The authorization component contains a highly flexible policy decision point and policy retrieval point to authorize access to applications and Altinn platform components.

The authorization component as based on XACML 3.0 and support both simple and complex policies defined for applications.

The Policy Decision Point

The Policy Retriavel Point identifes the correct policy for a request

The context handler get all information needed to authorize the request.

The authorization component consist of a Policy Decision Point (PDP), Policy Retriaval Point (PRP) and is integrated with other external Policy Information Points.

Apps integrated with PDP to authorize access to applications.

It also provides list for possible parties that a user or organization could represent.