From 9cb9bc6ebcaedaad33510327c0b985776da127cb Mon Sep 17 00:00:00 2001
From: Daniel Skovli <daniel.skovli@gmail.com>
Date: Thu, 21 Nov 2024 15:45:30 +0100
Subject: [PATCH 1/5] Correspondence client (#897)

---
 .../Extensions/HttpClientBuilderExtensions.cs |  40 +-
 .../Extensions/ServiceCollectionExtensions.cs |  38 +-
 .../Extensions/WebHostBuilderExtensions.cs    |  39 +-
 .../RequestHandling/RequestPartValidator.cs   | 159 +++---
 .../Configuration/PlatformSettings.cs         |   5 +
 .../Extensions/ServiceCollectionExtensions.cs |  10 +-
 .../Correspondence/Builder/BuilderUtils.cs    |  29 +
 .../CorrespondenceAttachmentBuilder.cs        | 100 ++++
 .../Builder/CorrespondenceContentBuilder.cs   |  80 +++
 .../CorrespondenceNotificationBuilder.cs      | 143 +++++
 .../Builder/CorrespondenceRequestBuilder.cs   | 313 +++++++++++
 .../ICorrespondenceAttachmentBuilder.cs       |  94 ++++
 .../Builder/ICorrespondenceContentBuilder.cs  |  73 +++
 .../ICorrespondenceNotificationBuilder.cs     | 115 ++++
 .../Builder/ICorrespondenceRequestBuilder.cs  | 308 ++++++++++
 .../CorrespondenceAuthorisationFactory.cs     |  26 +
 .../Correspondence/CorrespondenceClient.cs    | 241 ++++++++
 .../CorrespondenceArgumentException.cs        |  18 +
 .../Exceptions/CorrespondenceException.cs     |  18 +
 .../CorrespondenceRequestException.cs         |  65 +++
 .../CorrespondenceValueException.cs           |  18 +
 .../Extensions/ServiceCollectionExtensions.cs |  16 +
 .../Correspondence/ICorrespondenceClient.cs   |  31 +
 .../Models/CorrespondenceAttachment.cs        |  58 ++
 .../CorrespondenceAttachmentResponse.cs       |  96 ++++
 .../CorrespondenceAttachmentStatusResponse.cs |  35 ++
 .../Models/CorrespondenceContent.cs           |  43 ++
 .../Models/CorrespondenceContentResponse.cs   |  41 ++
 .../Models/CorrespondenceDataLocationType.cs  |  25 +
 .../CorrespondenceDataLocationTypeResponse.cs |  20 +
 .../Models/CorrespondenceDetailsResponse.cs   |  35 ++
 .../Models/CorrespondenceExternalReference.cs |  27 +
 .../Models/CorrespondenceNotification.cs      | 115 ++++
 .../CorrespondenceNotificationChannel.cs      |  30 +
 ...rrespondenceNotificationDetailsResponse.cs |  27 +
 ...CorrespondenceNotificationOrderResponse.cs |  75 +++
 ...espondenceNotificationRecipientResponse.cs |  39 ++
 ...ndenceNotificationStatusDetailsResponse.cs |  33 ++
 ...orrespondenceNotificationStatusResponse.cs |  25 +
 ...ndenceNotificationStatusSummaryResponse.cs |  27 +
 ...rrespondenceNotificationSummaryResponse.cs |  21 +
 .../CorrespondenceNotificationTemplate.cs     |  20 +
 .../Models/CorrespondencePayload.cs           |  88 +++
 .../Models/CorrespondenceReferenceType.cs     |  35 ++
 .../Models/CorrespondenceReplyOption.cs       |  27 +
 .../Models/CorrespondenceRequest.cs           | 295 ++++++++++
 .../Models/CorrespondenceStatus.cs            |  70 +++
 .../CorrespondenceStatusEventResponse.cs      |  27 +
 .../Models/GetCorrespondenceStatusResponse.cs | 152 +++++
 .../Models/OrganisationOrPersonIdentifier.cs  | 145 +++++
 .../Models/SendCorrespondenceResponse.cs      |  21 +
 .../Maskinporten/Constants/JwtClaimTypes.cs   |  40 ++
 .../Constants/TokenAuthorities.cs             |  17 +
 .../Maskinporten/Constants/TokenTypes.cs      |   6 +
 .../MaskinportenDelegatingHandler.cs          |  28 +-
 .../Extensions/HttpClientBuilderExtensions.cs |  22 +
 .../Extensions/ServiceCollectionExtensions.cs |  55 ++
 .../Extensions/WebHostBuilderExtensions.cs    |  34 ++
 .../Maskinporten/IMaskinportenClient.cs       |  40 +-
 .../Maskinporten/MaskinportenClient.cs        | 225 ++++++--
 .../Models/MaskinportenTokenResponse.cs       |  48 +-
 .../Maskinporten/Models/TokenCacheEntry.cs    |   4 +-
 .../Telemetry/Telemetry.Correspondence.cs     |  55 ++
 .../Telemetry/Telemetry.Maskinporten.cs       |  31 +-
 .../Features/Telemetry/Telemetry.cs           |   6 +
 .../Telemetry/TelemetryActivityExtensions.cs  |  24 +-
 src/Altinn.App.Core/Models/JwtToken.cs        | 132 +++++
 .../Models/JwtTokenJsonConverter.cs           |  28 +
 src/Altinn.App.Core/Models/LanguageCode.cs    | 137 +++++
 .../Models/LanguageCodeJsonConverter.cs       |  29 +
 .../Models/NationalIdentityNumber.cs          | 140 +++++
 .../NationalIdentityNumberJsonConverter.cs    |  32 ++
 .../Models/OrganisationNumber.cs              | 147 +++++
 .../Models/OrganisationNumberJsonConverter.cs |  56 ++
 .../Altinn.App.Api.Tests.csproj               |   6 +-
 .../MaskinportenClientIntegrationTest.cs      |  27 +-
 .../Mocks/JwtTokenMock.cs                     |  13 +-
 .../TestUtils/AppBuilder.cs                   |   1 -
 .../Utils/PrincipalUtil.cs                    |  41 +-
 .../Builder/CorrespondenceBuilderTests.cs     | 532 ++++++++++++++++++
 .../CorrespondenceClientTests.cs              | 385 +++++++++++++
 .../Models/CorrespondenceRequestTests.cs      | 300 ++++++++++
 .../Models/CorrespondenceResponseTests.cs     | 372 ++++++++++++
 .../Features/Correspondence/TestHelpers.cs    |  37 ++
 .../MaskinportenDelegatingHandlerTest.cs      |  44 +-
 .../Maskinporten/MaskinportenClientTest.cs    | 321 +++++++----
 .../Models/MaskinportenSettingsTest.cs        |  24 +-
 .../Models/MaskinportenTokenResponseTest.cs   |  42 +-
 .../Features/Maskinporten/TestHelpers.cs      |  70 ++-
 .../Models/JwtTokenTests.cs                   | 147 +++++
 .../Models/LanguageCodeTests.cs               |  57 ++
 .../Models/NationalIdentityNumberTests.cs     | 174 ++++++
 .../Models/OrganisationNumberTests.cs         | 151 +++++
 93 files changed, 7265 insertions(+), 446 deletions(-)
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Builder/BuilderUtils.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Builder/CorrespondenceAttachmentBuilder.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Builder/CorrespondenceContentBuilder.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Builder/CorrespondenceNotificationBuilder.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Builder/CorrespondenceRequestBuilder.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Builder/ICorrespondenceAttachmentBuilder.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Builder/ICorrespondenceContentBuilder.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Builder/ICorrespondenceNotificationBuilder.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Builder/ICorrespondenceRequestBuilder.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/CorrespondenceAuthorisationFactory.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/CorrespondenceClient.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Exceptions/CorrespondenceArgumentException.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Exceptions/CorrespondenceException.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Exceptions/CorrespondenceRequestException.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Exceptions/CorrespondenceValueException.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Extensions/ServiceCollectionExtensions.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/ICorrespondenceClient.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceAttachment.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceAttachmentResponse.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceAttachmentStatusResponse.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceContent.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceContentResponse.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceDataLocationType.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceDataLocationTypeResponse.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceDetailsResponse.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceExternalReference.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotification.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationChannel.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationDetailsResponse.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationOrderResponse.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationRecipientResponse.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationStatusDetailsResponse.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationStatusResponse.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationStatusSummaryResponse.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationSummaryResponse.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationTemplate.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondencePayload.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceReferenceType.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceReplyOption.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceRequest.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceStatus.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceStatusEventResponse.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/GetCorrespondenceStatusResponse.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/OrganisationOrPersonIdentifier.cs
 create mode 100644 src/Altinn.App.Core/Features/Correspondence/Models/SendCorrespondenceResponse.cs
 create mode 100644 src/Altinn.App.Core/Features/Maskinporten/Constants/JwtClaimTypes.cs
 create mode 100644 src/Altinn.App.Core/Features/Maskinporten/Constants/TokenAuthorities.cs
 create mode 100644 src/Altinn.App.Core/Features/Maskinporten/Constants/TokenTypes.cs
 create mode 100644 src/Altinn.App.Core/Features/Maskinporten/Extensions/HttpClientBuilderExtensions.cs
 create mode 100644 src/Altinn.App.Core/Features/Maskinporten/Extensions/ServiceCollectionExtensions.cs
 create mode 100644 src/Altinn.App.Core/Features/Maskinporten/Extensions/WebHostBuilderExtensions.cs
 create mode 100644 src/Altinn.App.Core/Features/Telemetry/Telemetry.Correspondence.cs
 create mode 100644 src/Altinn.App.Core/Models/JwtToken.cs
 create mode 100644 src/Altinn.App.Core/Models/JwtTokenJsonConverter.cs
 create mode 100644 src/Altinn.App.Core/Models/LanguageCode.cs
 create mode 100644 src/Altinn.App.Core/Models/LanguageCodeJsonConverter.cs
 create mode 100644 src/Altinn.App.Core/Models/NationalIdentityNumber.cs
 create mode 100644 src/Altinn.App.Core/Models/NationalIdentityNumberJsonConverter.cs
 create mode 100644 src/Altinn.App.Core/Models/OrganisationNumber.cs
 create mode 100644 src/Altinn.App.Core/Models/OrganisationNumberJsonConverter.cs
 create mode 100644 test/Altinn.App.Core.Tests/Features/Correspondence/Builder/CorrespondenceBuilderTests.cs
 create mode 100644 test/Altinn.App.Core.Tests/Features/Correspondence/CorrespondenceClientTests.cs
 create mode 100644 test/Altinn.App.Core.Tests/Features/Correspondence/Models/CorrespondenceRequestTests.cs
 create mode 100644 test/Altinn.App.Core.Tests/Features/Correspondence/Models/CorrespondenceResponseTests.cs
 create mode 100644 test/Altinn.App.Core.Tests/Features/Correspondence/TestHelpers.cs
 create mode 100644 test/Altinn.App.Core.Tests/Models/JwtTokenTests.cs
 create mode 100644 test/Altinn.App.Core.Tests/Models/LanguageCodeTests.cs
 create mode 100644 test/Altinn.App.Core.Tests/Models/NationalIdentityNumberTests.cs
 create mode 100644 test/Altinn.App.Core.Tests/Models/OrganisationNumberTests.cs

diff --git a/src/Altinn.App.Api/Extensions/HttpClientBuilderExtensions.cs b/src/Altinn.App.Api/Extensions/HttpClientBuilderExtensions.cs
index d0c5d8da8..15f258873 100644
--- a/src/Altinn.App.Api/Extensions/HttpClientBuilderExtensions.cs
+++ b/src/Altinn.App.Api/Extensions/HttpClientBuilderExtensions.cs
@@ -1,5 +1,6 @@
 using Altinn.App.Core.Features.Maskinporten;
-using Altinn.App.Core.Features.Maskinporten.Delegates;
+using Altinn.App.Core.Features.Maskinporten.Constants;
+using Altinn.App.Core.Features.Maskinporten.Extensions;
 
 namespace Altinn.App.Api.Extensions;
 
@@ -10,25 +11,46 @@ public static class HttpClientBuilderExtensions
 {
     /// <summary>
     /// <para>
-    /// Sets up a <see cref="MaskinportenDelegatingHandler"/> middleware for the supplied <see cref="HttpClient"/>,
-    /// which will inject an Authorization header with a Bearer token for all requests.
+    /// Authorises all requests with Maskinporten using the provided scopes,
+    /// and injects the resulting token in the Authorization header using the Bearer scheme.
     /// </para>
     /// <para>
-    /// If your target API does <em>not</em> use this authentication scheme, you should consider implementing
-    /// <see cref="MaskinportenClient.GetAccessToken"/> directly and handling authorization details manually.
+    /// If your target API does <em>not</em> use this authorisation scheme, you should consider implementing
+    /// <see cref="MaskinportenClient.GetAccessToken"/> directly and handling the specifics manually.
     /// </para>
     /// </summary>
     /// <param name="builder">The Http client builder</param>
     /// <param name="scope">The scope to claim authorization for with Maskinporten</param>
     /// <param name="additionalScopes">Additional scopes as required</param>
-    public static IHttpClientBuilder UseMaskinportenAuthorization(
+    public static IHttpClientBuilder UseMaskinportenAuthorisation(
         this IHttpClientBuilder builder,
         string scope,
         params string[] additionalScopes
     )
     {
-        var scopes = new[] { scope }.Concat(additionalScopes);
-        var factory = ActivatorUtilities.CreateFactory<MaskinportenDelegatingHandler>([typeof(IEnumerable<string>)]);
-        return builder.AddHttpMessageHandler(provider => factory(provider, [scopes]));
+        return builder.AddMaskinportenHttpMessageHandler(scope, additionalScopes, TokenAuthorities.Maskinporten);
+    }
+
+    /// <summary>
+    /// <para>
+    /// Authorises all requests with Maskinporten using the provided scopes.
+    /// The resulting token is then exchanged for an Altinn issued token and injected in
+    /// the Authorization header using the Bearer scheme.
+    /// </para>
+    /// <para>
+    /// If your target API does <em>not</em> use this authorisation scheme, you should consider implementing
+    /// <see cref="MaskinportenClient.GetAltinnExchangedToken(IEnumerable{string}, CancellationToken)"/> directly and handling the specifics manually.
+    /// </para>
+    /// </summary>
+    /// <param name="builder">The Http client builder</param>
+    /// <param name="scope">The scope to claim authorization for with Maskinporten</param>
+    /// <param name="additionalScopes">Additional scopes as required</param>
+    public static IHttpClientBuilder UseMaskinportenAltinnAuthorisation(
+        this IHttpClientBuilder builder,
+        string scope,
+        params string[] additionalScopes
+    )
+    {
+        return builder.AddMaskinportenHttpMessageHandler(scope, additionalScopes, TokenAuthorities.AltinnTokenExchange);
     }
 }
diff --git a/src/Altinn.App.Api/Extensions/ServiceCollectionExtensions.cs b/src/Altinn.App.Api/Extensions/ServiceCollectionExtensions.cs
index 2b4e41f47..e5df7a314 100644
--- a/src/Altinn.App.Api/Extensions/ServiceCollectionExtensions.cs
+++ b/src/Altinn.App.Api/Extensions/ServiceCollectionExtensions.cs
@@ -11,7 +11,9 @@
 using Altinn.App.Core.Constants;
 using Altinn.App.Core.Extensions;
 using Altinn.App.Core.Features;
+using Altinn.App.Core.Features.Correspondence.Extensions;
 using Altinn.App.Core.Features.Maskinporten;
+using Altinn.App.Core.Features.Maskinporten.Extensions;
 using Altinn.App.Core.Features.Maskinporten.Models;
 using Altinn.Common.PEP.Authorization;
 using Altinn.Common.PEP.Clients;
@@ -82,7 +84,6 @@ IWebHostEnvironment env
 
         services.AddPlatformServices(config, env);
         services.AddAppServices(config, env);
-        services.AddMaskinportenClient();
         services.ConfigureDataProtection();
 
         var useOpenTelemetrySetting = config.GetValue<bool?>("AppSettings:UseOpenTelemetry");
@@ -97,6 +98,11 @@ IWebHostEnvironment env
             AddApplicationInsights(services, config, env);
         }
 
+        // AddMaskinportenClient adds a keyed service. This needs to happen after AddApplicationInsights,
+        // due to a bug in app insights: https://github.com/microsoft/ApplicationInsights-dotnet/issues/2828
+        services.AddMaskinportenClient();
+        services.AddCorrespondenceClient();
+
         AddAuthenticationScheme(services, config, env);
         AddAuthorizationPolicies(services);
         AddAntiforgery(services);
@@ -159,23 +165,6 @@ string configSectionPath
         return services;
     }
 
-    /// <summary>
-    /// Adds a singleton <see cref="AddMaskinportenClient"/> service to the service collection.
-    /// If no <see cref="MaskinportenSettings"/> configuration is found, it binds one to the path "MaskinportenSettings".
-    /// </summary>
-    /// <param name="services">The service collection</param>
-    private static IServiceCollection AddMaskinportenClient(this IServiceCollection services)
-    {
-        if (services.GetOptionsDescriptor<MaskinportenSettings>() is null)
-        {
-            services.ConfigureMaskinportenClient("MaskinportenSettings");
-        }
-
-        services.AddSingleton<IMaskinportenClient, MaskinportenClient>();
-
-        return services;
-    }
-
     /// <summary>
     /// Adds Application Insights to the service collection.
     /// </summary>
@@ -492,19 +481,6 @@ private static void AddAntiforgery(IServiceCollection services)
         services.TryAddSingleton<ValidateAntiforgeryTokenIfAuthCookieAuthorizationFilter>();
     }
 
-    private static IServiceCollection RemoveOptions<TOptions>(this IServiceCollection services)
-        where TOptions : class
-    {
-        var descriptor = services.GetOptionsDescriptor<TOptions>();
-
-        if (descriptor is not null)
-        {
-            services.Remove(descriptor);
-        }
-
-        return services;
-    }
-
     private static (string? Key, string? ConnectionString) GetAppInsightsConfig(
         IConfiguration config,
         IHostEnvironment env
diff --git a/src/Altinn.App.Api/Extensions/WebHostBuilderExtensions.cs b/src/Altinn.App.Api/Extensions/WebHostBuilderExtensions.cs
index e3fb8e9bf..7b7fee936 100644
--- a/src/Altinn.App.Api/Extensions/WebHostBuilderExtensions.cs
+++ b/src/Altinn.App.Api/Extensions/WebHostBuilderExtensions.cs
@@ -1,5 +1,5 @@
 using Altinn.App.Core.Extensions;
-using Microsoft.Extensions.FileProviders;
+using Altinn.App.Core.Features.Maskinporten.Extensions;
 
 namespace Altinn.App.Api.Extensions;
 
@@ -29,36 +29,19 @@ public static void ConfigureAppWebHost(this IWebHostBuilder builder, string[] ar
 
                 configBuilder.AddInMemoryCollection(config);
 
-                configBuilder.AddMaskinportenSettingsFile(context);
+                configBuilder.AddMaskinportenSettingsFile(
+                    context,
+                    "MaskinportenSettingsFilepath",
+                    "/mnt/app-secrets/maskinporten-settings.json"
+                );
+                configBuilder.AddMaskinportenSettingsFile(
+                    context,
+                    "MaskinportenSettingsInternalFilepath",
+                    "/mnt/app-secrets/maskinporten-settings-internal.json"
+                );
 
                 configBuilder.LoadAppConfig(args);
             }
         );
     }
-
-    private static IConfigurationBuilder AddMaskinportenSettingsFile(
-        this IConfigurationBuilder configurationBuilder,
-        WebHostBuilderContext context
-    )
-    {
-        string jsonProvidedPath =
-            context.Configuration.GetValue<string>("MaskinportenSettingsFilepath")
-            ?? "/mnt/app-secrets/maskinporten-settings.json";
-        string jsonAbsolutePath = Path.GetFullPath(jsonProvidedPath);
-
-        if (File.Exists(jsonAbsolutePath))
-        {
-            string jsonDir = Path.GetDirectoryName(jsonAbsolutePath) ?? string.Empty;
-            string jsonFile = Path.GetFileName(jsonAbsolutePath);
-
-            configurationBuilder.AddJsonFile(
-                provider: new PhysicalFileProvider(jsonDir),
-                path: jsonFile,
-                optional: true,
-                reloadOnChange: true
-            );
-        }
-
-        return configurationBuilder;
-    }
 }
diff --git a/src/Altinn.App.Api/Helpers/RequestHandling/RequestPartValidator.cs b/src/Altinn.App.Api/Helpers/RequestHandling/RequestPartValidator.cs
index f2a35b3ef..cb4904c36 100644
--- a/src/Altinn.App.Api/Helpers/RequestHandling/RequestPartValidator.cs
+++ b/src/Altinn.App.Api/Helpers/RequestHandling/RequestPartValidator.cs
@@ -1,115 +1,114 @@
 using Altinn.Platform.Storage.Interface.Models;
 
