Altinn Platform - Authorization
Authorization is used by the applications to authorize an action requested by the logged in user on a given resource and to retreive policy information.
På denne siden:
The Authorization component exposes a REST-API to Altinn Apps. Use the authorization API to manage authorizations in altinn platform.
Resources: Actor, Roles
A party is a person whom you can represent and perform a request on his behalf. A logged in user can retrieve a list of parties that he/she can represent.
Get a list of parties that the user can represent. The userid is sent as parameter.
Validate that a given user is allowed to represent a given party. The partyid and userid are sent as parameters.
A role in altinn offers or denies right to the logged in user to perform an action or group of actions for him or on behalf of someone.
Get a list of roles that the user can perform for the selected party.
A set of polices contains authorization rules.
Stores / updates rules for a given app, defined in the query string. The rules are sent in the body of the request. Reade more about the policy format.
Attribute Based Access Control
Description of the Authorization Architecture for Altinn Platform
The responsibility for the Context Handler is to enrich a decision request from a PEP to PDP.
Policy Administration Point
Description of Policy Administration Point for Altinn Platform
Policy Decision Point
Description of the Authoirzation architecture
Policy Information Point
Description of Policy Information Point for Altinn Platform.
Policy Retrieval Point
The Policy Retrieval Point is the functionality where Policy Decision Point (PDP) can retrieve the rules defined for a app resource.
XACML - Altinn Studio
XACML stands for "eXtensible Access Control Markup Language".