Maskinporten¶
Status: Opt-In Open Beta
This feature is only available in team namespaces
Abstract¶
Abstract
Maskinporten is a service provided by DigDir that allows API providers - in this case, external agencies - to securely enforce server-to-server authorization of their exposed APIs using OAuth 2.0 JWT grants. It allows API providers to model access policies by using scopes based on the organization numbers of the consumers.
The NAIS platform provides support for declarative registration of Maskinporten resources. These cover two distinct use cases:
For API consumers: - a client that your application may use to integrate with Maskinporten, and in turn consume services and APIs served by external agencies
For API providers: - user-defined scopes within Maskinporten that are exposed to and consumable by other organizations that are granted access.
Client¶
If you want to consume an external API, you'll need a client.
Scopes¶
If you want to expose an API to external consumsers, you'll need to define scopes.