-namespace Altinn.App.Api.Helpers.RequestHandling
+namespace Altinn.App.Api.Helpers.RequestHandling;
+
+/// <summary>
+/// Represents a validator of a single <see cref="RequestPart"/> with the help of app metadata
+/// </summary>
+public class RequestPartValidator
 {
+    private readonly Application _appInfo;
+
     /// <summary>
-    /// Represents a validator of a single <see cref="RequestPart"/> with the help of app metadata
+    /// Initialises a new instance of the <see cref="RequestPartValidator"/> class with the given application info.
     /// </summary>
-    public class RequestPartValidator
+    /// <param name="appInfo">The application metadata to use when validating a <see cref="RequestPart"/>.</param>
+    public RequestPartValidator(Application appInfo)
     {
-        private readonly Application _appInfo;
+        _appInfo = appInfo;
+    }
 
-        /// <summary>
-        /// Initialises a new instance of the <see cref="RequestPartValidator"/> class with the given application info.
-        /// </summary>
-        /// <param name="appInfo">The application metadata to use when validating a <see cref="RequestPart"/>.</param>
-        public RequestPartValidator(Application appInfo)
+    /// <summary>
+    /// Operation that can validate a <see cref="RequestPart"/> using the internal <see cref="Application"/>.
+    /// </summary>
+    /// <param name="part">The request part to be validated.</param>
+    /// <returns>null if no errors where found. Otherwise an error message.</returns>
+    public string? ValidatePart(RequestPart part)
+    {
+        if (part.Name == "instance")
         {
-            _appInfo = appInfo;
-        }
+            if (!part.ContentType.StartsWith("application/json", StringComparison.Ordinal))
+            {
+                return $"Unexpected Content-Type '{part.ContentType}' of embedded instance template. Expecting 'application/json'";
+            }
 
-        /// <summary>
-        /// Operation that can validate a <see cref="RequestPart"/> using the internal <see cref="Application"/>.
-        /// </summary>
-        /// <param name="part">The request part to be validated.</param>
-        /// <returns>null if no errors where found. Otherwise an error message.</returns>
-        public string? ValidatePart(RequestPart part)
+            //// TODO: Validate that the element can be read as an instance?
+        }
+        else
         {
-            if (part.Name == "instance")
+            DataType? dataType = _appInfo.DataTypes.Find(e => e.Id == part.Name);
+            if (dataType == null)
             {
-                if (!part.ContentType.StartsWith("application/json", StringComparison.Ordinal))
-                {
-                    return $"Unexpected Content-Type '{part.ContentType}' of embedded instance template. Expecting 'application/json'";
-                }
+                return $"Multipart section named, '{part.Name}' does not correspond to an element type in application metadata";
+            }
 
-                //// TODO: Validate that the element can be read as an instance?
+            if (part.ContentType == null)
+            {
+                return $"The multipart section named {part.Name} is missing Content-Type.";
             }
             else
             {
-                DataType? dataType = _appInfo.DataTypes.Find(e => e.Id == part.Name);
-                if (dataType == null)
-                {
-                    return $"Multipart section named, '{part.Name}' does not correspond to an element type in application metadata";
-                }
-
-                if (part.ContentType == null)
-                {
-                    return $"The multipart section named {part.Name} is missing Content-Type.";
-                }
-                else
-                {
-                    string contentTypeWithoutEncoding = part.ContentType.Split(";")[0];
-
-                    // restrict content type if allowedContentTypes is specified
-                    if (
-                        dataType.AllowedContentTypes != null
-                        && dataType.AllowedContentTypes.Count > 0
-                        && !dataType.AllowedContentTypes.Contains(contentTypeWithoutEncoding)
-                    )
-                    {
-                        return $"The multipart section named {part.Name} has a Content-Type '{part.ContentType}' which is invalid for element type '{dataType.Id}'";
-                    }
-                }
-
-                long contentSize = part.FileSize != 0 ? part.FileSize : part.Bytes.Length;
-
-                if (contentSize == 0)
-                {
-                    return $"The multipart section named {part.Name} has no data. Cannot process empty part.";
-                }
+                string contentTypeWithoutEncoding = part.ContentType.Split(";")[0];
 
+                // restrict content type if allowedContentTypes is specified
                 if (
-                    dataType.MaxSize.HasValue
-                    && dataType.MaxSize > 0
-                    && contentSize > (long)dataType.MaxSize.Value * 1024 * 1024
+                    dataType.AllowedContentTypes != null
+                    && dataType.AllowedContentTypes.Count > 0
+                    && !dataType.AllowedContentTypes.Contains(contentTypeWithoutEncoding)
                 )
                 {
-                    return $"The multipart section named {part.Name} exceeds the size limit of element type '{dataType.Id}'";
+                    return $"The multipart section named {part.Name} has a Content-Type '{part.ContentType}' which is invalid for element type '{dataType.Id}'";
                 }
             }
 
-            return null;
+            long contentSize = part.FileSize != 0 ? part.FileSize : part.Bytes.Length;
+
+            if (contentSize == 0)
+            {
+                return $"The multipart section named {part.Name} has no data. Cannot process empty part.";
+            }
+
+            if (
+                dataType.MaxSize.HasValue
+                && dataType.MaxSize > 0
+                && contentSize > (long)dataType.MaxSize.Value * 1024 * 1024
+            )
+            {
+                return $"The multipart section named {part.Name} exceeds the size limit of element type '{dataType.Id}'";
+            }
         }
 
-        /// <summary>
-        /// Operation that can validate a list of <see cref="RequestPart"/> elements using the internal <see cref="Application"/>.
-        /// </summary>
-        /// <param name="parts">The list of request parts to be validated.</param>
-        /// <returns>null if no errors where found. Otherwise an error message.</returns>
-        public string? ValidateParts(List<RequestPart> parts)
+        return null;
+    }
+
+    /// <summary>
+    /// Operation that can validate a list of <see cref="RequestPart"/> elements using the internal <see cref="Application"/>.
+    /// </summary>
+    /// <param name="parts">The list of request parts to be validated.</param>
+    /// <returns>null if no errors where found. Otherwise an error message.</returns>
+    public string? ValidateParts(List<RequestPart> parts)
+    {
+        foreach (RequestPart part in parts)
         {
-            foreach (RequestPart part in parts)
+            string? partError = ValidatePart(part);
+            if (partError != null)
             {
-                string? partError = ValidatePart(part);
-                if (partError != null)
-                {
-                    return partError;
-                }
+                return partError;
             }
+        }
 
-            foreach (DataType dataType in _appInfo.DataTypes)
+        foreach (DataType dataType in _appInfo.DataTypes)
+        {
+            if (dataType.MaxCount > 0)
             {
-                if (dataType.MaxCount > 0)
+                int partCount = parts.Count(p => p.Name == dataType.Id);
+                if (dataType.MaxCount < partCount)
                 {
-                    int partCount = parts.Count(p => p.Name == dataType.Id);
-                    if (dataType.MaxCount < partCount)
-                    {
-                        return $"The list of parts contains more elements of type '{dataType.Id}' than the element type allows.";
-                    }
+                    return $"The list of parts contains more elements of type '{dataType.Id}' than the element type allows.";
                 }
             }
-
-            return null;
         }
+
+        return null;
     }
 }
diff --git a/src/Altinn.App.Core/Configuration/PlatformSettings.cs b/src/Altinn.App.Core/Configuration/PlatformSettings.cs
index 0cc5e033f..df44d25cf 100644
--- a/src/Altinn.App.Core/Configuration/PlatformSettings.cs
+++ b/src/Altinn.App.Core/Configuration/PlatformSettings.cs
@@ -46,6 +46,11 @@ public class PlatformSettings
     /// </summary>
     public string ApiNotificationEndpoint { get; set; } = "http://localhost:5101/notifications/api/v1/";
 
+    /// <summary>
+    /// Gets or sets the url for the Correspondence API endpoint.
+    /// </summary>
+    public string ApiCorrespondenceEndpoint { get; set; } = "http://localhost:5101/correspondence/api/v1/"; // TODO: which port for localtest?
+
     /// <summary>
     /// Gets or sets the subscription key value to use in requests against the platform.
     /// A new subscription key is generated automatically every time an app is deployed to an environment. The new key is then automatically
diff --git a/src/Altinn.App.Core/Extensions/ServiceCollectionExtensions.cs b/src/Altinn.App.Core/Extensions/ServiceCollectionExtensions.cs
index e74a0bf38..ecfd01752 100644
--- a/src/Altinn.App.Core/Extensions/ServiceCollectionExtensions.cs
+++ b/src/Altinn.App.Core/Extensions/ServiceCollectionExtensions.cs
@@ -371,18 +371,12 @@ private static void AddFileValidatorServices(IServiceCollection services)
         services.TryAddTransient<IFileValidatorFactory, FileValidatorFactory>();
     }
 
