Description of the JWT Format used in Altinn Studio, Altinn Platform and Altinn Apps
The format that is choosen for JWT tokens is RSA256. This is a asymetric algorithm where the Authentication component in Altinn Platform generates tokens based on a private key in a certificate, and everyone can validate the token with the public key.
Altinn Platform and Altinn Apps support JWT tokens as bearer tokens in Authorization header and as JWT Tokens inside cookie.
The cookie will be used when users access application with a frontend in Altinn Apps. (typical REACT application). The bearer token will be used when the user access throug mobile apps or external systems.
The below screenshot shows how a JWT Token can be verified at jwt.io
Claims in token
The internal Altinn userId for the authenticated user
The social security number
The authentication level used when user logged in
The authentication method used when user logged in
end user system Id
The internal ID for end user system
The internal PartyID for system owner