Define authorization rules
How to define the authorization rules for a application
Authorization rules for a App is defined as a XACML Policy file defined in the application repository.
The XACML Policy contains one or many rules that defines who can perform a given operation on different resources.
The XACML file can by modified by any editor.
Modifying Template Rules
The current asp.net template contians a XACML Policy file that is created when a new app is created in Altinn Studio
Modifying required roles
The standard XACML files is defined so that the managing director (DAGL) can perform the operation. This role code needs to be change to the correct one depending on user scenario.
Modifying authentication level
The needed authentication level is defined like a obligation in the XACML policy. See XACML documentation for Altinn Apps to see how that is configured.