-    internal static IEnumerable<ServiceDescriptor> GetOptionsDescriptors<TOptions>(this IServiceCollection services)
+    internal static bool IsConfigured<TOptions>(this IServiceCollection services)
         where TOptions : class
     {
-        return services.Where(d =>
+        return services.Any(d =>
             d.ServiceType == typeof(IConfigureOptions<TOptions>)
             || d.ServiceType == typeof(IOptionsChangeTokenSource<TOptions>)
         );
     }
-
-    internal static ServiceDescriptor? GetOptionsDescriptor<TOptions>(this IServiceCollection services)
-        where TOptions : class
-    {
-        return services.GetOptionsDescriptors<TOptions>().FirstOrDefault();
-    }
 }
diff --git a/src/Altinn.App.Core/Features/Correspondence/Builder/BuilderUtils.cs b/src/Altinn.App.Core/Features/Correspondence/Builder/BuilderUtils.cs
new file mode 100644
index 000000000..c6e6aeaec
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Builder/BuilderUtils.cs
@@ -0,0 +1,29 @@
+using System.Diagnostics.CodeAnalysis;
+using Altinn.App.Core.Features.Correspondence.Exceptions;
+
+namespace Altinn.App.Core.Features.Correspondence.Builder;
+
+internal static class BuilderUtils
+{
+    /// <summary>
+    /// Because of the interface-chaining in this builder, some properties are guaranteed to be non-null.
+    /// But the compiler doesn't trust that, so we add this check where needed.
+    ///
+    /// Additionally this method checks for empty strings and empty data allocations.
+    /// </summary>
+    /// <param name="value">The value to assert</param>
+    /// <param name="errorMessage">The error message to throw, if the value was null</param>
+    /// <exception cref="CorrespondenceValueException"></exception>
+    internal static void NotNullOrEmpty([NotNull] object? value, string? errorMessage = null)
+    {
+        if (
+            value is null
+            || value is string str && string.IsNullOrWhiteSpace(str)
+            || value is ReadOnlyMemory<byte> { IsEmpty: true }
+            || value is DateTimeOffset dt && dt == DateTimeOffset.MinValue
+        )
+        {
+            throw new CorrespondenceValueException(errorMessage);
+        }
+    }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Builder/CorrespondenceAttachmentBuilder.cs b/src/Altinn.App.Core/Features/Correspondence/Builder/CorrespondenceAttachmentBuilder.cs
new file mode 100644
index 000000000..5b33b1e12
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Builder/CorrespondenceAttachmentBuilder.cs
@@ -0,0 +1,100 @@
+using Altinn.App.Core.Features.Correspondence.Models;
+
+namespace Altinn.App.Core.Features.Correspondence.Builder;
+
+/// <summary>
+/// Builder factory for creating <see cref="CorrespondenceAttachment"/> objects
+/// </summary>
+public class CorrespondenceAttachmentBuilder : ICorrespondenceAttachmentBuilder
+{
+    private string? _filename;
+    private string? _name;
+    private string? _sendersReference;
+    private string? _dataType;
+    private ReadOnlyMemory<byte>? _data;
+    private bool? _isEncrypted;
+    private CorrespondenceDataLocationType _dataLocationType =
+        CorrespondenceDataLocationType.ExistingCorrespondenceAttachment;
+
+    private CorrespondenceAttachmentBuilder() { }
+
+    /// <summary>
+    /// Creates a new <see cref="CorrespondenceAttachmentBuilder"/> instance
+    /// </summary>
+    public static ICorrespondenceAttachmentBuilderFilename Create() => new CorrespondenceAttachmentBuilder();
+
+    /// <inheritdoc/>
+    public ICorrespondenceAttachmentBuilderName WithFilename(string filename)
+    {
+        BuilderUtils.NotNullOrEmpty(filename, "Filename cannot be empty");
+        _filename = filename;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceAttachmentBuilderSendersReference WithName(string name)
+    {
+        BuilderUtils.NotNullOrEmpty(name, "Name cannot be empty");
+        _name = name;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceAttachmentBuilderDataType WithSendersReference(string sendersReference)
+    {
+        BuilderUtils.NotNullOrEmpty(sendersReference, "Senders reference cannot be empty");
+        _sendersReference = sendersReference;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceAttachmentBuilderData WithDataType(string dataType)
+    {
+        BuilderUtils.NotNullOrEmpty(dataType, "Data type cannot be empty");
+        _dataType = dataType;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceAttachmentBuilder WithData(ReadOnlyMemory<byte> data)
+    {
+        BuilderUtils.NotNullOrEmpty(data, "Data cannot be empty");
+        _data = data;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceAttachmentBuilder WithIsEncrypted(bool isEncrypted)
+    {
+        _isEncrypted = isEncrypted;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceAttachmentBuilder WithDataLocationType(CorrespondenceDataLocationType dataLocationType)
+    {
+        _dataLocationType = dataLocationType;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public CorrespondenceAttachment Build()
+    {
+        BuilderUtils.NotNullOrEmpty(_filename);
+        BuilderUtils.NotNullOrEmpty(_name);
+        BuilderUtils.NotNullOrEmpty(_sendersReference);
+        BuilderUtils.NotNullOrEmpty(_dataType);
+        BuilderUtils.NotNullOrEmpty(_data);
+
+        return new CorrespondenceAttachment
+        {
+            Filename = _filename,
+            Name = _name,
+            SendersReference = _sendersReference,
+            DataType = _dataType,
+            Data = _data.Value,
+            IsEncrypted = _isEncrypted,
+            DataLocationType = _dataLocationType,
+        };
+    }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Builder/CorrespondenceContentBuilder.cs b/src/Altinn.App.Core/Features/Correspondence/Builder/CorrespondenceContentBuilder.cs
new file mode 100644
index 000000000..e0ead1344
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Builder/CorrespondenceContentBuilder.cs
@@ -0,0 +1,80 @@
+using Altinn.App.Core.Features.Correspondence.Models;
+using Altinn.App.Core.Models;
+
+namespace Altinn.App.Core.Features.Correspondence.Builder;
+
+/// <summary>
+/// Builder factory for creating <see cref="CorrespondenceContent"/> objects
+/// </summary>
+public class CorrespondenceContentBuilder : ICorrespondenceContentBuilder
+{
+    private string? _title;
+    private LanguageCode<Iso6391>? _language;
+    private string? _summary;
+    private string? _body;
+
+    private CorrespondenceContentBuilder() { }
+
+    /// <summary>
+    /// Creates a new <see cref="CorrespondenceContentBuilder"/> instance
+    /// </summary>
+    /// <returns></returns>
+    public static ICorrespondenceContentBuilderLanguage Create() => new CorrespondenceContentBuilder();
+
+    /// <inheritdoc/>
+    public ICorrespondenceContentBuilderTitle WithLanguage(LanguageCode<Iso6391> language)
+    {
+        BuilderUtils.NotNullOrEmpty(language, "Language cannot be empty");
+        _language = language;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceContentBuilderTitle WithLanguage(string language)
+    {
+        BuilderUtils.NotNullOrEmpty(language, "Language cannot be empty");
+        _language = LanguageCode<Iso6391>.Parse(language);
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceContentBuilderSummary WithTitle(string title)
+    {
+        BuilderUtils.NotNullOrEmpty(title, "Title cannot be empty");
+        _title = title;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceContentBuilderBody WithSummary(string summary)
+    {
+        BuilderUtils.NotNullOrEmpty(summary, "Summary cannot be empty");
+        _summary = summary;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceContentBuilder WithBody(string body)
+    {
+        BuilderUtils.NotNullOrEmpty(body, "Body cannot be empty");
+        _body = body;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public CorrespondenceContent Build()
+    {
+        BuilderUtils.NotNullOrEmpty(_title);
+        BuilderUtils.NotNullOrEmpty(_language);
+        BuilderUtils.NotNullOrEmpty(_summary);
+        BuilderUtils.NotNullOrEmpty(_body);
+
+        return new CorrespondenceContent
+        {
+            Title = _title,
+            Language = _language.Value,
+            Summary = _summary,
+            Body = _body,
+        };
+    }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Builder/CorrespondenceNotificationBuilder.cs b/src/Altinn.App.Core/Features/Correspondence/Builder/CorrespondenceNotificationBuilder.cs
new file mode 100644
index 000000000..a2ab06331
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Builder/CorrespondenceNotificationBuilder.cs
@@ -0,0 +1,143 @@
+using Altinn.App.Core.Features.Correspondence.Models;
+
+namespace Altinn.App.Core.Features.Correspondence.Builder;
+
+/// <summary>
+/// Builder factory for creating <see cref="CorrespondenceNotification"/> objects
+/// </summary>
+public class CorrespondenceNotificationBuilder : ICorrespondenceNotificationBuilder
+{
+    private CorrespondenceNotificationTemplate? _notificationTemplate;
+    private string? _emailSubject;
+    private string? _emailBody;
+    private string? _smsBody;
+    private bool? _sendReminder;
+    private string? _reminderEmailSubject;
+    private string? _reminderEmailBody;
+    private string? _reminderSmsBody;
+    private CorrespondenceNotificationChannel? _notificationChannel;
+    private CorrespondenceNotificationChannel? _reminderNotificationChannel;
+    private string? _sendersReference;
+    private DateTimeOffset? _requestedSendTime;
+
+    private CorrespondenceNotificationBuilder() { }
+
+    /// <summary>
+    /// Creates a new <see cref="CorrespondenceNotificationBuilder"/> instance
+    /// </summary>
+    /// <returns></returns>
+    public static ICorrespondenceNotificationBuilderTemplate Create() => new CorrespondenceNotificationBuilder();
+
+    /// <inheritdoc/>
+    public ICorrespondenceNotificationBuilder WithNotificationTemplate(
+        CorrespondenceNotificationTemplate notificationTemplate
+    )
+    {
+        BuilderUtils.NotNullOrEmpty(notificationTemplate, "Notification template cannot be empty");
+        _notificationTemplate = notificationTemplate;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceNotificationBuilder WithEmailSubject(string? emailSubject)
+    {
+        _emailSubject = emailSubject;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceNotificationBuilder WithEmailBody(string? emailBody)
+    {
+        _emailBody = emailBody;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceNotificationBuilder WithSmsBody(string? smsBody)
+    {
+        _smsBody = smsBody;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceNotificationBuilder WithSendReminder(bool? sendReminder)
+    {
+        _sendReminder = sendReminder;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceNotificationBuilder WithReminderEmailSubject(string? reminderEmailSubject)
+    {
+        _reminderEmailSubject = reminderEmailSubject;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceNotificationBuilder WithReminderEmailBody(string? reminderEmailBody)
+    {
+        _reminderEmailBody = reminderEmailBody;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceNotificationBuilder WithReminderSmsBody(string? reminderSmsBody)
+    {
+        _reminderSmsBody = reminderSmsBody;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceNotificationBuilder WithNotificationChannel(
+        CorrespondenceNotificationChannel? notificationChannel
+    )
+    {
+        _notificationChannel = notificationChannel;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceNotificationBuilder WithReminderNotificationChannel(
+        CorrespondenceNotificationChannel? reminderNotificationChannel
+    )
+    {
+        _reminderNotificationChannel = reminderNotificationChannel;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceNotificationBuilder WithSendersReference(string? sendersReference)
+    {
+        _sendersReference = sendersReference;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceNotificationBuilder WithRequestedSendTime(DateTimeOffset? requestedSendTime)
+    {
+        _requestedSendTime = requestedSendTime;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public CorrespondenceNotification Build()
+    {
+        BuilderUtils.NotNullOrEmpty(_notificationTemplate);
+
+        return new CorrespondenceNotification
+        {
+            NotificationTemplate = _notificationTemplate.Value,
+            EmailSubject = _emailSubject,
+            EmailBody = _emailBody,
+            SmsBody = _smsBody,
+            SendReminder = _sendReminder,
+            ReminderEmailSubject = _reminderEmailSubject,
+            ReminderEmailBody = _reminderEmailBody,
+            ReminderSmsBody = _reminderSmsBody,
+            NotificationChannel = _notificationChannel,
+            ReminderNotificationChannel = _reminderNotificationChannel,
+            SendersReference = _sendersReference,
+            RequestedSendTime = _requestedSendTime,
+        };
+    }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Builder/CorrespondenceRequestBuilder.cs b/src/Altinn.App.Core/Features/Correspondence/Builder/CorrespondenceRequestBuilder.cs
new file mode 100644
index 000000000..517465b12
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Builder/CorrespondenceRequestBuilder.cs
@@ -0,0 +1,313 @@
+using Altinn.App.Core.Features.Correspondence.Models;
+using Altinn.App.Core.Models;
+
+namespace Altinn.App.Core.Features.Correspondence.Builder;
+
+/// <summary>
+/// Builder factory for creating <see cref="CorrespondenceRequest"/> objects
+/// </summary>
+public class CorrespondenceRequestBuilder : ICorrespondenceRequestBuilder
+{
+    private string? _resourceId;
+    private OrganisationNumber? _sender;
+    private string? _sendersReference;
+    private CorrespondenceContent? _content;
+    private List<CorrespondenceAttachment>? _contentAttachments;
+    private DateTimeOffset? _allowSystemDeleteAfter;
+    private DateTimeOffset? _dueDateTime;
+    private List<OrganisationOrPersonIdentifier>? _recipients;
+    private DateTimeOffset? _requestedPublishTime;
+    private string? _messageSender;
+    private List<CorrespondenceExternalReference>? _externalReferences;
+    private Dictionary<string, string>? _propertyList;
+    private List<CorrespondenceReplyOption>? _replyOptions;
+    private CorrespondenceNotification? _notification;
+    private bool? _ignoreReservation;
+    private List<Guid>? _existingAttachments;
+
+    private CorrespondenceRequestBuilder() { }
+
+    /// <summary>
+    /// Creates a new <see cref="CorrespondenceRequestBuilder"/> instance
+    /// </summary>
+    public static ICorrespondenceRequestBuilderResourceId Create() => new CorrespondenceRequestBuilder();
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilderSender WithResourceId(string resourceId)
+    {
+        BuilderUtils.NotNullOrEmpty(resourceId, "Resource ID cannot be empty");
+        _resourceId = resourceId;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilderSendersReference WithSender(OrganisationNumber sender)
+    {
+        BuilderUtils.NotNullOrEmpty(sender, "Sender cannot be empty");
+        _sender = sender;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilderSendersReference WithSender(string sender)
+    {
+        BuilderUtils.NotNullOrEmpty(sender, "Sender cannot be empty");
+        _sender = OrganisationNumber.Parse(sender);
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilderRecipients WithSendersReference(string sendersReference)
+    {
+        BuilderUtils.NotNullOrEmpty(sendersReference, "Senders reference cannot be empty");
+        _sendersReference = sendersReference;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilderAllowSystemDeleteAfter WithRecipient(OrganisationOrPersonIdentifier recipient)
+    {
+        BuilderUtils.NotNullOrEmpty(recipient, "Recipients cannot be empty");
+        return WithRecipients([recipient]);
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilderAllowSystemDeleteAfter WithRecipient(string recipient)
+    {
+        BuilderUtils.NotNullOrEmpty(recipient, "Recipients cannot be empty");
+        return WithRecipients([recipient]);
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilderAllowSystemDeleteAfter WithRecipients(IEnumerable<string> recipients)
+    {
+        BuilderUtils.NotNullOrEmpty(recipients);
+        return WithRecipients(recipients.Select(OrganisationOrPersonIdentifier.Parse));
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilderAllowSystemDeleteAfter WithRecipients(
+        IEnumerable<OrganisationOrPersonIdentifier> recipients
+    )
+    {
+        BuilderUtils.NotNullOrEmpty(recipients, "Recipients cannot be empty");
+        _recipients ??= [];
+        _recipients.AddRange(recipients);
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilderContent WithAllowSystemDeleteAfter(DateTimeOffset allowSystemDeleteAfter)
+    {
+        BuilderUtils.NotNullOrEmpty(allowSystemDeleteAfter, "AllowSystemDeleteAfter cannot be empty");
+        _allowSystemDeleteAfter = allowSystemDeleteAfter;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilder WithContent(CorrespondenceContent content)
+    {
+        BuilderUtils.NotNullOrEmpty(content, "Content cannot be empty");
+        _content = content;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilder WithContent(ICorrespondenceContentBuilder builder)
+    {
+        return WithContent(builder.Build());
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilder WithContent(
+        LanguageCode<Iso6391> language,
+        string title,
+        string summary,
+        string body
+    )
+    {
+        _content = new CorrespondenceContent
+        {
+            Title = title,
+            Summary = summary,
+            Body = body,
+            Language = language,
+        };
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilder WithContent(string language, string title, string summary, string body)
+    {
+        _content = new CorrespondenceContent
+        {
+            Title = title,
+            Summary = summary,
+            Body = body,
+            Language = LanguageCode<Iso6391>.Parse(language),
+        };
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilder WithDueDateTime(DateTimeOffset dueDateTime)
+    {
+        BuilderUtils.NotNullOrEmpty(dueDateTime, "DueDateTime cannot be empty");
+        _dueDateTime = dueDateTime;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilder WithRequestedPublishTime(DateTimeOffset requestedPublishTime)
+    {
+        _requestedPublishTime = requestedPublishTime;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilder WithMessageSender(string messageSender)
+    {
+        _messageSender = messageSender;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilder WithExternalReference(CorrespondenceExternalReference externalReference)
+    {
+        return WithExternalReferences([externalReference]);
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilder WithExternalReference(CorrespondenceReferenceType type, string value)
+    {
+        return WithExternalReferences(
+            [new CorrespondenceExternalReference { ReferenceType = type, ReferenceValue = value }]
+        );
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilder WithExternalReferences(
+        IEnumerable<CorrespondenceExternalReference> externalReferences
+    )
+    {
+        _externalReferences ??= [];
+        _externalReferences.AddRange(externalReferences);
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilder WithPropertyList(IReadOnlyDictionary<string, string> propertyList)
+    {
+        _propertyList ??= [];
+        foreach (var (key, value) in propertyList)
+        {
+            _propertyList[key] = value;
+        }
+
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilder WithReplyOption(CorrespondenceReplyOption replyOption)
+    {
+        return WithReplyOptions([replyOption]);
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilder WithReplyOption(string linkUrl, string linkText)
+    {
+        return WithReplyOptions([new CorrespondenceReplyOption { LinkUrl = linkUrl, LinkText = linkText }]);
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilder WithReplyOptions(IEnumerable<CorrespondenceReplyOption> replyOptions)
+    {
+        _replyOptions ??= [];
+        _replyOptions.AddRange(replyOptions);
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilder WithNotification(CorrespondenceNotification notification)
+    {
+        _notification = notification;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilder WithNotification(ICorrespondenceNotificationBuilder builder)
+    {
+        return WithNotification(builder.Build());
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilder WithIgnoreReservation(bool ignoreReservation)
+    {
+        _ignoreReservation = ignoreReservation;
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilder WithExistingAttachment(Guid existingAttachment)
+    {
+        return WithExistingAttachments([existingAttachment]);
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilder WithExistingAttachments(IEnumerable<Guid> existingAttachments)
+    {
+        _existingAttachments ??= [];
+        _existingAttachments.AddRange(existingAttachments);
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilder WithAttachment(CorrespondenceAttachment attachment)
+    {
+        return WithAttachments([attachment]);
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilder WithAttachment(ICorrespondenceAttachmentBuilder builder)
+    {
+        return WithAttachments([builder.Build()]);
+    }
+
+    /// <inheritdoc/>
+    public ICorrespondenceRequestBuilder WithAttachments(IEnumerable<CorrespondenceAttachment> attachments)
+    {
+        _contentAttachments ??= [];
+        _contentAttachments.AddRange(attachments);
+        return this;
+    }
+
+    /// <inheritdoc/>
+    public CorrespondenceRequest Build()
+    {
+        BuilderUtils.NotNullOrEmpty(_resourceId);
+        BuilderUtils.NotNullOrEmpty(_sender);
+        BuilderUtils.NotNullOrEmpty(_sendersReference);
+        BuilderUtils.NotNullOrEmpty(_content);
+        BuilderUtils.NotNullOrEmpty(_allowSystemDeleteAfter);
+        BuilderUtils.NotNullOrEmpty(_recipients);
+
+        return new CorrespondenceRequest
+        {
+            ResourceId = _resourceId,
+            Sender = _sender.Value,
+            SendersReference = _sendersReference,
+            Content = _content with { Attachments = _contentAttachments },
+            AllowSystemDeleteAfter = _allowSystemDeleteAfter.Value,
+            DueDateTime = _dueDateTime,
+            Recipients = _recipients,
+            RequestedPublishTime = _requestedPublishTime,
+            MessageSender = _messageSender,
+            ExternalReferences = _externalReferences,
+            PropertyList = _propertyList,
+            ReplyOptions = _replyOptions,
+            Notification = _notification,
+            IgnoreReservation = _ignoreReservation,
+            ExistingAttachments = _existingAttachments,
+        };
+    }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Builder/ICorrespondenceAttachmentBuilder.cs b/src/Altinn.App.Core/Features/Correspondence/Builder/ICorrespondenceAttachmentBuilder.cs
new file mode 100644
index 000000000..2a8debadb
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Builder/ICorrespondenceAttachmentBuilder.cs
@@ -0,0 +1,94 @@
+using System.Net.Mime;
+using Altinn.App.Core.Features.Correspondence.Models;
+
+namespace Altinn.App.Core.Features.Correspondence.Builder;
+
+/// <summary>
+/// Indicates that the <see cref="CorrespondenceAttachmentBuilder"/> instance is on the <see cref="CorrespondenceAttachment.Filename"/> step
+/// </summary>
+public interface ICorrespondenceAttachmentBuilderFilename
+{
+    /// <summary>
+    /// Sets the filename of the attachment
+    /// </summary>
+    /// <param name="filename">The attachment filename</param>
+    ICorrespondenceAttachmentBuilderName WithFilename(string filename);
+}
+
+/// <summary>
+/// Indicates that the <see cref="CorrespondenceAttachmentBuilder"/> instance is on the <see cref="CorrespondenceAttachment.Name"/> step
+/// </summary>
+public interface ICorrespondenceAttachmentBuilderName
+{
+    /// <summary>
+    /// Sets the display name of the attachment
+    /// </summary>
+    /// <param name="name">The display name</param>
+    ICorrespondenceAttachmentBuilderSendersReference WithName(string name);
+}
+
+/// <summary>
+/// Indicates that the <see cref="CorrespondenceAttachmentBuilder"/> instance is on the <see cref="CorrespondenceAttachment.SendersReference"/> step
+/// </summary>
+public interface ICorrespondenceAttachmentBuilderSendersReference
+{
+    /// <summary>
+    /// Sets the senders reference for the attachment
+    /// </summary>
+    /// <param name="sendersReference">The reference value</param>
+    ICorrespondenceAttachmentBuilderDataType WithSendersReference(string sendersReference);
+}
+
+/// <summary>
+/// Indicates that the <see cref="CorrespondenceAttachmentBuilder"/> instance is on the <see cref="CorrespondenceAttachment.DataType"/> step
+/// </summary>
+public interface ICorrespondenceAttachmentBuilderDataType
+{
+    /// <summary>
+    /// Sets the data type of the attachment in MIME format
+    /// </summary>
+    /// <remarks>See <see cref="MediaTypeNames"/></remarks>
+    /// <param name="dataType">The MIME type of the attachment</param>
+    ICorrespondenceAttachmentBuilderData WithDataType(string dataType);
+}
+
+/// <summary>
+/// Indicates that the <see cref="CorrespondenceAttachmentBuilder"/> instance is on the <see cref="CorrespondenceAttachment.Data"/> step
+/// </summary>
+public interface ICorrespondenceAttachmentBuilderData
+{
+    /// <summary>
+    /// Sets the data content of the attachment
+    /// </summary>
+    /// <param name="data">The data</param>
+    ICorrespondenceAttachmentBuilder WithData(ReadOnlyMemory<byte> data);
+}
+
+/// <summary>
+/// Indicates that the <see cref="CorrespondenceAttachmentBuilder"/> instance has completed all required steps and can proceed to <see cref="CorrespondenceAttachmentBuilder.Build"/>
+/// </summary>
+public interface ICorrespondenceAttachmentBuilder
+    : ICorrespondenceAttachmentBuilderFilename,
+        ICorrespondenceAttachmentBuilderName,
+        ICorrespondenceAttachmentBuilderSendersReference,
+        ICorrespondenceAttachmentBuilderDataType,
+        ICorrespondenceAttachmentBuilderData
+{
+    /// <summary>
+    /// Sets whether the attachment is encrypted or not
+    /// </summary>
+    /// <param name="isEncrypted">`true` for encrypted, `false` otherwise</param>
+    ICorrespondenceAttachmentBuilder WithIsEncrypted(bool isEncrypted);
+
+    /// <summary>
+    /// Sets the storage location of the attachment data
+    /// </summary>
+    /// <remarks>In this context, it is extremely likely that the storage location is <see cref="CorrespondenceDataLocationType.ExistingCorrespondenceAttachment"/></remarks>
+    /// <param name="dataLocationType">The data storage location</param>
+    ICorrespondenceAttachmentBuilder WithDataLocationType(CorrespondenceDataLocationType dataLocationType);
+
+    /// <summary>
+    /// Builds the correspondence attachment
+    /// </summary>
+    CorrespondenceAttachment Build();
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Builder/ICorrespondenceContentBuilder.cs b/src/Altinn.App.Core/Features/Correspondence/Builder/ICorrespondenceContentBuilder.cs
new file mode 100644
index 000000000..31b727bda
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Builder/ICorrespondenceContentBuilder.cs
@@ -0,0 +1,73 @@
+using Altinn.App.Core.Features.Correspondence.Models;
+using Altinn.App.Core.Models;
+
+namespace Altinn.App.Core.Features.Correspondence.Builder;
+
+/// <summary>
+/// Indicates that the <see cref="CorrespondenceContentBuilder"/> instance is on the <see cref="CorrespondenceContent.Language"/> step
+/// </summary>
+public interface ICorrespondenceContentBuilderLanguage
+{
+    /// <summary>
+    /// Sets the language of the correspondence content
+    /// </summary>
+    /// <param name="language">The content language</param>
+    ICorrespondenceContentBuilderTitle WithLanguage(LanguageCode<Iso6391> language);
+
+    /// <summary>
+    /// Sets the language of the correspondence content
+    /// </summary>
+    /// <param name="language">The content language in ISO 639-1 format</param>
+    ICorrespondenceContentBuilderTitle WithLanguage(string language);
+}
+
+/// <summary>
+/// Indicates that the <see cref="CorrespondenceContentBuilder"/> instance is on the <see cref="CorrespondenceContent.Title"/> step
+/// </summary>
+public interface ICorrespondenceContentBuilderTitle
+{
+    /// <summary>
+    /// Sets the title of the correspondence content
+    /// </summary>
+    /// <param name="title">The correspondence title</param>
+    ICorrespondenceContentBuilderSummary WithTitle(string title);
+}
+
+/// <summary>
+/// Indicates that the <see cref="CorrespondenceContentBuilder"/> instance is on the <see cref="CorrespondenceContent.Summary"/> step
+/// </summary>
+public interface ICorrespondenceContentBuilderSummary
+{
+    /// <summary>
+    /// Sets the summary of the correspondence content
+    /// </summary>
+    /// <param name="summary">The summary of the message</param>
+    ICorrespondenceContentBuilderBody WithSummary(string summary);
+}
+
+/// <summary>
+/// Indicates that the <see cref="CorrespondenceContentBuilder"/> instance is on the <see cref="CorrespondenceContent.Body"/> step
+/// </summary>
+public interface ICorrespondenceContentBuilderBody
+{
+    /// <summary>
+    /// Sets the body of the correspondence content
+    /// </summary>
+    /// <param name="body">The full text (body) of the message</param>
+    ICorrespondenceContentBuilder WithBody(string body);
+}
+
+/// <summary>
+/// Indicates that the <see cref="CorrespondenceContentBuilder"/> instance has completed all required steps and can proceed to <see cref="CorrespondenceContentBuilder.Build"/>
+/// </summary>
+public interface ICorrespondenceContentBuilder
+    : ICorrespondenceContentBuilderTitle,
+        ICorrespondenceContentBuilderLanguage,
+        ICorrespondenceContentBuilderSummary,
+        ICorrespondenceContentBuilderBody
+{
+    /// <summary>
+    /// Builds the correspondence content
+    /// </summary>
+    CorrespondenceContent Build();
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Builder/ICorrespondenceNotificationBuilder.cs b/src/Altinn.App.Core/Features/Correspondence/Builder/ICorrespondenceNotificationBuilder.cs
new file mode 100644
index 000000000..540e48ee2
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Builder/ICorrespondenceNotificationBuilder.cs
@@ -0,0 +1,115 @@
+using Altinn.App.Core.Features.Correspondence.Models;
+
+namespace Altinn.App.Core.Features.Correspondence.Builder;
+
+/// <summary>
+/// Indicates that the <see cref="CorrespondenceNotificationBuilder"/> instance is on the <see cref="CorrespondenceNotification.NotificationTemplate"/> step
+/// </summary>
+public interface ICorrespondenceNotificationBuilderTemplate
+{
+    /// <summary>
+    /// Sets the notification template for the correspondence notification
+    /// </summary>
+    /// <param name="notificationTemplate">The notification template</param>
+    ICorrespondenceNotificationBuilder WithNotificationTemplate(
+        CorrespondenceNotificationTemplate notificationTemplate
+    );
+}
+
+/// <summary>
+/// Indicates that the <see cref="CorrespondenceNotificationBuilder"/> instance has completed all required steps and can proceed to <see cref="CorrespondenceNotificationBuilder.Build"/>
+/// </summary>
+public interface ICorrespondenceNotificationBuilder : ICorrespondenceNotificationBuilderTemplate
+{
+    /// <summary>
+    /// Sets the email subject for the correspondence notification
+    /// </summary>
+    /// <remarks>
+    /// Depending on the <see cref="CorrespondenceNotificationTemplate"/> in use, this value may be padded according to the template logic
+    /// </remarks>
+    /// <param name="emailSubject">The email subject</param>
+    ICorrespondenceNotificationBuilder WithEmailSubject(string? emailSubject);
+
+    /// <summary>
+    /// Sets the email body for the correspondence notification
+    /// </summary>
+    /// <remarks>
+    /// Depending on the <see cref="CorrespondenceNotificationTemplate"/> in use, this value may be padded according to the template logic
+    /// </remarks>
+    /// <param name="emailBody">The email content (body)</param>
+    ICorrespondenceNotificationBuilder WithEmailBody(string? emailBody);
+
+    /// <summary>
+    /// Sets the SMS body for the correspondence notification
+    /// </summary>
+    /// <remarks>
+    /// Depending on the <see cref="CorrespondenceNotificationTemplate"/> in use, this value may be padded according to the template logic
+    /// </remarks>
+    /// <param name="smsBody">The SMS content (body)</param>
+    ICorrespondenceNotificationBuilder WithSmsBody(string? smsBody);
+
+    /// <summary>
+    /// Sets whether a reminder should be sent for the correspondence notification, if not actioned within an appropriate time frame
+    /// </summary>
+    /// <param name="sendReminder">`true` if yes, `false` if no</param>
+    ICorrespondenceNotificationBuilder WithSendReminder(bool? sendReminder);
+
+    /// <summary>
+    /// Sets the email subject for the reminder notification
+    /// </summary>
+    /// <remarks>
+    /// Depending on the <see cref="CorrespondenceNotificationTemplate"/> in use, this value may be padded according to the template logic
+    /// </remarks>
+    /// <param name="reminderEmailSubject">The reminder email subject</param>
+    ICorrespondenceNotificationBuilder WithReminderEmailSubject(string? reminderEmailSubject);
+
+    /// <summary>
+    /// Sets the email body for the reminder notification
+    /// </summary>
+    /// <remarks>
+    /// Depending on the <see cref="CorrespondenceNotificationTemplate"/> in use, this value may be padded according to the template logic
+    /// </remarks>
+    /// <param name="reminderEmailBody">The reminder email content (body)</param>
+    ICorrespondenceNotificationBuilder WithReminderEmailBody(string? reminderEmailBody);
+
+    /// <summary>
+    /// Sets the SMS body for the reminder notification
+    /// </summary>
+    /// <remarks>
+    /// Depending on the <see cref="CorrespondenceNotificationTemplate"/> in use, this value may be padded according to the template logic
+    /// </remarks>
+    /// <param name="reminderSmsBody">The reminder SMS content (body)</param>
+    ICorrespondenceNotificationBuilder WithReminderSmsBody(string? reminderSmsBody);
+
+    /// <summary>
+    /// Sets the notification channel for the correspondence notification
+    /// </summary>
+    /// <param name="notificationChannel">The notification channel to use</param>
+    ICorrespondenceNotificationBuilder WithNotificationChannel(CorrespondenceNotificationChannel? notificationChannel);
+
+    /// <summary>
+    /// Sets the notification channel for the reminder notification
+    /// </summary>
+    /// <param name="reminderNotificationChannel">The notification channel to use</param>
+    ICorrespondenceNotificationBuilder WithReminderNotificationChannel(
+        CorrespondenceNotificationChannel? reminderNotificationChannel
+    );
+
+    /// <summary>
+    /// Sets the senders reference for the correspondence notification
+    /// </summary>
+    /// <param name="sendersReference">The senders reference value</param>
+    /// <returns></returns>
+    ICorrespondenceNotificationBuilder WithSendersReference(string? sendersReference);
+
+    /// <summary>
+    /// Sets the requested send time for the correspondence notification
+    /// </summary>
+    /// <param name="requestedSendTime">The requested send time</param>
+    ICorrespondenceNotificationBuilder WithRequestedSendTime(DateTimeOffset? requestedSendTime);
+
+    /// <summary>
+    /// Builds the <see cref="CorrespondenceNotification"/> instance
+    /// </summary>
+    CorrespondenceNotification Build();
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Builder/ICorrespondenceRequestBuilder.cs b/src/Altinn.App.Core/Features/Correspondence/Builder/ICorrespondenceRequestBuilder.cs
new file mode 100644
index 000000000..3dbdad2e7
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Builder/ICorrespondenceRequestBuilder.cs
@@ -0,0 +1,308 @@
+using Altinn.App.Core.Features.Correspondence.Models;
+using Altinn.App.Core.Models;
+
+namespace Altinn.App.Core.Features.Correspondence.Builder;
+
+/// <summary>
+/// Indicates that the <see cref="CorrespondenceRequestBuilder"/> instance is on the <see cref="CorrespondenceRequest.ResourceId"/> step
+/// </summary>
+public interface ICorrespondenceRequestBuilderResourceId
+{
+    /// <summary>
+    /// Sets the Resource Id for the correspondence
+    /// </summary>
+    /// <param name="resourceId">The resource ID as registered in the Altinn Resource Registry</param>
+    ICorrespondenceRequestBuilderSender WithResourceId(string resourceId);
+}
+
+/// <summary>
+/// Indicates that the <see cref="CorrespondenceRequestBuilder"/> instance is on the <see cref="CorrespondenceRequest.Sender"/> step
+/// </summary>
+public interface ICorrespondenceRequestBuilderSender
+{
+    /// <summary>
+    /// Sets the sender of the correspondence
+    /// </summary>
+    /// <param name="sender">The correspondence sender</param>
+    ICorrespondenceRequestBuilderSendersReference WithSender(OrganisationNumber sender);
+
+    /// <summary>
+    /// Sets the sender of the correspondence
+    /// </summary>
+    /// <param name="sender">A string representing a Norwegian organisation number (e.g. 991825827 or 0192:991825827)</param>
+    ICorrespondenceRequestBuilderSendersReference WithSender(string sender);
+}
+
+/// <summary>
+/// Indicates that the <see cref="CorrespondenceRequestBuilder"/> instance is on the <see cref="CorrespondenceRequest.SendersReference"/> step
+/// </summary>
+public interface ICorrespondenceRequestBuilderSendersReference
+{
+    /// <summary>
+    /// Sets the senders reference for the correspondence
+    /// </summary>
+    /// <param name="sendersReference">The correspondence reference</param>
+    ICorrespondenceRequestBuilderRecipients WithSendersReference(string sendersReference);
+}
+
+/// <summary>
+/// Indicates that the <see cref="CorrespondenceRequestBuilder"/> instance is on the <see cref="CorrespondenceRequest.Recipients"/> step
+/// </summary>
+public interface ICorrespondenceRequestBuilderRecipients
+{
+    /// <summary>
+    /// Adds a recipient to the correspondence
+    /// </summary>
+    /// <remarks>
+    /// This method respects any existing options already stored in <see cref="CorrespondenceRequest.Recipients"/>
+    /// </remarks>
+    /// <param name="recipient">A recipient</param>
+    ICorrespondenceRequestBuilderAllowSystemDeleteAfter WithRecipient(OrganisationOrPersonIdentifier recipient);
+
+    /// <summary>
+    /// Adds a recipient to the correspondence
+    /// </summary>
+    /// <remarks>
+    /// This method respects any existing options already stored in <see cref="CorrespondenceRequest.Recipients"/>
+    /// </remarks>
+    /// <param name="recipient">A recipient: Either a Norwegian organisation number or national identity number</param>
+    ICorrespondenceRequestBuilderAllowSystemDeleteAfter WithRecipient(string recipient);
+
+    /// <summary>
+    /// Adds recipients to the correspondence
+    /// </summary>
+    /// <remarks>
+    /// This method respects any existing options already stored in <see cref="CorrespondenceRequest.Recipients"/>
+    /// </remarks>
+    /// <param name="recipients">A list of recipients</param>
+    ICorrespondenceRequestBuilderAllowSystemDeleteAfter WithRecipients(
+        IEnumerable<OrganisationOrPersonIdentifier> recipients
+    );
+
+    /// <summary>
+    /// Adds recipients to the correspondence
+    /// </summary>
+    /// <remarks>
+    /// This method respects any existing options already stored in <see cref="CorrespondenceRequest.Recipients"/>
+    /// </remarks>
+    /// <param name="recipients">A list of recipients: Either Norwegian organisation numbers or national identity numbers</param>
+    ICorrespondenceRequestBuilderAllowSystemDeleteAfter WithRecipients(IEnumerable<string> recipients);
+}
+
+/// <summary>
+/// Indicates that the <see cref="CorrespondenceRequestBuilder"/> instance is on the <see cref="CorrespondenceRequest.AllowSystemDeleteAfter"/> step
+/// </summary>
+public interface ICorrespondenceRequestBuilderAllowSystemDeleteAfter
+{
+    /// <summary>
+    /// Sets the date and time when the correspondence can be deleted from the system
+    /// </summary>
+    /// <param name="allowSystemDeleteAfter">The point in time when the correspondence may be safely deleted</param>
+    ICorrespondenceRequestBuilderContent WithAllowSystemDeleteAfter(DateTimeOffset allowSystemDeleteAfter);
+}
+
+/// <summary>
+/// Indicates that the <see cref="CorrespondenceRequestBuilder"/> instance is on the <see cref="CorrespondenceRequest.Content"/> step
+/// </summary>
+public interface ICorrespondenceRequestBuilderContent
+{
+    /// <summary>
+    /// Sets the content of the correspondence
+    /// </summary>
+    /// <param name="content">The correspondence content</param>
+    ICorrespondenceRequestBuilder WithContent(CorrespondenceContent content);
+
+    /// <summary>
+    /// Sets the content of the correspondence
+    /// </summary>
+    /// <param name="builder">A <see cref="CorrespondenceContentBuilder"/> instance in the <see cref="ICorrespondenceContentBuilder"/> stage</param>
+    ICorrespondenceRequestBuilder WithContent(ICorrespondenceContentBuilder builder);
+
+    /// <summary>
+    /// Sets the content of the correspondence
+    /// </summary>
+    /// <param name="language">The message language</param>
+    /// <param name="title">The message title</param>
+    /// <param name="summary">The message summary</param>
+    /// <param name="body">The message body</param>
+    ICorrespondenceRequestBuilder WithContent(
+        LanguageCode<Iso6391> language,
+        string title,
+        string summary,
+        string body
+    );
+
+    /// <summary>
+    /// Sets the content of the correspondence
+    /// </summary>
+    /// <param name="language">The message language in ISO 639-1 format</param>
+    /// <param name="title">The message title</param>
+    /// <param name="summary">The message summary</param>
+    /// <param name="body">The message body</param>
+    ICorrespondenceRequestBuilder WithContent(string language, string title, string summary, string body);
+}
+
+/// <summary>
+/// Indicates that the <see cref="CorrespondenceRequestBuilder"/> instance has completed all
+/// required steps and can proceed to <see cref="CorrespondenceRequestBuilder.Build"/>
+/// </summary>
+public interface ICorrespondenceRequestBuilder
+    : ICorrespondenceRequestBuilderResourceId,
+        ICorrespondenceRequestBuilderSender,
+        ICorrespondenceRequestBuilderSendersReference,
+        ICorrespondenceRequestBuilderRecipients,
+        ICorrespondenceRequestBuilderAllowSystemDeleteAfter,
+        ICorrespondenceRequestBuilderContent
+{
+    /// <summary>
+    /// Sets due date and time for the correspondence
+    /// </summary>
+    /// <param name="dueDateTime">The point in time when the correspondence is due</param>
+    /// <returns></returns>
+    ICorrespondenceRequestBuilder WithDueDateTime(DateTimeOffset dueDateTime);
+
+    /// <summary>
+    /// Sets the requested publish time for the correspondence
+    /// </summary>
+    /// <param name="requestedPublishTime">The point in time when the correspondence should be published</param>
+    ICorrespondenceRequestBuilder WithRequestedPublishTime(DateTimeOffset requestedPublishTime);
+
+    /// <summary>
+    /// Set the message sender for the correspondence
+    /// </summary>
+    /// <param name="messageSender">The name of the message sender</param>
+    /// <returns></returns>
+    ICorrespondenceRequestBuilder WithMessageSender(string messageSender);
+
+    /// <summary>
+    /// Adds an external reference to the correspondence
+    /// <remarks>
+    /// This method respects any existing references already stored in <see cref="CorrespondenceRequest.ExternalReferences"/>
+    /// </remarks>
+    /// </summary>
+    /// <param name="externalReference">A <see cref="CorrespondenceExternalReference"/> item</param>
+    ICorrespondenceRequestBuilder WithExternalReference(CorrespondenceExternalReference externalReference);
+
+    /// <summary>
+    /// Adds an external reference to the correspondence
+    /// <remarks>
+    /// This method respects any existing references already stored in <see cref="CorrespondenceRequest.ExternalReferences"/>
+    /// </remarks>
+    /// </summary>
+    /// <param name="type">The reference type to add</param>
+    /// <param name="value">The reference value</param>
+    ICorrespondenceRequestBuilder WithExternalReference(CorrespondenceReferenceType type, string value);
+
+    /// <summary>
+    /// Adds external references to the correspondence
+    /// <remarks>
+    /// This method respects any existing references already stored in <see cref="CorrespondenceRequest.ExternalReferences"/>
+    /// </remarks>
+    /// </summary>
+    /// <param name="externalReferences">A list of <see cref="CorrespondenceExternalReference"/> items</param>
+    ICorrespondenceRequestBuilder WithExternalReferences(
+        IEnumerable<CorrespondenceExternalReference> externalReferences
+    );
+
+    /// <summary>
+    /// Sets the property list for the correspondence
+    /// </summary>
+    /// <param name="propertyList">A key-value list of arbitrary properties to associate with the correspondence</param>
+    ICorrespondenceRequestBuilder WithPropertyList(IReadOnlyDictionary<string, string> propertyList);
+
+    /// <summary>
+    /// Adds a reply option to the correspondence
+    /// <remarks>
+    /// This method respects any existing options already stored in <see cref="CorrespondenceRequest.ReplyOptions"/>
+    /// </remarks>
+    /// </summary>
+    /// <param name="replyOption">A <see cref="CorrespondenceReplyOption"/> item</param>
+    ICorrespondenceRequestBuilder WithReplyOption(CorrespondenceReplyOption replyOption);
+
+    /// <summary>
+    /// Adds a reply option to the correspondence
+    /// <remarks>
+    /// This method respects any existing options already stored in <see cref="CorrespondenceRequest.ReplyOptions"/>
+    /// </remarks>
+    /// </summary>
+    /// <param name="linkUrl">The URL to be used as a reply/response to a correspondence</param>
+    /// <param name="linkText">The text to display for the link</param>
+    ICorrespondenceRequestBuilder WithReplyOption(string linkUrl, string linkText);
+
+    /// <summary>
+    /// Adds reply options to the correspondence
+    /// <remarks>
+    /// This method respects any existing options already stored in <see cref="CorrespondenceRequest.ReplyOptions"/>
+    /// </remarks>
+    /// </summary>
+    /// <param name="replyOptions">A list of <see cref="CorrespondenceReplyOption"/> items</param>
+    ICorrespondenceRequestBuilder WithReplyOptions(IEnumerable<CorrespondenceReplyOption> replyOptions);
+
+    /// <summary>
+    /// Sets the notification for the correspondence
+    /// </summary>
+    /// <param name="notification">The notification details to be associated with the correspondence</param>
+    ICorrespondenceRequestBuilder WithNotification(CorrespondenceNotification notification);
+
+    /// <summary>
+    /// Sets the notification for the correspondence
+    /// </summary>
+    /// <param name="builder">A <see cref="CorrespondenceNotificationBuilder"/> instance in the <see cref="ICorrespondenceNotificationBuilder"/> stage</param>
+    ICorrespondenceRequestBuilder WithNotification(ICorrespondenceNotificationBuilder builder);
+
+    /// <summary>
+    /// Sets whether the correspondence can override reservation against digital communication in KRR
+    /// </summary>
+    /// <param name="ignoreReservation">A boolean value indicating whether or not reservations can be ignored</param>
+    ICorrespondenceRequestBuilder WithIgnoreReservation(bool ignoreReservation);
+
+    /// <summary>
+    /// Adds an existing attachment reference to the correspondence
+    /// <remarks>
+    /// This method respects any existing references already stored in <see cref="CorrespondenceRequest.ExistingAttachments"/>
+    /// </remarks>
+    /// </summary>
+    /// <param name="existingAttachment">A <see cref="Guid"/> item pointing to an existing attachment</param>
+    ICorrespondenceRequestBuilder WithExistingAttachment(Guid existingAttachment);
+
+    /// <summary>
+    /// Adds existing attachment references to the correspondence
+    /// <remarks>
+    /// This method respects any existing references already stored in <see cref="CorrespondenceRequest.ExistingAttachments"/>
+    /// </remarks>
+    /// </summary>
+    /// <param name="existingAttachments">A list of <see cref="Guid"/> items pointing to existing attachments</param>
+    ICorrespondenceRequestBuilder WithExistingAttachments(IEnumerable<Guid> existingAttachments);
+
+    /// <summary>
+    /// Adds an attachment to the correspondence
+    /// <remarks>
+    /// This method respects any existing attachments already stored in <see cref="CorrespondenceContent.Attachments"/>
+    /// </remarks>
+    /// </summary>
+    /// <param name="attachment">A <see cref="CorrespondenceAttachment"/> item</param>
+    ICorrespondenceRequestBuilder WithAttachment(CorrespondenceAttachment attachment);
+
+    /// <summary>
+    /// Adds an attachment to the correspondence
+    /// <remarks>
+    /// This method respects any existing attachments already stored in <see cref="CorrespondenceContent.Attachments"/>
+    /// </remarks>
+    /// </summary>
+    /// <param name="builder">A <see cref="CorrespondenceAttachmentBuilder"/> instance in the <see cref="ICorrespondenceAttachmentBuilder"/> stage</param>
+    ICorrespondenceRequestBuilder WithAttachment(ICorrespondenceAttachmentBuilder builder);
+
+    /// <summary>
+    /// Adds attachments to the correspondence
+    /// <remarks>
+    /// This method respects any existing attachments already stored in <see cref="CorrespondenceContent.Attachments"/>
+    /// </remarks>
+    /// </summary>
+    /// <param name="attachments">A List of <see cref="CorrespondenceAttachment"/> items</param>
+    ICorrespondenceRequestBuilder WithAttachments(IEnumerable<CorrespondenceAttachment> attachments);
+
+    /// <summary>
+    /// Builds the <see cref="CorrespondenceRequest"/> instance
+    /// </summary>
+    CorrespondenceRequest Build();
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/CorrespondenceAuthorisationFactory.cs b/src/Altinn.App.Core/Features/Correspondence/CorrespondenceAuthorisationFactory.cs
new file mode 100644
index 000000000..50f91bec1
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/CorrespondenceAuthorisationFactory.cs
@@ -0,0 +1,26 @@
+using Altinn.App.Core.Features.Maskinporten;
+using Altinn.App.Core.Models;
+using Microsoft.Extensions.DependencyInjection;
+
+namespace Altinn.App.Core.Features.Correspondence;
+
+internal sealed class CorrespondenceAuthorisationFactory
+{
+    private IMaskinportenClient? _maskinportenClient;
+    private readonly IServiceProvider _serviceProvider;
+
+    public Func<Task<JwtToken>> Maskinporten =>
+        async () =>
+        {
+            _maskinportenClient ??= _serviceProvider.GetRequiredService<IMaskinportenClient>();
+
+            return await _maskinportenClient.GetAltinnExchangedToken(
+                ["altinn:correspondence.write", "altinn:serviceowner/instances.read"]
+            );
+        };
+
+    public CorrespondenceAuthorisationFactory(IServiceProvider serviceProvider)
+    {
+        _serviceProvider = serviceProvider;
+    }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/CorrespondenceClient.cs b/src/Altinn.App.Core/Features/Correspondence/CorrespondenceClient.cs
new file mode 100644
index 000000000..7b5be70cc
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/CorrespondenceClient.cs
@@ -0,0 +1,241 @@
+using System.Diagnostics;
+using System.Net;
+using System.Net.Http.Headers;
+using System.Text.Json;
+using Altinn.App.Core.Configuration;
+using Altinn.App.Core.Constants;
+using Altinn.App.Core.Features.Correspondence.Exceptions;
+using Altinn.App.Core.Features.Correspondence.Models;
+using Altinn.App.Core.Features.Maskinporten.Constants;
+using Altinn.App.Core.Models;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+using CorrespondenceResult = Altinn.App.Core.Features.Telemetry.Correspondence.CorrespondenceResult;
+
+namespace Altinn.App.Core.Features.Correspondence;
+
+/// <inheritdoc />
+internal sealed class CorrespondenceClient : ICorrespondenceClient
+{
+    private readonly ILogger<CorrespondenceClient> _logger;
+    private readonly IHttpClientFactory _httpClientFactory;
+    private readonly PlatformSettings _platformSettings;
+    private readonly Telemetry? _telemetry;
+
+    private readonly CorrespondenceAuthorisationFactory _authorisationFactory;
+
+    public CorrespondenceClient(
+        IHttpClientFactory httpClientFactory,
+        IOptions<PlatformSettings> platformSettings,
+        IServiceProvider serviceProvider,
+        ILogger<CorrespondenceClient> logger,
+        Telemetry? telemetry = null
+    )
+    {
+        _logger = logger;
+        _httpClientFactory = httpClientFactory;
+        _platformSettings = platformSettings.Value;
+        _telemetry = telemetry;
+        _authorisationFactory = new CorrespondenceAuthorisationFactory(serviceProvider);
+    }
+
+    private async Task<JwtToken> AuthorisationFactory(CorrespondencePayloadBase payload)
+    {
+        if (payload.AccessTokenFactory is null && payload.AuthorisationMethod is null)
+        {
+            throw new CorrespondenceArgumentException(
+                "Neither AccessTokenFactory nor AuthorisationMethod was provided in the CorrespondencePayload object"
+            );
+        }
+
+        if (payload.AccessTokenFactory is not null)
+        {
+            return await payload.AccessTokenFactory();
+        }
+
+        return payload.AuthorisationMethod switch
+        {
+            CorrespondenceAuthorisation.Maskinporten => await _authorisationFactory.Maskinporten(),
+            _ => throw new CorrespondenceArgumentException(
+                $"Unknown CorrespondenceAuthorisation `{payload.AuthorisationMethod}`"
+            ),
+        };
+    }
+
+    /// <inheritdoc />
+    public async Task<SendCorrespondenceResponse> Send(
+        SendCorrespondencePayload payload,
+        CancellationToken cancellationToken = default
+    )
+    {
+        _logger.LogDebug("Sending Correspondence request");
+        using Activity? activity = _telemetry?.StartSendCorrespondenceActivity();
+
+        try
+        {
+            using MultipartFormDataContent content = payload.CorrespondenceRequest.Serialise();
+            using HttpRequestMessage request = await AuthenticatedHttpRequestFactory(
+                method: HttpMethod.Post,
+                uri: GetUri("correspondence/upload"),
+                content: content,
+                payload: payload
+            );
+
+            var response = await HandleServerCommunication<SendCorrespondenceResponse>(request, cancellationToken);
+            activity?.SetCorrespondence(response);
+            _telemetry?.RecordCorrespondenceOrder(CorrespondenceResult.Success);
+
+            return response;
+        }
+        catch (CorrespondenceException e)
+        {
+            var requestException = e as CorrespondenceRequestException;
+
+            _logger.LogError(
+                e,
+                "Failed to send correspondence: status={StatusCode} response={Response}",
+                requestException?.HttpStatusCode.ToString() ?? "Unknown",
+                requestException?.ResponseBody ?? "No response body"
+            );
+
+            activity?.Errored(e, requestException?.ProblemDetails?.Detail);
+            _telemetry?.RecordCorrespondenceOrder(CorrespondenceResult.Error);
+            throw;
+        }
+        catch (Exception e)
+        {
+            activity?.Errored(e);
+            _logger.LogError(e, "Failed to send correspondence: {Exception}", e);
+            _telemetry?.RecordCorrespondenceOrder(CorrespondenceResult.Error);
+            throw new CorrespondenceRequestException($"Failed to send correspondence: {e}", e);
+        }
+    }
+
+    /// <inheritdoc/>
+    public async Task<GetCorrespondenceStatusResponse> GetStatus(
+        GetCorrespondenceStatusPayload payload,
+        CancellationToken cancellationToken = default
+    )
+    {
+        _logger.LogDebug("Fetching correspondence status");
+        using Activity? activity = _telemetry?.StartCorrespondenceStatusActivity(payload.CorrespondenceId);
+
+        try
+        {
+            using HttpRequestMessage request = await AuthenticatedHttpRequestFactory(
+                method: HttpMethod.Get,
+                uri: GetUri($"correspondence/{payload.CorrespondenceId}/details"),
+                content: null,
+                payload: payload
+            );
+
+            return await HandleServerCommunication<GetCorrespondenceStatusResponse>(request, cancellationToken);
+        }
+        catch (CorrespondenceException e)
+        {
+            var requestException = e as CorrespondenceRequestException;
+
+            _logger.LogError(
+                e,
+                "Failed to fetch correspondence status: status={StatusCode} response={Response}",
+                requestException?.HttpStatusCode.ToString() ?? "Unknown",
+                requestException?.ResponseBody ?? "No response body"
+            );
+
+            activity?.Errored(e, requestException?.ProblemDetails?.Detail);
+            throw;
+        }
+        catch (Exception e)
+        {
+            activity?.Errored(e);
+            _logger.LogError(e, "Failed to fetch correspondence status: {Exception}", e);
+            throw new CorrespondenceRequestException($"Failed to fetch correspondence status: {e}", e);
+        }
+    }
+
+    private async Task<HttpRequestMessage> AuthenticatedHttpRequestFactory(
+        HttpMethod method,
+        string uri,
+        HttpContent? content,
+        CorrespondencePayloadBase payload
+    )
+    {
+        _logger.LogDebug("Fetching access token via factory");
+        JwtToken accessToken = await AuthorisationFactory(payload);
+
+        _logger.LogDebug("Constructing authorized http request for target uri {TargetEndpoint}", uri);
+        HttpRequestMessage request = new(method, uri) { Content = content };
+
+        request.Headers.Authorization = new AuthenticationHeaderValue(TokenTypes.Bearer, accessToken);
+        request.Headers.TryAddWithoutValidation(General.SubscriptionKeyHeaderName, _platformSettings.SubscriptionKey);
+
+        return request;
+    }
+
+    private ProblemDetails? GetProblemDetails(string responseBody)
+    {
+        if (string.IsNullOrWhiteSpace(responseBody))
+        {
+            return null;
+        }
+
+        try
+        {
+            return JsonSerializer.Deserialize<ProblemDetails>(responseBody);
+        }
+        catch (Exception e)
+        {
+            _logger.LogError(e, "Error parsing ProblemDetails from Correspondence api");
+        }
+
+        return null;
+    }
+
+    private string GetUri(string relativePath)
+    {
+        string baseUri = _platformSettings.ApiCorrespondenceEndpoint.TrimEnd('/');
+        return $"{baseUri}/{relativePath.TrimStart('/')}";
+    }
+
+    private async Task<TContent> HandleServerCommunication<TContent>(
+        HttpRequestMessage request,
+        CancellationToken cancellationToken
+    )
+    {
+        using HttpClient client = _httpClientFactory.CreateClient();
+        using HttpResponseMessage response = await client.SendAsync(request, cancellationToken);
+        string responseBody = await response.Content.ReadAsStringAsync(cancellationToken);
+
+        if (response.StatusCode != HttpStatusCode.OK)
+        {
+            var problemDetails = GetProblemDetails(responseBody);
+            throw new CorrespondenceRequestException(
+                $"Correspondence request failed with status {response.StatusCode}: {problemDetails?.Detail}",
+                problemDetails,
+                response.StatusCode,
+                responseBody
+            );
+        }
+
+        _logger.LogDebug("Correspondence request succeeded: {Response}", responseBody);
+
+        try
+        {
+            return JsonSerializer.Deserialize<TContent>(responseBody)
+                ?? throw new CorrespondenceRequestException(
+                    "Literal null content received from Correspondence API server"
+                );
+        }
+        catch (Exception e)
+        {
+            throw new CorrespondenceRequestException(
+                $"Invalid response from Correspondence API server: {responseBody}",
+                null,
+                response.StatusCode,
+                responseBody,
+                e
+            );
+        }
+    }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Exceptions/CorrespondenceArgumentException.cs b/src/Altinn.App.Core/Features/Correspondence/Exceptions/CorrespondenceArgumentException.cs
new file mode 100644
index 000000000..4e4d1705b
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Exceptions/CorrespondenceArgumentException.cs
@@ -0,0 +1,18 @@
+namespace Altinn.App.Core.Features.Correspondence.Exceptions;
+
+/// <summary>
+/// An exception that indicates an invalid method argument is being used in a correspondence operation
+/// </summary>
+public class CorrespondenceArgumentException : CorrespondenceException
+{
+    /// <inheritdoc/>
+    public CorrespondenceArgumentException() { }
+
+    /// <inheritdoc/>
+    public CorrespondenceArgumentException(string? message)
+        : base(message) { }
+
+    /// <inheritdoc/>
+    public CorrespondenceArgumentException(string? message, Exception? innerException)
+        : base(message, innerException) { }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Exceptions/CorrespondenceException.cs b/src/Altinn.App.Core/Features/Correspondence/Exceptions/CorrespondenceException.cs
new file mode 100644
index 000000000..400637d23
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Exceptions/CorrespondenceException.cs
@@ -0,0 +1,18 @@
+namespace Altinn.App.Core.Features.Correspondence.Exceptions;
+
+/// <summary>
+/// Generic Correspondence related exception. Something went wrong, and it was related to Correspondence.
+/// </summary>
+public abstract class CorrespondenceException : Exception
+{
+    /// <inheritdoc/>
+    protected CorrespondenceException() { }
+
+    /// <inheritdoc/>
+    protected CorrespondenceException(string? message)
+        : base(message) { }
+
+    /// <inheritdoc/>
+    protected CorrespondenceException(string? message, Exception? innerException)
+        : base(message, innerException) { }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Exceptions/CorrespondenceRequestException.cs b/src/Altinn.App.Core/Features/Correspondence/Exceptions/CorrespondenceRequestException.cs
new file mode 100644
index 000000000..158150609
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Exceptions/CorrespondenceRequestException.cs
@@ -0,0 +1,65 @@
+using System.Net;
+using Microsoft.AspNetCore.Mvc;
+
+namespace Altinn.App.Core.Features.Correspondence.Exceptions;
+
+/// <summary>
+/// An exception that indicates an error was returned from the correspondence server
+/// </summary>
+public class CorrespondenceRequestException : CorrespondenceException
+{
+    /// <summary>
+    /// Problem details object from the Correspondence API server, if available
+    /// </summary>
+    public ProblemDetails? ProblemDetails { get; init; }
+
+    /// <summary>
+    /// Http status code related to the request, if available
+    /// </summary>
+    public HttpStatusCode? HttpStatusCode { get; init; }
+
+    /// <summary>
+    /// The request body, if available
+    /// </summary>
+    public string? ResponseBody { get; init; }
+
+    /// <inheritdoc/>
+    public CorrespondenceRequestException() { }
+
+    /// <inheritdoc/>
+    public CorrespondenceRequestException(string? message)
+        : base(message) { }
+
+    /// <inheritdoc/>
+    public CorrespondenceRequestException(
+        string? message,
+        ProblemDetails? problemDetails,
+        HttpStatusCode? httpStatusCode,
+        string? responseBody
+    )
+        : base(message)
+    {
+        ProblemDetails = problemDetails;
+        HttpStatusCode = httpStatusCode;
+        ResponseBody = responseBody;
+    }
+
+    /// <inheritdoc/>
+    public CorrespondenceRequestException(
+        string? message,
+        ProblemDetails? problemDetails,
+        HttpStatusCode? httpStatusCode,
+        string? responseBody,
+        Exception? innerException
+    )
+        : base(message, innerException)
+    {
+        ProblemDetails = problemDetails;
+        HttpStatusCode = httpStatusCode;
+        ResponseBody = responseBody;
+    }
+
+    /// <inheritdoc/>
+    public CorrespondenceRequestException(string? message, Exception? innerException)
+        : base(message, innerException) { }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Exceptions/CorrespondenceValueException.cs b/src/Altinn.App.Core/Features/Correspondence/Exceptions/CorrespondenceValueException.cs
new file mode 100644
index 000000000..bac26c612
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Exceptions/CorrespondenceValueException.cs
@@ -0,0 +1,18 @@
+namespace Altinn.App.Core.Features.Correspondence.Exceptions;
+
+/// <summary>
+/// An exception that indicates an invalid value is being used in a correspondence operation
+/// </summary>
+public class CorrespondenceValueException : CorrespondenceException
+{
+    /// <inheritdoc/>
+    public CorrespondenceValueException() { }
+
+    /// <inheritdoc/>
+    public CorrespondenceValueException(string? message)
+        : base(message) { }
+
+    /// <inheritdoc/>
+    public CorrespondenceValueException(string? message, Exception? innerException)
+        : base(message, innerException) { }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Extensions/ServiceCollectionExtensions.cs b/src/Altinn.App.Core/Features/Correspondence/Extensions/ServiceCollectionExtensions.cs
new file mode 100644
index 000000000..6b4129d1f
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Extensions/ServiceCollectionExtensions.cs
@@ -0,0 +1,16 @@
+using Microsoft.Extensions.DependencyInjection;
+
+namespace Altinn.App.Core.Features.Correspondence.Extensions;
+
+internal static class ServiceCollectionExtensions
+{
+    /// <summary>
+    /// Adds a <see cref="ICorrespondenceClient"/> service to the service collection.
+    /// </summary>
+    /// <param name="services">The service collection</param>
+    public static IServiceCollection AddCorrespondenceClient(this IServiceCollection services)
+    {
+        services.AddSingleton<ICorrespondenceClient, CorrespondenceClient>();
+        return services;
+    }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/ICorrespondenceClient.cs b/src/Altinn.App.Core/Features/Correspondence/ICorrespondenceClient.cs
new file mode 100644
index 000000000..3fc4c55cb
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/ICorrespondenceClient.cs
@@ -0,0 +1,31 @@
+using Altinn.App.Core.Features.Correspondence.Models;
+
