the request. Eg what data element is the user accessing, who owns it, what type of data element, and so on. The authorization architecture for the Altinn Platform is based on the XACML reference architecture. The following diagram describes the different solution components that provide Authorization capabilities. This architecture defines the following components. »

Non-Solution-Specific

Development Applications Development Applications are used by the devops team to support the different development capabilities required. Operations Application Operations Applications are used by the devops team for supporting the different operation and management capabilities required »

Application architecture Events component - Altinn Platform

See event capabilities for functional description of the platforms event capabilities. The solution is available at https://platform.altinn.cloud/events/api/v1. API Structure The API’s will be structured so the URLs are filtered queries into the events storage. TODO: Verify proposed API structure Instances events for Org Endpoint GET path: platform.altinn.no/events/api/v1/app/{org}/{appName} Usage This will be used by application owners to identify changes on instances for their applications. Authorization We will use scopes from Maskinporten to authorize access. »

Application arhicture profile component - Altinn Platform

The profile component is an ASP.Net Core MVC Application exposing REST-API to Altinn Apps. The profile solution is now available locally at http://platform.altinn.cloud/profile/api/v1 and all resources are avaiable through endpoints defined below. Resources: users /users A user is the entity which is logged in in Altinn and performs actions for on behalf of an instance owner. User type Attribute Type Description UserId int user ID UserName string username set by the user PhoneNumber string phone number Email string email address PartyId int party ID Party Party party object that represents the user UserType UserType user type ProfileSettingPreference ProfileSettingPreference object containing the users profile setting preferences Operations Get information about a user from user id: »

Application arhicture register component - Altinn Platform

The register component is an ASP.Net Core MVC Application exposing REST-API to Altinn Apps. The solution is now available at https://platform.altinn.cloud/register/api/v1 and all resources are avaiable through endpoints defined below. Resource: Organizations, Parties, Persons /organizations Get information about an organisation: Organization type Attribute Type Description OrgNumber string the organisation number nine digits Name string the registered name of the organisation UnitType string TelephoneNumber string the telephone number MobileNumber string the mobile number FaxNumber string the fax number EMailAddress string the email adress InternetAddress string the url for a web site MailingAddress string the adress for sending mail to the organisation MailingPostalCode string the postal code for sending mail to the organisation MailingPostalCity string the city for sending mail to the organisation BusinessAddress string the address of the daily business BusinessPostalCode string the postal code for the daily business BusinessPostalCity string the city for the daily business Operations GET /organizations/{orgNr} /persons Person type Attribute Type Description SSN string Social security number Name string the person’s full name FirstName string the person’s first name MiddleName string the person’s middle name LastName string the person’s last name TelephoneNumber string telephone number MobileNumber string mobile number MailingAddress string mailing address MailingPostalCode string mailing postal code MailingPostalCity string mailing postal city AddressMunicipalNumber string adress municipal number AddressMunicipalName string adress municipal name AddressHouseNumber string address house number AddressHouseLetter string address house letter AddressPostalCode string address postal code AddressCity string adress city Operations Get information about a person: Send a GET-request with the persons SSN contained in the request body to »

Altinn Platform - Storage

The Storage component exposes a REST-API to Altinn Apps. Storage is mostly used by the app-backend to store information about instances and their data elements. It provides a registry of all applications metadata, data types and events. It is also intended to be used by organisations and other clients to read data. Resources: Instance, Application, DataType, ApplicationLogic, InstanceEvent, ApplicationEvent, MessageBoxInstance, ProcessHistory. Instance An application instance is created when a instance owner (reportee) starts a process in an Altinn application. »

Altinn Apps

The applications has a web native architecture and is deployed to Kubernetes Clusters as docker containers. The Kubernetes clusters are isolated between the different applications owners and hosted in a public cloud solution making it highly scalable. App Description of the app created in Altinn Studio and that is deployed to Altinn Apps. »