System user flow for Altinn 3.
Ported from wenche/systembruker.py in the original Python Wenche project.
Altinn 3 requires that end-user systems register themselves in the system register and create a system user for each organization they will act on behalf of.
Required options
All public functions require a :name option — a short, lowercase identifier
for the system (e.g. "kontira"). This is used to build the system ID
(<vendor_orgnr>_<name>) and as the display name in Altinn.
registrer_system/4 additionally requires a :description option — a map
with "nb", "nn", and "en" keys describing the system.
Configurable scopes
By default, the system requests rights for årsregnskap and aksjonærregisteroppgaven.
Additional scopes can be enabled via the :features option:
# Default — årsregnskap + aksjonærregister only
Wenche.Systembruker.rights()
# Include skattemelding scope
Wenche.Systembruker.rights([:skattemelding])Setup (run once)
registrer_system/4— registers the system in Altinn's system registeropprett_forespoersel/4— sends request to org for approval- User approves via confirmUrl in browser
For submission, use Wenche.Maskinporten.get_systemuser_token/2 to get a token.
Summary
Functions
Gets the status of a system user request.
Gets all approved system users for the system.
Creates a system user request for the organization.
Registers or updates the system in Altinn's system register.
Returns the list of resource IDs that the system requests access to.
Returns the raw rights structure used in Altinn API payloads.
Deletes (marks as deleted) a system from Altinn's system register.
Returns the system ID in the format <vendor_orgnr>_<name>.
Functions
Gets the status of a system user request.
Returns {:ok, response_map} or {:error, reason}.
Optional options
:env—"test"or"prod"(default:"prod")
Gets all approved system users for the system.
Returns {:ok, [system_user_map]} or {:error, reason}.
Required options
:name— short lowercase system identifier (e.g."kontira")
Optional options
:env—"test"or"prod"(default:"prod")
Creates a system user request for the organization.
Returns {:ok, %{id: uuid, status: "New", confirmUrl: url}} or {:error, reason}.
The user must go to confirmUrl and approve in the browser.
Required options
:name— short lowercase system identifier (e.g."kontira")
Optional options
:env—"test"or"prod"(default:"prod"):features— list of feature atoms to enable additional scopes (default:[])
Registers or updates the system in Altinn's system register.
Tries POST first. If the system already exists, uses PUT to update.
Required options
:name— short lowercase system identifier (e.g."kontira"):description— map with"nb","nn","en"keys
Optional options
:env—"test"or"prod"(default:"prod"):features— list of feature atoms to enable additional scopes (default:[])
Returns {:ok, response_map} or {:error, reason}.
Returns the list of resource IDs that the system requests access to.
Accepts an optional list of feature atoms to enable additional scopes.
Examples
Wenche.Systembruker.resource_ids()
#=> ["app_brg_aarsregnskap-vanlig-202406", "ske-innrapportering-aksjonaerregisteroppgave"]
Wenche.Systembruker.resource_ids([:skattemelding])
#=> ["app_brg_aarsregnskap-vanlig-202406", "ske-innrapportering-aksjonaerregisteroppgave",
# "app_skd_formueinntekt-skattemelding-v2"]Returns the raw rights structure used in Altinn API payloads.
Accepts an optional list of feature atoms to enable additional scopes. By default, only årsregnskap and aksjonærregisteroppgaven rights are included.
Supported features
:skattemelding— adds the skattemelding scope (app_skd_formueinntekt-skattemelding-v2). Lets the systemuser authenticate against Skatteetaten's/validerendpoint via Maskinporten. Submission still requires ID-porten — a system user cannot submit the skattemelding. SeeWenche.Skattemelding.
MVA-melding is intentionally not listed: Skatteetaten only supports ID-porten authentication for MVA (validation and submission), so it cannot be requested via a system user.
Examples
Wenche.Systembruker.rights()
#=> [%{"resource" => [...]}, %{"resource" => [...]}]
Wenche.Systembruker.rights([:skattemelding])
#=> [%{"resource" => [...]}, %{"resource" => [...]}, %{"resource" => [...]}]Deletes (marks as deleted) a system from Altinn's system register.
Returns :ok or {:error, reason}.
Required options
:name— short lowercase system identifier (e.g."kontira")
Optional options
:env—"test"or"prod"(default:"prod")
Returns the system ID in the format <vendor_orgnr>_<name>.