+namespace Altinn.App.Core.Features.Correspondence;
+
+/// <summary>
+/// Contains logic for interacting with the correspondence message service
+/// </summary>
+public interface ICorrespondenceClient
+{
+    /// <summary>
+    /// Sends a correspondence
+    /// </summary>
+    /// <param name="payload">The <see cref="SendCorrespondencePayload"/> payload</param>
+    /// <param name="cancellationToken">An optional cancellation token</param>
+    /// <returns></returns>
+    Task<SendCorrespondenceResponse> Send(
+        SendCorrespondencePayload payload,
+        CancellationToken cancellationToken = default
+    );
+
+    /// <summary>
+    /// Fetches the status of a correspondence
+    /// </summary>
+    /// <param name="payload">The <see cref="GetCorrespondenceStatusPayload"/> payload</param>
+    /// <param name="cancellationToken">An optional cancellation token</param>
+    /// <returns></returns>
+    Task<GetCorrespondenceStatusResponse> GetStatus(
+        GetCorrespondenceStatusPayload payload,
+        CancellationToken cancellationToken = default
+    );
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceAttachment.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceAttachment.cs
new file mode 100644
index 000000000..ecadf589b
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceAttachment.cs
@@ -0,0 +1,58 @@
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// Represents an attachment to a correspondence
+/// </summary>
+public sealed record CorrespondenceAttachment : MultipartCorrespondenceItem
+{
+    /// <summary>
+    /// The filename of the attachment
+    /// </summary>
+    public required string Filename { get; init; }
+
+    /// <summary>
+    /// The display name of the attachment
+    /// </summary>
+    public required string Name { get; init; }
+
+    /// <summary>
+    /// A value indicating whether the attachment is encrypted or not
+    /// </summary>
+    public bool? IsEncrypted { get; init; }
+
+    /// <summary>
+    /// A reference value given to the attachment by the creator
+    /// </summary>
+    public required string SendersReference { get; init; }
+
+    /// <summary>
+    /// The attachment data type in MIME format
+    /// </summary>
+    public required string DataType { get; init; }
+
+    /// <summary>
+    /// Specifies the storage location of the attachment data
+    /// </summary>
+    public CorrespondenceDataLocationType DataLocationType { get; init; } =
+        CorrespondenceDataLocationType.ExistingCorrespondenceAttachment;
+
+    /// <summary>
+    /// The file stream
+    /// </summary>
+    public required ReadOnlyMemory<byte> Data { get; init; }
+
+    internal void Serialise(MultipartFormDataContent content, int index, string? filenameOverride = null)
+    {
+        const string typePrefix = "Correspondence.Content.Attachments";
+        string prefix = $"{typePrefix}[{index}]";
+        string actualFilename = filenameOverride ?? Filename;
+
+        AddRequired(content, actualFilename, $"{prefix}.Filename");
+        AddRequired(content, Name, $"{prefix}.Name");
+        AddRequired(content, SendersReference, $"{prefix}.SendersReference");
+        AddRequired(content, DataType, $"{prefix}.DataType");
+        AddRequired(content, DataLocationType.ToString(), $"{prefix}.DataLocationType");
+        AddRequired(content, Data, "Attachments", actualFilename); // NOTE: No prefix!
+        AddIfNotNull(content, IsEncrypted?.ToString(), $"{prefix}.IsEncrypted");
+    }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceAttachmentResponse.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceAttachmentResponse.cs
new file mode 100644
index 000000000..e022f542f
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceAttachmentResponse.cs
@@ -0,0 +1,96 @@
+using System.Text.Json.Serialization;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// Represents a binary attachment to a Correspondence
+/// </summary>
+public sealed record CorrespondenceAttachmentResponse
+{
+    /// <summary>
+    /// A unique id for the correspondence attachment
+    /// </summary>
+    [JsonPropertyName("id")]
+    public Guid Id { get; init; }
+
+    /// <summary>
+    /// The date and time when the attachment was created
+    /// </summary>
+    [JsonPropertyName("created")]
+    public DateTimeOffset Created { get; init; }
+
+    /// <summary>
+    /// The location of the attachment data
+    /// </summary>
+    [JsonPropertyName("dataLocationType")]
+    public CorrespondenceDataLocationTypeResponse DataLocationType { get; init; }
+
+    /// <summary>
+    /// The current status of the attachment
+    /// </summary>
+    [JsonPropertyName("status")]
+    public CorrespondenceAttachmentStatusResponse Status { get; init; }
+
+    /// <summary>
+    /// The text description of the status code
+    /// </summary>
+    [JsonPropertyName("statusText")]
+    public required string StatusText { get; init; }
+
+    /// <summary>
+    /// The date and time when the current attachment status was changed
+    /// </summary>
+    [JsonPropertyName("statusChanged")]
+    public DateTimeOffset StatusChanged { get; init; }
+
+    /// <summary>
+    /// The date and time when the attachment expires
+    /// </summary>
+    [JsonPropertyName("expirationTime")]
+    public DateTimeOffset ExpirationTime { get; init; }
+
+    /// <summary>
+    /// The filename of the attachment
+    /// </summary>
+    [JsonPropertyName("fileName")]
+    public string? FileName { get; init; }
+
+    /// <summary>
+    /// The display name of the attachment
+    /// </summary>
+    [JsonPropertyName("name")]
+    public required string Name { get; init; }
+
+    /// <summary>
+    /// The name of the restriction policy restricting access to this element
+    /// </summary>
+    /// <remarks>
+    /// An empty value indicates no restriction above the ones governing the correspondence referencing this attachment
+    /// </remarks>
+    [JsonPropertyName("restrictionName")]
+    public string? RestrictionName { get; init; }
+
+    /// <summary>
+    /// Indicates if the attachment is encrypted or not
+    /// </summary>
+    [JsonPropertyName("isEncrypted")]
+    public bool IsEncrypted { get; init; }
+
+    /// <summary>
+    /// MD5 checksum of the file data
+    /// </summary>
+    [JsonPropertyName("checksum")]
+    public string? Checksum { get; init; }
+
+    /// <summary>
+    /// A reference value given to the attachment by the creator
+    /// </summary>
+    [JsonPropertyName("sendersReference")]
+    public required string SendersReference { get; init; }
+
+    /// <summary>
+    /// The attachment data type in MIME format
+    /// </summary>
+    [JsonPropertyName("dataType")]
+    public required string DataType { get; init; }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceAttachmentStatusResponse.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceAttachmentStatusResponse.cs
new file mode 100644
index 000000000..4062fb383
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceAttachmentStatusResponse.cs
@@ -0,0 +1,35 @@
+using System.Text.Json.Serialization;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// Represents the status of an attachment
+/// </summary>
+[JsonConverter(typeof(JsonStringEnumConverter))]
+public enum CorrespondenceAttachmentStatusResponse
+{
+    /// <summary>
+    /// Attachment has been Initialized.
+    /// </summary>
+    Initialized,
+
+    /// <summary>
+    /// Awaiting processing of upload
+    /// </summary>
+    UploadProcessing,
+
+    /// <summary>
+    /// Published and available for download
+    /// </summary>
+    Published,
+
+    /// <summary>
+    /// Purged
+    /// </summary>
+    Purged,
+
+    /// <summary>
+    /// Failed
+    /// </summary>
+    Failed,
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceContent.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceContent.cs
new file mode 100644
index 000000000..c6b8679ab
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceContent.cs
@@ -0,0 +1,43 @@
+using Altinn.App.Core.Models;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// The message content in a correspondence
+/// </summary>
+public sealed record CorrespondenceContent : MultipartCorrespondenceItem
+{
+    /// <summary>
+    /// The correspondence message title (subject)
+    /// </summary>
+    public required string Title { get; init; }
+
+    /// <summary>
+    /// The language of the correspondence, specified according to ISO 639-1
+    /// </summary>
+    public required LanguageCode<Iso6391> Language { get; init; }
+
+    /// <summary>
+    /// The summary text of the correspondence message
+    /// </summary>
+    public required string Summary { get; init; }
+
+    /// <summary>
+    /// The full text (body) of the correspondence message
+    /// </summary>
+    public required string Body { get; init; }
+
+    /// <summary>
+    /// File attachments to associate with this correspondence
+    /// </summary>
+    public IReadOnlyList<CorrespondenceAttachment>? Attachments { get; init; }
+
+    internal void Serialise(MultipartFormDataContent content)
+    {
+        AddRequired(content, Language.Value, "Correspondence.Content.Language");
+        AddRequired(content, Title, "Correspondence.Content.MessageTitle");
+        AddRequired(content, Summary, "Correspondence.Content.MessageSummary");
+        AddRequired(content, Body, "Correspondence.Content.MessageBody");
+        SerializeAttachmentItems(content, Attachments);
+    }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceContentResponse.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceContentResponse.cs
new file mode 100644
index 000000000..b7309c0f1
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceContentResponse.cs
@@ -0,0 +1,41 @@
+using System.Text.Json.Serialization;
+using Altinn.App.Core.Models;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// Represents the content of a correspondence
+/// </summary>
+public sealed record CorrespondenceContentResponse
+{
+    /// <summary>
+    /// The language of the correspondence, specified according to ISO 639-1
+    /// </summary>
+    [JsonPropertyName("language")]
+    [JsonConverter(typeof(LanguageCodeJsonConverter<Iso6391>))]
+    public LanguageCode<Iso6391> Language { get; init; }
+
+    /// <summary>
+    /// The correspondence message title (subject)
+    /// </summary>
+    [JsonPropertyName("messageTitle")]
+    public required string MessageTitle { get; init; }
+
+    /// <summary>
+    /// The summary text of the correspondence
+    /// </summary>
+    [JsonPropertyName("messageSummary")]
+    public required string MessageSummary { get; init; }
+
+    /// <summary>
+    /// The main body of the correspondence
+    /// </summary>
+    [JsonPropertyName("messageBody")]
+    public required string MessageBody { get; init; }
+
+    /// <summary>
+    /// A list of attachments for the correspondence
+    /// </summary>
+    [JsonPropertyName("attachments")]
+    public IEnumerable<CorrespondenceAttachmentResponse>? Attachments { get; init; }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceDataLocationType.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceDataLocationType.cs
new file mode 100644
index 000000000..54b995c90
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceDataLocationType.cs
@@ -0,0 +1,25 @@
+using System.Text.Json.Serialization;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// The location of the attachment during the correspondence initialization
+/// </summary>
+[JsonConverter(typeof(JsonStringEnumConverter))]
+public enum CorrespondenceDataLocationType
+{
+    /// <summary>
+    /// Specifies that the attachment data will need to be uploaded to Altinn Correspondence via the Upload Attachment operation
+    /// </summary>
+    NewCorrespondenceAttachment,
+
+    /// <summary>
+    /// Specifies that the attachment  already exist in Altinn Correspondence storage
+    /// </summary>
+    ExistingCorrespondenceAttachment,
+
+    /// <summary>
+    /// Specifies that the attachment data already exist in an external storage
+    /// </summary>
+    ExisitingExternalStorage,
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceDataLocationTypeResponse.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceDataLocationTypeResponse.cs
new file mode 100644
index 000000000..7d0568502
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceDataLocationTypeResponse.cs
@@ -0,0 +1,20 @@
+using System.Text.Json.Serialization;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// Defines the location of the attachment data
+/// </summary>
+[JsonConverter(typeof(JsonStringEnumConverter))]
+public enum CorrespondenceDataLocationTypeResponse
+{
+    /// <summary>
+    /// Specifies that the attachment data is stored in the Altinn correspondence storage
+    /// </summary>
+    AltinnCorrespondenceAttachment,
+
+    /// <summary>
+    /// Specifies that the attachment data is stored in an external storage controlled by the sender
+    /// </summary>
+    ExternalStorage,
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceDetailsResponse.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceDetailsResponse.cs
new file mode 100644
index 000000000..a24fb182c
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceDetailsResponse.cs
@@ -0,0 +1,35 @@
+using System.Text.Json.Serialization;
+using Altinn.App.Core.Models;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// Details about the correspondence
+/// </summary>
+public sealed record CorrespondenceDetailsResponse
+{
+    /// <summary>
+    /// The correspondence identifier
+    /// </summary>
+    [JsonPropertyName("correspondenceId")]
+    public Guid CorrespondenceId { get; init; }
+
+    /// <summary>
+    /// The status of the correspondence
+    /// </summary>
+    [JsonPropertyName("status")]
+    public CorrespondenceStatus Status { get; init; }
+
+    /// <summary>
+    /// The recipient of the correspondence
+    /// </summary>
+    [JsonPropertyName("recipient")]
+    [OrganisationOrPersonIdentifierJsonConverter(OrganisationNumberFormat.International)]
+    public required OrganisationOrPersonIdentifier Recipient { get; init; }
+
+    /// <summary>
+    /// Notifications linked to the correspondence
+    /// </summary>
+    [JsonPropertyName("notifications")]
+    public IReadOnlyList<CorrespondenceNotificationDetailsResponse>? Notifications { get; init; }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceExternalReference.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceExternalReference.cs
new file mode 100644
index 000000000..219c31f98
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceExternalReference.cs
@@ -0,0 +1,27 @@
+using System.Text.Json.Serialization;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// Represents a reference to another item in the Altinn ecosystem
+/// </summary>
+public sealed record CorrespondenceExternalReference : MultipartCorrespondenceListItem
+{
+    /// <summary>
+    /// The reference type
+    /// </summary>
+    [JsonPropertyName("referenceType")]
+    public required CorrespondenceReferenceType ReferenceType { get; init; }
+
+    /// <summary>
+    /// The reference value
+    /// </summary>
+    [JsonPropertyName("referenceValue")]
+    public required string ReferenceValue { get; init; }
+
+    internal override void Serialise(MultipartFormDataContent content, int index)
+    {
+        AddRequired(content, ReferenceType.ToString(), $"Correspondence.ExternalReferences[{index}].ReferenceType");
+        AddRequired(content, ReferenceValue, $"Correspondence.ExternalReferences[{index}].ReferenceValue");
+    }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotification.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotification.cs
new file mode 100644
index 000000000..4d3ae3f5d
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotification.cs
@@ -0,0 +1,115 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// Represents a notification to be sent to the recipient of a correspondence
+/// </summary>
+public sealed record CorrespondenceNotification : MultipartCorrespondenceItem
+{
+    /// <summary>
+    /// The notification template for use for notifications
+    /// </summary>
+    public required CorrespondenceNotificationTemplate NotificationTemplate { get; init; }
+
+    /// <summary>
+    /// The email subject to use for notifications
+    /// <remarks>
+    /// Depending on the <see cref="NotificationTemplate"/> in use, this value may be padded according to the template logic
+    /// </remarks>
+    /// </summary>
+    [StringLength(128, MinimumLength = 0)]
+    public string? EmailSubject { get; init; }
+
+    /// <summary>
+    /// The email body content to use for notifications
+    /// <remarks>
+    /// Depending on the <see cref="NotificationTemplate"/> in use, this value may be padded according to the template logic
+    /// </remarks>
+    /// </summary>
+    [StringLength(1024, MinimumLength = 0)]
+    public string? EmailBody { get; init; }
+
+    /// <summary>
+    /// The sms content to use for notifications
+    /// <remarks>
+    /// Depending on the <see cref="NotificationTemplate"/> in use, this value may be padded according to the template logic
+    /// </remarks>
+    /// </summary>
+    [StringLength(160, MinimumLength = 0)]
+    public string? SmsBody { get; init; }
+
+    /// <summary>
+    /// Should a reminder be sent if this correspondence has not been actioned within an appropriate time frame?
+    /// </summary>
+    public bool? SendReminder { get; init; }
+
+    /// <summary>
+    /// The email subject to use for reminder notifications
+    /// <remarks>
+    /// Depending on the <see cref="NotificationTemplate"/> in use, this value may be padded according to the template logic
+    /// </remarks>
+    /// </summary>
+    [StringLength(128, MinimumLength = 0)]
+    public string? ReminderEmailSubject { get; init; }
+
+    /// <summary>
+    /// The email body content to use for reminder notifications
+    /// <remarks>
+    /// Depending on the <see cref="NotificationTemplate"/> in use, this value may be padded according to the template logic
+    /// </remarks>
+    /// </summary>
+    [StringLength(1024, MinimumLength = 0)]
+    public string? ReminderEmailBody { get; init; }
+
+    /// <summary>
+    /// The sms content to use for reminder notifications
+    /// <remarks>
+    /// Depending on the <see cref="NotificationTemplate"/> in use, this value may be padded according to the template logic
+    /// </remarks>
+    /// </summary>
+    [StringLength(160, MinimumLength = 0)]
+    public string? ReminderSmsBody { get; init; }
+
+    /// <summary>
+    /// Where should the notifications be sent?
+    /// </summary>
+    public CorrespondenceNotificationChannel? NotificationChannel { get; init; }
+
+    /// <summary>
+    /// Where should the reminder notifications be sent?
+    /// </summary>
+    public CorrespondenceNotificationChannel? ReminderNotificationChannel { get; init; }
+
+    /// <summary>
+    /// Senders reference for this notification
+    /// </summary>
+    public string? SendersReference { get; init; }
+
+    /// <summary>
+    /// The date and time for when the notification should be sent
+    /// </summary>
+    public DateTimeOffset? RequestedSendTime { get; init; }
+
+    internal void Serialise(MultipartFormDataContent content)
+    {
+        ValidateAllProperties(nameof(CorrespondenceNotification));
+
+        AddRequired(content, NotificationTemplate.ToString(), "Correspondence.Notification.NotificationTemplate");
+        AddIfNotNull(content, EmailSubject, "Correspondence.Notification.EmailSubject");
+        AddIfNotNull(content, EmailBody, "Correspondence.Notification.EmailBody");
+        AddIfNotNull(content, SmsBody, "Correspondence.Notification.SmsBody");
+        AddIfNotNull(content, SendReminder?.ToString(), "Correspondence.Notification.SendReminder");
+        AddIfNotNull(content, ReminderEmailSubject, "Correspondence.Notification.ReminderEmailSubject");
+        AddIfNotNull(content, ReminderEmailBody, "Correspondence.Notification.ReminderEmailBody");
+        AddIfNotNull(content, ReminderSmsBody, "Correspondence.Notification.ReminderSmsBody");
+        AddIfNotNull(content, NotificationChannel.ToString(), "Correspondence.Notification.NotificationChannel");
+        AddIfNotNull(content, SendersReference, "Correspondence.Notification.SendersReference");
+        AddIfNotNull(content, RequestedSendTime?.ToString("O"), "Correspondence.Notification.RequestedSendTime");
+        AddIfNotNull(
+            content,
+            ReminderNotificationChannel.ToString(),
+            "Correspondence.Notification.ReminderNotificationChannel"
+        );
+    }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationChannel.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationChannel.cs
new file mode 100644
index 000000000..b97e67579
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationChannel.cs
@@ -0,0 +1,30 @@
+using System.Text.Json.Serialization;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// Available notification channels (methods)
+/// </summary>
+[JsonConverter(typeof(JsonStringEnumConverter))]
+public enum CorrespondenceNotificationChannel
+{
+    /// <summary>
+    /// The selected channel for the notification is email.
+    /// </summary>
+    Email,
+
+    /// <summary>
+    /// The selected channel for the notification is sms.
+    /// </summary>
+    Sms,
+
+    /// <summary>
+    /// The selected channel for the notification is email preferred.
+    /// </summary>
+    EmailPreferred,
+
+    /// <summary>
+    /// The selected channel for the notification is SMS preferred.
+    /// </summary>
+    SmsPreferred,
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationDetailsResponse.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationDetailsResponse.cs
new file mode 100644
index 000000000..57c7a19ed
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationDetailsResponse.cs
@@ -0,0 +1,27 @@
+using System.Text.Json.Serialization;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// Details about a correspondence notification
+/// </summary>
+public sealed record CorrespondenceNotificationDetailsResponse
+{
+    /// <summary>
+    /// The notification order identifier
+    /// </summary>
+    [JsonPropertyName("orderId")]
+    public Guid? OrderId { get; init; }
+
+    /// <summary>
+    /// Whether or not this is a reminder notification
+    /// </summary>
+    [JsonPropertyName("isReminder")]
+    public bool? IsReminder { get; init; }
+
+    /// <summary>
+    /// The status of the notification
+    /// </summary>
+    [JsonPropertyName("status")]
+    public CorrespondenceNotificationStatusResponse Status { get; init; }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationOrderResponse.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationOrderResponse.cs
new file mode 100644
index 000000000..51e130c35
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationOrderResponse.cs
@@ -0,0 +1,75 @@
+using System.Text.Json.Serialization;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// Represents a notification connected to a specific correspondence
+/// </summary>
+public sealed record CorrespondenceNotificationOrderResponse
+{
+    /// <summary>
+    /// The id of the notification order
+    /// </summary>
+    [JsonPropertyName("id")]
+    public required string Id { get; set; }
+
+    /// <summary>
+    /// The senders reference of the notification
+    /// </summary>
+    [JsonPropertyName("sendersReference")]
+    public string? SendersReference { get; set; }
+
+    /// <summary>
+    /// The requested send time of the notification
+    /// </summary>
+    [JsonPropertyName("requestedSendTime")]
+    public DateTimeOffset RequestedSendTime { get; set; }
+
+    /// <summary>
+    /// The short name of the creator of the notification order
+    /// </summary>
+    [JsonPropertyName("creator")]
+    public required string Creator { get; init; }
+
+    /// <summary>
+    /// The date and time of when the notification order was created
+    /// </summary>
+    [JsonPropertyName("created")]
+    public DateTimeOffset Created { get; init; }
+
+    /// <summary>
+    /// Indicates if the notification is a reminder notification
+    /// </summary>
+    [JsonPropertyName("isReminder")]
+    public bool IsReminder { get; init; }
+
+    /// <summary>
+    /// The preferred notification channel of the notification order
+    /// </summary>
+    [JsonPropertyName("notificationChannel")]
+    public CorrespondenceNotificationChannel NotificationChannel { get; init; }
+
+    /// <summary>
+    /// Indicates if notifications generated by this order should ignore KRR reservations
+    /// </summary>
+    [JsonPropertyName("ignoreReservation")]
+    public bool? IgnoreReservation { get; init; }
+
+    /// <summary>
+    /// The id of the resource that this notification relates to
+    /// </summary>
+    [JsonPropertyName("resourceId")]
+    public string? ResourceId { get; init; }
+
+    /// <summary>
+    /// The processing status of the notification order
+    /// </summary>
+    [JsonPropertyName("processingStatus")]
+    public CorrespondenceNotificationStatusSummaryResponse? ProcessingStatus { get; init; }
+
+    /// <summary>
+    /// The summary of the notifications statuses
+    /// </summary>
+    [JsonPropertyName("notificationStatusDetails")]
+    public CorrespondenceNotificationSummaryResponse? NotificationStatusDetails { get; init; }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationRecipientResponse.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationRecipientResponse.cs
new file mode 100644
index 000000000..8f1f93b65
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationRecipientResponse.cs
@@ -0,0 +1,39 @@
+using System.Text.Json.Serialization;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// Represents a recipient of a notification
+/// </summary>
+public sealed record CorrespondenceNotificationRecipientResponse
+{
+    /// <summary>
+    /// The email address of the recipient
+    /// </summary>
+    [JsonPropertyName("emailAddress")]
+    public string? EmailAddress { get; init; }
+
+    /// <summary>
+    /// The mobile phone number of the recipient
+    /// </summary>
+    [JsonPropertyName("mobileNumber")]
+    public string? MobileNumber { get; init; }
+
+    /// <summary>
+    /// The organization number of the recipient
+    /// </summary>
+    [JsonPropertyName("organizationNumber")]
+    public string? OrganisationNumber { get; init; }
+
+    /// <summary>
+    /// The SSN/identity number of the recipient
+    /// </summary>
+    [JsonPropertyName("nationalIdentityNumber")]
+    public string? NationalIdentityNumber { get; init; }
+
+    /// <summary>
+    /// Indicates if the recipient is reserved from receiving communication
+    /// </summary>
+    [JsonPropertyName("isReserved")]
+    public bool? IsReserved { get; init; }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationStatusDetailsResponse.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationStatusDetailsResponse.cs
new file mode 100644
index 000000000..79ffd4dda
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationStatusDetailsResponse.cs
@@ -0,0 +1,33 @@
+using System.Text.Json.Serialization;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// Represents a status overview from a single notification channel
+/// </summary>
+public sealed record CorrespondenceNotificationStatusDetailsResponse
+{
+    /// <summary>
+    /// The notification id
+    /// </summary>
+    [JsonPropertyName("id")]
+    public Guid Id { get; init; }
+
+    /// <summary>
+    /// Indicates if the sending of the notification was successful
+    /// </summary>
+    [JsonPropertyName("succeeded")]
+    public bool Succeeded { get; init; }
+
+    /// <summary>
+    /// The recipient of the notification. Either an organisation number or identity number
+    /// </summary>
+    [JsonPropertyName("recipient")]
+    public CorrespondenceNotificationRecipientResponse? Recipient { get; init; }
+
+    /// <summary>
+    /// The result status of the notification
+    /// </summary>
+    [JsonPropertyName("sendStatus")]
+    public CorrespondenceNotificationStatusSummaryResponse? SendStatus { get; init; }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationStatusResponse.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationStatusResponse.cs
new file mode 100644
index 000000000..bb186574c
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationStatusResponse.cs
@@ -0,0 +1,25 @@
+using System.Text.Json.Serialization;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// The status of a correspondence notification
+/// </summary>
+[JsonConverter(typeof(JsonStringEnumConverter))]
+public enum CorrespondenceNotificationStatusResponse
+{
+    /// <summary>
+    /// Notification has been scheduled successfully
+    /// </summary>
+    Success,
+
+    /// <summary>
+    /// Notification cannot be delivered because of missing contact information
+    /// </summary>
+    MissingContact,
+
+    /// <summary>
+    /// Notification has failed
+    /// </summary>
+    Failure,
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationStatusSummaryResponse.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationStatusSummaryResponse.cs
new file mode 100644
index 000000000..56bcd8c46
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationStatusSummaryResponse.cs
@@ -0,0 +1,27 @@
+using System.Text.Json.Serialization;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// Represents the status summary of a notification
+/// </summary>
+public sealed record CorrespondenceNotificationStatusSummaryResponse
+{
+    /// <summary>
+    /// The status
+    /// </summary>
+    [JsonPropertyName("status")]
+    public required string Status { get; init; }
+
+    /// <summary>
+    /// The status description
+    /// </summary>
+    [JsonPropertyName("description")]
+    public string? Description { get; init; }
+
+    /// <summary>
+    /// The date and time of when the status was last updated
+    /// </summary>
+    [JsonPropertyName("lastUpdate")]
+    public DateTimeOffset LastUpdate { get; init; }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationSummaryResponse.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationSummaryResponse.cs
new file mode 100644
index 000000000..b10bd14a2
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationSummaryResponse.cs
@@ -0,0 +1,21 @@
+using System.Text.Json.Serialization;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// Represents a summary of status overviews from all notification channels
+/// </summary>
+public sealed record CorrespondenceNotificationSummaryResponse
+{
+    /// <summary>
+    /// Notifications sent via Email
+    /// </summary>
+    [JsonPropertyName("email")]
+    public CorrespondenceNotificationStatusDetailsResponse? Email { get; init; }
+
+    /// <summary>
+    /// Notifications sent via SMS
+    /// </summary>
+    [JsonPropertyName("sms")]
+    public CorrespondenceNotificationStatusDetailsResponse? Sms { get; init; }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationTemplate.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationTemplate.cs
new file mode 100644
index 000000000..ff48101a7
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceNotificationTemplate.cs
@@ -0,0 +1,20 @@
+using System.Text.Json.Serialization;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// The message template to use for notifications
+/// </summary>
+[JsonConverter(typeof(JsonStringEnumConverter))]
+public enum CorrespondenceNotificationTemplate
+{
+    /// <summary>
+    /// Fully customizable template (e.g. no template)
+    /// </summary>
+    CustomMessage,
+
+    /// <summary>
+    /// Standard Altinn notification template ("You have received a message in Altinn...")
+    /// </summary>
+    GenericAltinnMessage,
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondencePayload.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondencePayload.cs
new file mode 100644
index 000000000..2899d6a9f
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondencePayload.cs
@@ -0,0 +1,88 @@
+using Altinn.App.Core.Features.Maskinporten;
+using Altinn.App.Core.Models;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// Defines an authorisation method to use with the correspondence server
+/// </summary>
+public enum CorrespondenceAuthorisation
+{
+    /// <summary>
+    /// Uses the built-in <see cref="MaskinportenClient"/> for authorization
+    /// </summary>
+    Maskinporten,
+}
+
+/// <summary>
+/// Authorisation properties which are common for all correspondence interaction
+/// </summary>
+public abstract record CorrespondencePayloadBase
+{
+    internal Func<Task<JwtToken>>? AccessTokenFactory { get; init; }
+
+    internal CorrespondenceAuthorisation? AuthorisationMethod { get; init; }
+}
+
+/// <summary>
+/// Represents the payload for sending a correspondence
+/// </summary>
+public sealed record SendCorrespondencePayload : CorrespondencePayloadBase
+{
+    internal CorrespondenceRequest CorrespondenceRequest { get; init; }
+
+    /// <summary>
+    /// Instantiates a new payload for <see cref="SendCorrespondencePayload"/>
+    /// </summary>
+    /// <param name="request">The correspondence request to send</param>
+    /// <param name="accessTokenFactory">Access token factory delegate (e.g. <see cref="MaskinportenClient.GetAltinnExchangedToken"/>) to use for authorisation</param>
+    public SendCorrespondencePayload(CorrespondenceRequest request, Func<Task<JwtToken>> accessTokenFactory)
+    {
+        CorrespondenceRequest = request;
+        AccessTokenFactory = accessTokenFactory;
+    }
+
+    /// <summary>
+    /// Instantiates a new payload for <see cref="SendCorrespondencePayload"/>
