Skip to content

Add authenticity validation for NotificationCallbackController anonymous endpoint #1704

Closed
Closed
Add authenticity validation for NotificationCallbackController anonymous endpoint#1704
Assignees
HauklandJ
Labels
squad/dataIssues that belongs to the named squad.
@coderabbitai

Description

@coderabbitai
coderabbitai
bot
opened on Mar 18, 2026

Summary

NotificationCallbackController is marked [AllowAnonymous], exposing the callback endpoint to unauthenticated callers without any compensating validation (e.g. Maskinporten token, HMAC signature, or shared secret).

This must be addressed before final release.

What needs to be done

  • Implement explicit callback-origin verification (e.g. Maskinporten token validation) in the controller or as a filter/middleware.
  • Reject requests that fail validation with 401/403 and log the failure.
  • Add tests asserting that requests without a valid token/signature are rejected.

References

Metadata

Metadata

Assignees

Labels

squad/dataIssues that belongs to the named squad.

Type

No type

Fields

No fields configured for issues without a type.

Projects

Team Altinn Studio
Status
✅ Done

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions