Technical documentation
About data.norge.no
Data.norge.no is Norway's national data portal. The data portal consists of several data catalogs that are based on national standards and spesifications. The catalogs are filled with information through harvesting of the organizations' own catalogs, whether they host them locally, or use the registration service offered by data.norge.no.
Flow from registration to portal
Data may be registrered either in local or sectorial data catalogs that are hosted by an organization or sector, or in data catalogs that are hosted by data.norge.no (Registration). Registration supports registration of datasets, concepts, APIs, information models and services. The harvester harvests datasets, concepts, APIs, information models, services and events from the data catalogs automatically. The portal listens to events from the harvester and offers a search and overview over datasets, concepts, APIs, information models, services and events.
More information about the services:
The catalogs avaliable through the data portal:
You can read more about Data.norge.no and its purpose on About data.norge.no
Open source software
The source code of Data.norge.no is available on the Github organization Informasjonsforvaltning. On our Architecture documentation on Github you can get an overview over how the repositories are connected to each other.
License
All of our code has the open license Apache License 2.0. External libraries may have a different license. We reccomend you to investigate the licence of external libraries before using them.
Technologies
The most used technologies are:
- Languages: Python, Kotlin, Typescript, Rust
- Frameworks: React, Next.js, Spring
- Databases/data streaming: Postgres, MongoDB, Kafka.
- Design system: Designsystemet
Privacy, security and universal design
Privacy
Data.norge.no is subject to norwegian legislation on processing of personal data. Personopplysningsloven implements REGULATION (EU) 2016/679 (GDPR) in Norwegian law.
Minimal personal data is processed in the solutions today, and this data is only processed in the registration service and harvest service. More information is available in our Terms of use.
Security
We have a strong focus on security and follow Digdirs prinsiples for security in development (only available in Norwegian).
We use following tools to scan for vulnerabilities in our code:
- Dependabot
- Pip-audit for Python
- Npm-audit for JavaScript/Typescript
- Github Security Alerts (CodeQL, Dependabot)
- Synopsys Polaris (DAST)
- Prometheus og Trivy for Docker images
Universal design
As a public body, The Norwegian Digitalisation Agency has to offer services that as a minimum abides to EU's Web directive (WAD) and WCAG 2.1 AA. In addition to this, each service must declare its compliance degree of these demands in an accessibility statement. The demands are described in greater detail in Regulations that legislate universal design of information and communication technology (ICT) in Norway (in Norwegian) and EUs web directive (WAD) (uutilsynet.no) (in Norwegian).
Accessibility statement for data.norge.no (in Norwegian)
We use the following tools to find vialotions of WCAG demands:
- Siteimprove
- Pa11y
In addition to this, we test manually to find violations that are not covered by these tools.