English summary of Maskinporten
Simple description of architecture
Maskinporten offers a simple security model for API’s, based on the OAuth2 protocol and the use of JWT-bearer grants, inspired by Google system accounts.
Maskinporten allows the API-owners to define access to their API’s, as scopes, based on the legal organization number of the consumer. This can be done through the self-service API or our self-service web-application.
Providing the correct access, the API-consumer may now create API-clients and add the provided scopes:
When the client(s) have been created, they can be used to recieve access_tokens and perform the API-calls.
API-consumers can manage their own client configuration and register new clients with scopes provided from the API-owners.
API-owners and consumers may use this service to manage access if the data provided by the API is regulated by law, and does not require consent by a user.
It is required that both the API-owner and the consumer uses self-service, either through the web application or the self-service API.