+    /// </summary>
+    /// <param name="request">The correspondence request to send</param>
+    /// <param name="authorisation">The built-in authorisation method to use</param>
+    public SendCorrespondencePayload(CorrespondenceRequest request, CorrespondenceAuthorisation authorisation)
+    {
+        CorrespondenceRequest = request;
+        AuthorisationMethod = authorisation;
+    }
+}
+
+/// <summary>
+/// Represents a payload for querying the status of a correspondence
+/// </summary>
+public sealed record GetCorrespondenceStatusPayload : CorrespondencePayloadBase
+{
+    /// <summary>
+    /// The correspondence identifier
+    /// </summary>
+    public Guid CorrespondenceId { get; init; }
+
+    /// <summary>
+    /// Instantiates a new payload for <see cref="CorrespondenceClient.GetStatus"/>
+    /// </summary>
+    /// <param name="correspondenceId">The correspondence identifier to retrieve information about</param>
+    /// <param name="accessTokenFactory">Access token factory delegate (e.g. <see cref="MaskinportenClient.GetAltinnExchangedToken"/>) to use for authorisation</param>
+    public GetCorrespondenceStatusPayload(Guid correspondenceId, Func<Task<JwtToken>> accessTokenFactory)
+    {
+        CorrespondenceId = correspondenceId;
+        AccessTokenFactory = accessTokenFactory;
+    }
+
+    /// <summary>
+    /// Instantiates a new payload for <see cref="CorrespondenceClient.GetStatus"/>
+    /// </summary>
+    /// <param name="correspondenceId">The correspondence identifier to retrieve information about</param>
+    /// <param name="authorisation">The built-in authorisation method to use</param>
+    public GetCorrespondenceStatusPayload(Guid correspondenceId, CorrespondenceAuthorisation authorisation)
+    {
+        CorrespondenceId = correspondenceId;
+        AuthorisationMethod = authorisation;
+    }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceReferenceType.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceReferenceType.cs
new file mode 100644
index 000000000..343f703d5
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceReferenceType.cs
@@ -0,0 +1,35 @@
+using System.Text.Json.Serialization;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// Defines the type of an external reference
+/// </summary>
+[JsonConverter(typeof(JsonStringEnumConverter))]
+public enum CorrespondenceReferenceType
+{
+    /// <summary>
+    /// A generic reference
+    /// </summary>
+    Generic,
+
+    /// <summary>
+    /// A reference to an Altinn App Instance
+    /// </summary>
+    AltinnAppInstance,
+
+    /// <summary>
+    /// A reference to an Altinn Broker File Transfer
+    /// </summary>
+    AltinnBrokerFileTransfer,
+
+    /// <summary>
+    /// A reference to a Dialogporten Dialog ID
+    /// </summary>
+    DialogportenDialogId,
+
+    /// <summary>
+    /// A reference to a Dialogporten Process ID
+    /// </summary>
+    DialogportenProcessId,
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceReplyOption.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceReplyOption.cs
new file mode 100644
index 000000000..6426bf88a
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceReplyOption.cs
@@ -0,0 +1,27 @@
+using System.Text.Json.Serialization;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// Methods for recipients to respond to a correspondence, in addition to the normal Read and Confirm operations
+/// </summary>
+public sealed record CorrespondenceReplyOption : MultipartCorrespondenceListItem
+{
+    /// <summary>
+    /// The URL to be used as a reply/response to a correspondence
+    /// </summary>
+    [JsonPropertyName("linkURL")]
+    public required string LinkUrl { get; init; }
+
+    /// <summary>
+    /// The link text
+    /// </summary>
+    [JsonPropertyName("linkText")]
+    public string? LinkText { get; init; }
+
+    internal override void Serialise(MultipartFormDataContent content, int index)
+    {
+        AddRequired(content, LinkUrl, $"Correspondence.ReplyOptions[{index}].LinkUrl");
+        AddIfNotNull(content, LinkText, $"Correspondence.ReplyOptions[{index}].LinkText");
+    }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceRequest.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceRequest.cs
new file mode 100644
index 000000000..69b9636f4
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceRequest.cs
@@ -0,0 +1,295 @@
+using System.ComponentModel.DataAnnotations;
+using System.Diagnostics.CodeAnalysis;
+using Altinn.App.Core.Features.Correspondence.Exceptions;
+using Altinn.App.Core.Models;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// Represents a correspondence item that is serialisable as multipart form data
+/// </summary>
+public abstract record MultipartCorrespondenceItem
+{
+    internal static void AddRequired(MultipartFormDataContent content, string value, string name)
+    {
+        if (string.IsNullOrWhiteSpace(value))
+            throw new CorrespondenceValueException($"Required value is missing: {name}");
+
+        content.Add(new StringContent(value), name);
+    }
+
+    internal static void AddRequired(
+        MultipartFormDataContent content,
+        ReadOnlyMemory<byte> data,
+        string name,
+        string filename
+    )
+    {
+        if (data.IsEmpty)
+            throw new CorrespondenceValueException($"Required value is missing: {name}");
+
+        content.Add(new ReadOnlyMemoryContent(data), name, filename);
+    }
+
+    internal static void AddIfNotNull(MultipartFormDataContent content, string? value, string name)
+    {
+        if (!string.IsNullOrWhiteSpace(value))
+            content.Add(new StringContent(value), name);
+    }
+
+    internal static void AddListItems<T>(
+        MultipartFormDataContent content,
+        IReadOnlyList<T>? items,
+        Func<T, string> valueFactory,
+        Func<int, string> keyFactory
+    )
+    {
+        if (IsEmptyCollection(items))
+            return;
+
+        for (int i = 0; i < items.Count; i++)
+        {
+            string key = keyFactory.Invoke(i);
+            string value = valueFactory.Invoke(items[i]);
+            content.Add(new StringContent(value), key);
+        }
+    }
+
+    internal static void SerializeListItems(
+        MultipartFormDataContent content,
+        IReadOnlyList<MultipartCorrespondenceListItem>? items
+    )
+    {
+        if (IsEmptyCollection(items))
+            return;
+
+        for (int i = 0; i < items.Count; i++)
+        {
+            items[i].Serialise(content, i);
+        }
+    }
+
+    internal static void SerializeAttachmentItems(
+        MultipartFormDataContent content,
+        IReadOnlyList<CorrespondenceAttachment>? attachments
+    )
+    {
+        if (IsEmptyCollection(attachments))
+            return;
+
+        // Ensure unique filenames
+        var overrides = CalculateFilenameOverrides(attachments);
+
+        // Serialise
+        for (int i = 0; i < attachments.Count; i++)
+        {
+            attachments[i].Serialise(content, i, overrides.GetValueOrDefault(attachments[i]));
+        }
+    }
+
+    internal static Dictionary<CorrespondenceAttachment, string> CalculateFilenameOverrides(
+        IEnumerable<CorrespondenceAttachment> attachments
+    )
+    {
+        var overrides = new Dictionary<CorrespondenceAttachment, string>(ReferenceEqualityComparer.Instance);
+        var hasDuplicateFilenames = attachments
+            .GroupBy(x => x.Filename.ToLowerInvariant())
+            .Where(x => x.Count() > 1)
+            .Select(x => x.ToList());
+
+        foreach (var duplicates in hasDuplicateFilenames)
+        {
+            for (int i = 0; i < duplicates.Count; i++)
+            {
+                int uniqueId = i + 1;
+                string filename = Path.GetFileNameWithoutExtension(duplicates[i].Filename);
+                string extension = Path.GetExtension(duplicates[i].Filename);
+                overrides.Add(duplicates[i], $"{filename}({uniqueId}){extension}");
+            }
+        }
+
+        return overrides;
+    }
+
+    internal static void AddDictionaryItems<TKey, TValue>(
+        MultipartFormDataContent content,
+        IReadOnlyDictionary<TKey, TValue>? items,
+        Func<TValue, string> valueFactory,
+        Func<TKey, string> keyFactory
+    )
+    {
+        if (IsEmptyCollection(items))
+            return;
+
+        foreach (var (dictKey, dictValue) in items)
+        {
+            string key = keyFactory.Invoke(dictKey);
+            string value = valueFactory.Invoke(dictValue);
+            content.Add(new StringContent(value), key);
+        }
+    }
+
+    private static bool IsEmptyCollection<T>([NotNullWhen(false)] IReadOnlyCollection<T>? collection)
+    {
+        return collection is null || collection.Count == 0;
+    }
+
+    internal void ValidateAllProperties(string dataTypeName)
+    {
+        var validationResults = new List<ValidationResult>();
+        var validationContext = new ValidationContext(this);
+        bool isValid = Validator.TryValidateObject(
+            this,
+            validationContext,
+            validationResults,
+            validateAllProperties: true
+        );
+
+        if (isValid is false)
+        {
+            throw new CorrespondenceValueException(
+                $"Validation failed for {dataTypeName}",
+                new AggregateException(validationResults.Select(x => new ValidationException(x.ErrorMessage)))
+            );
+        }
+    }
+}
+
+/// <summary>
+/// Represents a correspondence list item that is serialisable as multipart form data
+/// </summary>
+public abstract record MultipartCorrespondenceListItem : MultipartCorrespondenceItem
+{
+    internal abstract void Serialise(MultipartFormDataContent content, int index);
+}
+
+/// <summary>
+/// Represents and Altinn Correspondence request
+/// </summary>
+public sealed record CorrespondenceRequest : MultipartCorrespondenceItem
+{
+    /// <summary>
+    /// The Resource Id for the correspondence service
+    /// </summary>
+    public required string ResourceId { get; init; }
+
+    /// <summary>
+    /// The sending organisation of the correspondence
+    /// </summary>
+    public required OrganisationNumber Sender { get; init; }
+
+    /// <summary>
+    /// A reference value given to the message by the creator
+    /// </summary>
+    public required string SendersReference { get; init; }
+
+    /// <summary>
+    /// The content of the message
+    /// </summary>
+    public required CorrespondenceContent Content { get; init; }
+
+    /// <summary>
+    /// When should the correspondence become visible to the recipient?
+    /// If omitted, the correspondence is available immediately
+    /// </summary>
+    public DateTimeOffset? RequestedPublishTime { get; init; }
+
+    /// <summary>
+    /// When can Altinn remove the correspondence from its database?
+    /// </summary>
+    public required DateTimeOffset AllowSystemDeleteAfter { get; init; }
+
+    /// <summary>
+    /// When must the recipient respond by?
+    /// </summary>
+    public DateTimeOffset? DueDateTime { get; init; }
+
+    /// <summary>
+    /// The recipients of the correspondence. Either Norwegian organisation numbers or national identity numbers
+    /// </summary>
+    public required IReadOnlyList<OrganisationOrPersonIdentifier> Recipients { get; init; }
+
+    /// <summary>
+    /// An alternative name for the sender of the correspondence. The name will be displayed instead of the organisation name
+    /// </summary>
+    public string? MessageSender { get; init; }
+
+    /// <summary>
+    /// Reference to other items in the Altinn ecosystem
+    /// </summary>
+    public IReadOnlyList<CorrespondenceExternalReference>? ExternalReferences { get; init; }
+
+    /// <summary>
+    /// User-defined properties related to the correspondence
+    /// </summary>
+    public IReadOnlyDictionary<string, string>? PropertyList { get; init; }
+
+    /// <summary>
+    /// Options for how the recipient can reply to the correspondence
+    /// </summary>
+    public IReadOnlyList<CorrespondenceReplyOption>? ReplyOptions { get; init; }
+
+    /// <summary>
+    /// Notifications associated with this correspondence
+    /// </summary>
+    public CorrespondenceNotification? Notification { get; init; }
+
+    /// <summary>
+    /// Specifies whether the correspondence can override reservation against digital communication in KRR
+    /// </summary>
+    public bool? IgnoreReservation { get; init; }
+
+    /// <summary>
+    /// Existing attachments that should be added to the correspondence
+    /// </summary>
+    public IReadOnlyList<Guid>? ExistingAttachments { get; init; }
+
+    /// <summary>
+    /// Serialises the entire <see cref="CorrespondenceRequest"/> object to a provided <see cref="MultipartFormDataContent"/> instance
+    /// </summary>
+    /// <param name="content">The multipart object to serialise into</param>
+    internal void Serialise(MultipartFormDataContent content)
+    {
+        AddRequired(content, ResourceId, "Correspondence.ResourceId");
+        AddRequired(content, Sender.Get(OrganisationNumberFormat.International), "Correspondence.Sender");
+        AddRequired(content, SendersReference, "Correspondence.SendersReference");
+        AddRequired(content, AllowSystemDeleteAfter.ToString("O"), "Correspondence.AllowSystemDeleteAfter");
+        AddIfNotNull(content, MessageSender, "Correspondence.MessageSender");
+        AddIfNotNull(content, RequestedPublishTime?.ToString("O"), "Correspondence.RequestedPublishTime");
+        AddIfNotNull(content, DueDateTime?.ToString("O"), "Correspondence.DueDateTime");
+        AddIfNotNull(content, IgnoreReservation?.ToString(), "Correspondence.IgnoreReservation");
+        AddDictionaryItems(content, PropertyList, x => x, key => $"Correspondence.PropertyList.{key}");
+        AddListItems(content, ExistingAttachments, x => x.ToString(), i => $"Correspondence.ExistingAttachments[{i}]");
+        AddListItems(
+            content,
+            Recipients,
+            x =>
+                x switch
+                {
+                    OrganisationOrPersonIdentifier.Organisation org => org.Value.Get(
+                        OrganisationNumberFormat.International
+                    ),
+                    OrganisationOrPersonIdentifier.Person person => person.Value,
+                    _ => throw new CorrespondenceValueException(
+                        $"Unknown OrganisationOrPersonIdentifier type `{x.GetType()}` ({nameof(Recipients)})"
+                    ),
+                },
+            i => $"Recipients[{i}]"
+        );
+
+        Content.Serialise(content);
+        Notification?.Serialise(content);
+        SerializeListItems(content, ExternalReferences);
+        SerializeListItems(content, ReplyOptions);
+    }
+
+    /// <summary>
+    /// Serialises the entire <see cref="CorrespondenceRequest"/> object to a newly created <see cref="MultipartFormDataContent"/>
+    /// </summary>
+    internal MultipartFormDataContent Serialise()
+    {
+        var content = new MultipartFormDataContent();
+        Serialise(content);
+        return content;
+    }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceStatus.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceStatus.cs
new file mode 100644
index 000000000..cb56c60dd
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceStatus.cs
@@ -0,0 +1,70 @@
+using System.Text.Json.Serialization;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// The status of a correspondence
+/// </summary>
+[JsonConverter(typeof(JsonStringEnumConverter))]
+public enum CorrespondenceStatus
+{
+    /// <summary>
+    /// Correspondence has been Initialized
+    /// </summary>
+    Initialized,
+
+    /// <summary>
+    /// Correspondence is ready for publish, but not available for recipient
+    /// </summary>
+    ReadyForPublish,
+
+    /// <summary>
+    /// Correspondence has been published, and is available for recipient
+    /// </summary>
+    Published,
+
+    /// <summary>
+    /// Correspondence fetched by recipient
+    /// </summary>
+    Fetched,
+
+    /// <summary>
+    /// Correspondence read by recipient
+    /// </summary>
+    Read,
+
+    /// <summary>
+    /// Recipient has replied to the correspondence
+    /// </summary>
+    Replied,
+
+    /// <summary>
+    /// Correspondence confirmed by recipient
+    /// </summary>
+    Confirmed,
+
+    /// <summary>
+    /// Correspondence has been purged by recipient
+    /// </summary>
+    PurgedByRecipient,
+
+    /// <summary>
+    /// Correspondence has been purged by Altinn
+    /// </summary>
+    PurgedByAltinn,
+
+    /// <summary>
+    /// Correspondence has been archived
+    /// </summary>
+    Archived,
+
+    /// <summary>
+    /// Recipient has opted out of digital communication in KRR
+    /// </summary>
+    Reserved,
+
+    /// <summary>
+    /// Correspondence has failed
+    /// </summary>
+    Failed,
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceStatusEventResponse.cs b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceStatusEventResponse.cs
new file mode 100644
index 000000000..06f0d5fdb
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/CorrespondenceStatusEventResponse.cs
@@ -0,0 +1,27 @@
+using System.Text.Json.Serialization;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// Represents a correspondence status event
+/// </summary>
+public sealed record CorrespondenceStatusEventResponse
+{
+    /// <summary>
+    /// The event status indicator
+    /// </summary>
+    [JsonPropertyName("status")]
+    public CorrespondenceStatus Status { get; init; }
+
+    /// <summary>
+    /// Description of the status
+    /// </summary>
+    [JsonPropertyName("statusText")]
+    public required string StatusText { get; init; }
+
+    /// <summary>
+    /// Timestamp for when this correspondence status event occurred
+    /// </summary>
+    [JsonPropertyName("statusChanged")]
+    public DateTimeOffset StatusChanged { get; init; }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/GetCorrespondenceStatusResponse.cs b/src/Altinn.App.Core/Features/Correspondence/Models/GetCorrespondenceStatusResponse.cs
new file mode 100644
index 000000000..372f8aa3b
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/GetCorrespondenceStatusResponse.cs
@@ -0,0 +1,152 @@
+using System.Text.Json.Serialization;
+using Altinn.App.Core.Models;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// Response after a successful <see cref="CorrespondenceClient.GetStatus"/> request
+/// </summary>
+public sealed record GetCorrespondenceStatusResponse
+{
+    /// <summary>
+    /// The status history for the correspondence
+    /// </summary>
+    [JsonPropertyName("statusHistory")]
+    public required IEnumerable<CorrespondenceStatusEventResponse> StatusHistory { get; init; }
+
+    /// <summary>
+    /// Notifications directly related to this correspondence
+    /// </summary>
+    [JsonPropertyName("notifications")]
+    public IEnumerable<CorrespondenceNotificationOrderResponse>? Notifications { get; init; }
+
+    /// <summary>
+    /// The recipient of the correspondence. Either an organisation number or identity number
+    /// </summary>
+    [JsonPropertyName("recipient")]
+    public required string Recipient { get; init; }
+
+    /// <summary>
+    /// Indicates if the correspondence has been set as unread by the recipient
+    /// </summary>
+    [JsonPropertyName("markedUnread")]
+    public bool? MarkedUnread { get; init; }
+
+    /// <summary>
+    /// Unique Id for this correspondence
+    /// </summary>
+    [JsonPropertyName("correspondenceId")]
+    public Guid CorrespondenceId { get; init; }
+
+    /// <summary>
+    /// The correspondence content. Contains information about the correspondence body, subject etc.
+    /// </summary>
+    [JsonPropertyName("content")]
+    public CorrespondenceContentResponse? Content { get; init; }
+
+    /// <summary>
+    /// When the correspondence was created
+    /// </summary>
+    [JsonPropertyName("created")]
+    public DateTimeOffset Created { get; init; }
+
+    /// <summary>
+    /// The current status for the correspondence
+    /// </summary>
+    [JsonPropertyName("status")]
+    public CorrespondenceStatus Status { get; init; }
+
+    /// <summary>
+    /// The current status text for the correspondence
+    /// </summary>
+    [JsonPropertyName("statusText")]
+    public string? StatusText { get; init; }
+
+    /// <summary>
+    /// Timestamp for when the current correspondence status was changed
+    /// </summary>
+    [JsonPropertyName("statusChanged")]
+    public DateTimeOffset StatusChanged { get; init; }
+
+    /// <summary>
+    /// The resource id for the correspondence service
+    /// </summary>
+    [JsonPropertyName("resourceId")]
+    public required string ResourceId { get; init; }
+
+    /// <summary>
+    /// The sending organisation of the correspondence
+    /// </summary>
+    [JsonPropertyName("sender")]
+    [OrganisationNumberJsonConverter(OrganisationNumberFormat.International)]
+    public OrganisationNumber Sender { get; init; }
+
+    /// <summary>
+    /// A reference value given to the message by the creator
+    /// </summary>
+    [JsonPropertyName("sendersReference")]
+    public required string SendersReference { get; init; }
+
+    /// <summary>
+    /// An alternative name for the sender of the correspondence. The name will be displayed instead of the organization name
+    ///  </summary>
+    [JsonPropertyName("messageSender")]
+    public string? MessageSender { get; init; }
+
+    /// <summary>
+    /// When the correspondence should become visible to the recipient
+    /// </summary>
+    [JsonPropertyName("requestedPublishTime")]
+    public DateTimeOffset? RequestedPublishTime { get; init; }
+
+    /// <summary>
+    /// The date for when Altinn can remove the correspondence from its database
+    /// </summary>
+    [JsonPropertyName("allowSystemDeleteAfter")]
+    public DateTimeOffset? AllowSystemDeleteAfter { get; init; }
+
+    /// <summary>
+    /// A date and time for when the recipient must reply
+    /// </summary>
+    [JsonPropertyName("dueDateTime")]
+    public DateTimeOffset? DueDateTime { get; init; }
+
+    /// <summary>
+    /// Reference to other items in the Altinn ecosystem
+    /// </summary>
+    [JsonPropertyName("externalReferences")]
+    public IEnumerable<CorrespondenceExternalReference>? ExternalReferences { get; init; }
+
+    /// <summary>
+    /// User-defined properties related to the correspondence
+    /// </summary>
+    [JsonPropertyName("propertyList")]
+    public IReadOnlyDictionary<string, string>? PropertyList { get; init; }
+
+    /// <summary>
+    /// Options for how the recipient can reply to the correspondence
+    /// </summary>
+    [JsonPropertyName("replyOptions")]
+    public IEnumerable<CorrespondenceReplyOption>? ReplyOptions { get; init; }
+
+    /// <summary>
+    /// Specifies whether the correspondence can override reservation against digital communication in KRR
+    /// </summary>
+    [JsonPropertyName("ignoreReservation")]
+    public bool? IgnoreReservation { get; init; }
+
+    /// <summary>
+    /// The time the correspondence was published
+    /// </summary>
+    /// <remarks>
+    /// A null value means the correspondence has not yet been published
+    /// </remarks>
+    [JsonPropertyName("published")]
+    public DateTimeOffset? Published { get; init; }
+
+    /// <summary>
+    /// Specifies whether reading the correspondence needs to be confirmed by the recipient
+    /// </summary>
+    [JsonPropertyName("isConfirmationNeeded")]
+    public bool IsConfirmationNeeded { get; init; }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/OrganisationOrPersonIdentifier.cs b/src/Altinn.App.Core/Features/Correspondence/Models/OrganisationOrPersonIdentifier.cs
new file mode 100644
index 000000000..549f25b1c
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/OrganisationOrPersonIdentifier.cs
@@ -0,0 +1,145 @@
+using System.Text.Json;
+using System.Text.Json.Serialization;
+using Altinn.App.Core.Models;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// Represents either an organisation or a person
+/// </summary>
+[OrganisationOrPersonIdentifierJsonConverter(OrganisationNumberFormat.International)]
+public abstract record OrganisationOrPersonIdentifier
+{
+    /// <summary>
+    /// Represents an organisation
+    /// </summary>
+    /// <param name="Value">The organisation number</param>
+    public sealed record Organisation(OrganisationNumber Value) : OrganisationOrPersonIdentifier
+    {
+        /// <inheritdoc cref="OrganisationNumber.ToString"/>
+        public override string ToString()
+        {
+            return Value.ToString();
+        }
+    }
+
+    /// <summary>
+    /// Represents a person
+    /// </summary>
+    /// <param name="Value">The national identity number</param>
+    public sealed record Person(NationalIdentityNumber Value) : OrganisationOrPersonIdentifier
+    {
+        /// <inheritdoc cref="NationalIdentityNumber.ToString"/>
+        public override string ToString()
+        {
+            return Value.ToString();
+        }
+    }
+
+    /// <summary>
+    /// Creates a new instance of <see cref="OrganisationOrPersonIdentifier.Organisation"/>
+    /// </summary>
+    /// <param name="value">The organisation number</param>
+    public static Organisation Create(OrganisationNumber value)
+    {
+        return new Organisation(value);
+    }
+
+    /// <summary>
+    /// Creates a new instance of <see cref="OrganisationOrPersonIdentifier.Person"/>
+    /// </summary>
+    /// <param name="value">The national identity number</param>
+    public static Person Create(NationalIdentityNumber value)
+    {
+        return new Person(value);
+    }
+
+    /// <summary>
+    /// Attempts to parse a string containing either an <see cref="OrganisationNumber"/> or a <see cref="NationalIdentityNumber"/>
+    /// </summary>
+    /// <param name="value">The string to parse</param>
+    /// <exception cref="FormatException">The supplied string is not a valid format for either type</exception>
+    public static OrganisationOrPersonIdentifier Parse(string value)
+    {
+        if (OrganisationNumber.TryParse(value, out var organisationNumber))
+        {
+            return Create(organisationNumber);
+        }
+
+        if (NationalIdentityNumber.TryParse(value, out var nationalIdentityNumber))
+        {
+            return Create(nationalIdentityNumber);
+        }
+
+        throw new FormatException(
+            $"OrganisationOrPersonIdentifier value `{value}` is not a valid organisation number nor a national identity number"
+        );
+    }
+}
+
+/// <summary>
+/// Json converter to transform between <see cref="string"/> and <see cref="OrganisationOrPersonIdentifier"/>
+/// </summary>
+[AttributeUsage(AttributeTargets.Property | AttributeTargets.Class, AllowMultiple = false)]
+internal class OrganisationOrPersonIdentifierJsonConverterAttribute : JsonConverterAttribute
+{
+    private OrganisationNumberFormat _format { get; }
+
+    /// <inheritdoc cref="OrganisationOrPersonIdentifierJsonConverterAttribute"/>
+    /// <param name="format">The desired organisation number format to use for <b>serialization</b></param>
+    public OrganisationOrPersonIdentifierJsonConverterAttribute(OrganisationNumberFormat format)
+    {
+        _format = format;
+    }
+
+    /// <inheritdoc/>
+    public override JsonConverter? CreateConverter(Type typeToConvert)
+    {
+        return new OrganisationOrPersonJsonIdentifierConverter(_format);
+    }
+}
+
+internal class OrganisationOrPersonJsonIdentifierConverter : JsonConverter<OrganisationOrPersonIdentifier>
+{
+    private OrganisationNumberFormat _format { get; init; }
+
+    public OrganisationOrPersonJsonIdentifierConverter(OrganisationNumberFormat format)
+    {
+        _format = format;
+    }
+
+    /// <inheritdoc/>
+    public override OrganisationOrPersonIdentifier Read(
+        ref Utf8JsonReader reader,
+        Type typeToConvert,
+        JsonSerializerOptions options
+    )
+    {
+        if (reader.TokenType != JsonTokenType.String)
+        {
+            throw new JsonException("Expected string token for OrganisationOrPersonIdentifier property.");
+        }
+
+        var tokenValue =
+            reader.GetString() ?? throw new JsonException("OrganisationOrPersonIdentifier string value is null.");
+
+        return OrganisationOrPersonIdentifier.Parse(tokenValue);
+    }
+
+    /// <inheritdoc/>
+    public override void Write(
+        Utf8JsonWriter writer,
+        OrganisationOrPersonIdentifier value,
+        JsonSerializerOptions options
+    )
+    {
+        string stringValue = value switch
+        {
+            OrganisationOrPersonIdentifier.Organisation org => org.Value.Get(_format),
+            OrganisationOrPersonIdentifier.Person person => person.Value,
+            _ => throw new JsonException($"Unknown type `{value.GetType()}` ({nameof(value)})"),
+        };
+
+        writer.WriteStringValue(stringValue);
+    }
+}
diff --git a/src/Altinn.App.Core/Features/Correspondence/Models/SendCorrespondenceResponse.cs b/src/Altinn.App.Core/Features/Correspondence/Models/SendCorrespondenceResponse.cs
new file mode 100644
index 000000000..b82aa9870
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Correspondence/Models/SendCorrespondenceResponse.cs
@@ -0,0 +1,21 @@
+using System.Text.Json.Serialization;
+
+namespace Altinn.App.Core.Features.Correspondence.Models;
+
+/// <summary>
+/// Response after a successful <see cref="CorrespondenceClient.Send"/> request
+/// </summary>
+public sealed record SendCorrespondenceResponse
+{
+    /// <summary>
+    /// The correspondences that were processed
+    /// </summary>
+    [JsonPropertyName("correspondences")]
+    public required IReadOnlyList<CorrespondenceDetailsResponse> Correspondences { get; init; }
+
+    /// <summary>
+    /// The attachments linked to the correspondence
+    /// </summary>
+    [JsonPropertyName("attachmentIds")]
+    public IReadOnlyList<Guid>? AttachmentIds { get; init; }
+}
diff --git a/src/Altinn.App.Core/Features/Maskinporten/Constants/JwtClaimTypes.cs b/src/Altinn.App.Core/Features/Maskinporten/Constants/JwtClaimTypes.cs
new file mode 100644
index 000000000..f14998f26
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Maskinporten/Constants/JwtClaimTypes.cs
@@ -0,0 +1,40 @@
+namespace Altinn.App.Core.Features.Maskinporten.Constants;
+
+/// <summary>
+/// Relevant known Digdir JWT claim types
+/// </summary>
+internal static class JwtClaimTypes
+{
+    public const string Expiration = "exp";
+    public const string IssuedAt = "iat";
+    public const string JwtId = "jti";
+    public const string Audience = "aud";
+    public const string Scope = "scope";
+    public const string Issuer = "iss";
+
+    public static class Altinn
+    {
+        public const string AuthenticationLevel = "urn:altinn:authlevel";
+        public const string UserId = "urn:altinn:userid";
+        public const string PartyId = "urn:altinn:partyid";
+        public const string RepresentingPartyId = "urn:altinn:representingpartyid";
+        public const string UserName = "urn:altinn:username";
+        public const string Developer = "urn:altinn:developer";
+        public const string DeveloperToken = "urn:altinn:developertoken";
+        public const string DeveloperTokenId = "urn:altinn:developertokenid";
+        public const string AuthenticateMethod = "urn:altinn:authenticatemethod";
+        public const string Org = "urn:altinn:org";
+        public const string OrgNumber = "urn:altinn:orgNumber";
+    }
+
+    public static class Maskinporten
+    {
+        public const string AuthenticationMethod = "client_amr";
+        public const string ClientId = "client_id";
+        public const string TokenType = "token_type";
+        public const string Consumer = "consumer";
+        public const string Supplier = "supplier";
+        public const string DelegationSource = "delegation_source";
+        public const string PersonIdentifier = "pid";
+    }
+}
diff --git a/src/Altinn.App.Core/Features/Maskinporten/Constants/TokenAuthorities.cs b/src/Altinn.App.Core/Features/Maskinporten/Constants/TokenAuthorities.cs
new file mode 100644
index 000000000..d076ff87d
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Maskinporten/Constants/TokenAuthorities.cs
@@ -0,0 +1,17 @@
+namespace Altinn.App.Core.Features.Maskinporten.Constants;
+
+/// <summary>
+/// Supported token authorities
+/// </summary>
+internal enum TokenAuthorities
+{
+    /// <summary>
+    /// Maskinporten
+    /// </summary>
+    Maskinporten,
+
+    /// <summary>
+    /// Altinn Authentication token exchange
+    /// </summary>
+    AltinnTokenExchange,
+}
diff --git a/src/Altinn.App.Core/Features/Maskinporten/Constants/TokenTypes.cs b/src/Altinn.App.Core/Features/Maskinporten/Constants/TokenTypes.cs
new file mode 100644
index 000000000..55729a1d1
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Maskinporten/Constants/TokenTypes.cs
@@ -0,0 +1,6 @@
+namespace Altinn.App.Core.Features.Maskinporten.Constants;
+
+internal static class TokenTypes
+{
+    public const string Bearer = "Bearer";
+}
diff --git a/src/Altinn.App.Core/Features/Maskinporten/Delegates/MaskinportenDelegatingHandler.cs b/src/Altinn.App.Core/Features/Maskinporten/Delegates/MaskinportenDelegatingHandler.cs
index e3ac0503d..c5dfd25f3 100644
--- a/src/Altinn.App.Core/Features/Maskinporten/Delegates/MaskinportenDelegatingHandler.cs
+++ b/src/Altinn.App.Core/Features/Maskinporten/Delegates/MaskinportenDelegatingHandler.cs
@@ -1,4 +1,5 @@
 using System.Net.Http.Headers;
+using Altinn.App.Core.Features.Maskinporten.Constants;
 using Altinn.App.Core.Features.Maskinporten.Exceptions;
 using Microsoft.Extensions.Logging;
 
