Description of the encryption architecture
On this page:
Apps hosted in Altinn Apps could cover lots of functional scenario. For statefull apps where the App store data in Altinn Platform in the Storage component, the type of data could be data that is 100% public to highly sensitive data.
The Org that creates the App, would based on the type of data have spceial requirements for encryption to support their Confidentiality requirement for the data.
The storage component uses Azure Cosmos DB and Azrue Blob storage to store data for apps. In Cosmos metadata about instance data is stored, while in Azure Blob Storage.
Azure Cosmos DB encryps all data at rest. This is transparent for Altinn Platform. See documentation about Azure Cosmos DB
Azure Blob storage encrypts all data at rest. This is transparent for Altinn Platform. Blog storage support customer managed keys.