@@ -10,6 +11,7 @@ namespace Altinn.App.Core.Features.Maskinporten.Delegates;
 internal sealed class MaskinportenDelegatingHandler : DelegatingHandler
 {
     public IEnumerable<string> Scopes { get; init; }
+    internal readonly TokenAuthorities Authorities;
 
     private readonly ILogger<MaskinportenDelegatingHandler> _logger;
     private readonly IMaskinportenClient _maskinportenClient;
@@ -17,10 +19,12 @@ internal sealed class MaskinportenDelegatingHandler : DelegatingHandler
     /// <summary>
     /// Creates a new instance of <see cref="MaskinportenDelegatingHandler"/>.
     /// </summary>
-    /// <param name="scopes">A list of scopes to claim authorization for with Maskinporten</param>
+    /// <param name="authorities">The token authority to authorise with</param>
+    /// <param name="scopes">A list of scopes to claim authorisation for</param>
     /// <param name="maskinportenClient">A <see cref="MaskinportenClient"/> instance</param>
     /// <param name="logger">Optional logger interface</param>
     public MaskinportenDelegatingHandler(
+        TokenAuthorities authorities,
         IEnumerable<string> scopes,
         IMaskinportenClient maskinportenClient,
         ILogger<MaskinportenDelegatingHandler> logger
@@ -29,6 +33,7 @@ ILogger<MaskinportenDelegatingHandler> logger
         Scopes = scopes;
         _logger = logger;
         _maskinportenClient = maskinportenClient;
+        Authorities = authorities;
     }
 
     /// <inheritdoc/>
@@ -39,21 +44,18 @@ CancellationToken cancellationToken
     {
         _logger.LogDebug("Executing custom `SendAsync` method; injecting authentication headers");
 
-        var auth = await _maskinportenClient.GetAccessToken(Scopes, cancellationToken);
-        if (!auth.TokenType.Equals(TokenTypes.Bearer, StringComparison.OrdinalIgnoreCase))
+        var token = Authorities switch
         {
-            throw new MaskinportenUnsupportedTokenException(
-                $"Unsupported token type received from Maskinporten: {auth.TokenType}"
-            );
-        }
+            TokenAuthorities.Maskinporten => await _maskinportenClient.GetAccessToken(Scopes, cancellationToken),
+            TokenAuthorities.AltinnTokenExchange => await _maskinportenClient.GetAltinnExchangedToken(
+                Scopes,
+                cancellationToken
+            ),
+            _ => throw new MaskinportenAuthenticationException($"Unknown authority `{Authorities}`"),
+        };
 
-        request.Headers.Authorization = new AuthenticationHeaderValue(TokenTypes.Bearer, auth.AccessToken);
+        request.Headers.Authorization = new AuthenticationHeaderValue(TokenTypes.Bearer, token.Value);
 
         return await base.SendAsync(request, cancellationToken);
     }
 }
-
-internal static class TokenTypes
-{
-    public const string Bearer = "Bearer";
-}
diff --git a/src/Altinn.App.Core/Features/Maskinporten/Extensions/HttpClientBuilderExtensions.cs b/src/Altinn.App.Core/Features/Maskinporten/Extensions/HttpClientBuilderExtensions.cs
new file mode 100644
index 000000000..f873fbf2e
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Maskinporten/Extensions/HttpClientBuilderExtensions.cs
@@ -0,0 +1,22 @@
+using Altinn.App.Core.Features.Maskinporten.Constants;
+using Altinn.App.Core.Features.Maskinporten.Delegates;
+using Microsoft.Extensions.DependencyInjection;
+
+namespace Altinn.App.Core.Features.Maskinporten.Extensions;
+
+internal static class HttpClientBuilderExtensions
+{
+    public static IHttpClientBuilder AddMaskinportenHttpMessageHandler(
+        this IHttpClientBuilder builder,
+        string scope,
+        IEnumerable<string> additionalScopes,
+        TokenAuthorities authorities
+    )
+    {
+        var scopes = new[] { scope }.Concat(additionalScopes);
+        var factory = ActivatorUtilities.CreateFactory<MaskinportenDelegatingHandler>(
+            [typeof(TokenAuthorities), typeof(IEnumerable<string>)]
+        );
+        return builder.AddHttpMessageHandler(provider => factory(provider, [authorities, scopes]));
+    }
+}
diff --git a/src/Altinn.App.Core/Features/Maskinporten/Extensions/ServiceCollectionExtensions.cs b/src/Altinn.App.Core/Features/Maskinporten/Extensions/ServiceCollectionExtensions.cs
new file mode 100644
index 000000000..21c2191a6
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Maskinporten/Extensions/ServiceCollectionExtensions.cs
@@ -0,0 +1,55 @@
+using Altinn.App.Core.Extensions;
+using Altinn.App.Core.Features.Maskinporten.Models;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.DependencyInjection.Extensions;
+
+namespace Altinn.App.Core.Features.Maskinporten.Extensions;
+
+internal static class ServiceCollectionExtensions
+{
+    /// <summary>
+    /// Adds a singleton <see cref="IMaskinportenClient"/> service to the service collection.
+    /// If no <see cref="MaskinportenSettings"/> configuration is found, it binds one to the path "MaskinportenSettings".
+    /// </summary>
+    /// <param name="services">The service collection</param>
+    public static IServiceCollection AddMaskinportenClient(this IServiceCollection services)
+    {
+        // Only add MaskinportenSettings if not already configured.
+        // Users sometimes wish to bind the default options to another configuration path than "MaskinportenSettings".
+        if (services.IsConfigured<MaskinportenSettings>() is false)
+        {
+            services.ConfigureMaskinportenClient("MaskinportenSettings");
+        }
+
+        services.TryAddSingleton<IMaskinportenClient>(sp =>
+            ActivatorUtilities.CreateInstance<MaskinportenClient>(sp, MaskinportenClient.VariantDefault)
+        );
+
+        services.ConfigureMaskinportenClient("MaskinportenSettingsInternal", MaskinportenClient.VariantInternal);
+        services.AddKeyedSingleton<IMaskinportenClient>(
+            MaskinportenClient.VariantInternal,
+            (sp, key) => ActivatorUtilities.CreateInstance<MaskinportenClient>(sp, MaskinportenClient.VariantInternal)
+        );
+
+        return services;
+    }
+
+    /// <summary>
+    /// Binds a <see cref="MaskinportenClient"/> configuration to the supplied config section path and options name
+    /// </summary>
+    /// <param name="services">The service collection</param>
+    /// <param name="configSectionPath">The configuration section path, e.g. "MaskinportenSettingsInternal"</param>
+    /// <param name="optionsName">The options name to bind to, e.g. <see cref="MaskinportenClient.VariantInternal"/></param>
+    public static IServiceCollection ConfigureMaskinportenClient(
+        this IServiceCollection services,
+        string configSectionPath,
+        string? optionsName = default
+    )
+    {
+        services
+            .AddOptions<MaskinportenSettings>(optionsName ?? Microsoft.Extensions.Options.Options.DefaultName)
+            .BindConfiguration(configSectionPath)
+            .ValidateDataAnnotations();
+        return services;
+    }
+}
diff --git a/src/Altinn.App.Core/Features/Maskinporten/Extensions/WebHostBuilderExtensions.cs b/src/Altinn.App.Core/Features/Maskinporten/Extensions/WebHostBuilderExtensions.cs
new file mode 100644
index 000000000..e56aa3963
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Maskinporten/Extensions/WebHostBuilderExtensions.cs
@@ -0,0 +1,34 @@
+using Microsoft.AspNetCore.Hosting;
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.FileProviders;
+
+namespace Altinn.App.Core.Features.Maskinporten.Extensions;
+
+internal static class WebHostBuilderExtensions
+{
+    public static IConfigurationBuilder AddMaskinportenSettingsFile(
+        this IConfigurationBuilder configurationBuilder,
+        WebHostBuilderContext context,
+        string configurationKey,
+        string defaultFileLocation
+    )
+    {
+        string jsonProvidedPath = context.Configuration.GetValue<string>(configurationKey) ?? defaultFileLocation;
+        string jsonAbsolutePath = Path.GetFullPath(jsonProvidedPath);
+
+        if (File.Exists(jsonAbsolutePath))
+        {
+            string jsonDir = Path.GetDirectoryName(jsonAbsolutePath) ?? string.Empty;
+            string jsonFile = Path.GetFileName(jsonAbsolutePath);
+
+            configurationBuilder.AddJsonFile(
+                provider: new PhysicalFileProvider(jsonDir),
+                path: jsonFile,
+                optional: true,
+                reloadOnChange: true
+            );
+        }
+
+        return configurationBuilder;
+    }
+}
diff --git a/src/Altinn.App.Core/Features/Maskinporten/IMaskinportenClient.cs b/src/Altinn.App.Core/Features/Maskinporten/IMaskinportenClient.cs
index 254adfdc4..8f25a2e56 100644
--- a/src/Altinn.App.Core/Features/Maskinporten/IMaskinportenClient.cs
+++ b/src/Altinn.App.Core/Features/Maskinporten/IMaskinportenClient.cs
@@ -1,9 +1,9 @@
-using Altinn.App.Core.Features.Maskinporten.Models;
+using Altinn.App.Core.Models;
 
 namespace Altinn.App.Core.Features.Maskinporten;
 
 /// <summary>
-/// Contains logic for handling authorization requests with Maskinporten.
+/// Contains logic for handling authorisation requests with Maskinporten.
 /// </summary>
 public interface IMaskinportenClient
 {
@@ -12,21 +12,43 @@ public interface IMaskinportenClient
     /// Sends an authorization request to Maskinporten and retrieves a JWT Bearer token for successful requests.
     /// </para>
     /// <para>
-    /// Will cache tokens per scope, for the lifetime duration as defined in the token Maskinporten token payload,
+    /// Will cache tokens per scope, for the lifetime duration as defined in the Maskinporten token payload,
     /// which means this method is safe to call in a loop or concurrent environment without encountering rate concerns.
     /// </para>
     /// </summary>
     /// <param name="scopes">A list of scopes to claim authorization for with Maskinporten.</param>
     /// <param name="cancellationToken">An optional cancellation token to be forwarded to internal http calls.</param>
-    /// <returns>A <see cref="MaskinportenTokenResponse"/> which contains an access token, amongst other things.</returns>
-    /// <exception cref="Maskinporten.Exceptions.MaskinportenAuthenticationException">
-    /// Authentication failed. This could be caused by an authentication/authorization issue or a myriad of other circumstances.
+    /// <returns>A <see cref="JwtToken"/> which contains an access token, amongst other things.</returns>
+    /// <exception cref="Exceptions.MaskinportenAuthenticationException">
+    /// Authentication failed. This could be caused by an authentication/authorisation issue or a myriad of other circumstances.
     /// </exception>
-    /// <exception cref="Maskinporten.Exceptions.MaskinportenConfigurationException">
+    /// <exception cref="Exceptions.MaskinportenConfigurationException">
     /// The Maskinporten configuration is incomplete or invalid. Very possibly because of a missing or corrupt maskinporten-settings.json file.
     /// </exception>
-    /// <exception cref="Maskinporten.Exceptions.MaskinportenTokenExpiredException">The token received from Maskinporten has already expired.</exception>
-    public Task<MaskinportenTokenResponse> GetAccessToken(
+    /// <exception cref="Exceptions.MaskinportenTokenExpiredException">The token received from Maskinporten has already expired.</exception>
+    public Task<JwtToken> GetAccessToken(IEnumerable<string> scopes, CancellationToken cancellationToken = default);
+
+    /// <summary>
+    /// <para>
+    /// Sends an authorization request to Maskinporten, then exchanges the grant for an Altinn issued token.
+    /// </para>
+    /// <para>
+    /// Will cache tokens per scope, for the lifetime duration as defined in the Altinn token payload,
+    /// which means this method is safe to call in a loop or concurrent environment without encountering rate concerns.
+    /// </para>
+    /// </summary>
+    /// <param name="scopes">A list of scopes to claim authorization for with Maskinporten. These scopes will carry through to the Altinn issued token.</param>
+    /// <param name="cancellationToken">An optional cancellation token to be forwarded to internal http calls.</param>
+    /// <returns>A <see cref="JwtToken"/> which contains an access token, amongst other things.</returns>
+    /// <exception cref="Exceptions.MaskinportenAuthenticationException">
+    /// Authentication failed. This could be caused by an authentication/authorisation issue or a myriad of other circumstances.
+    /// </exception>
+    /// <exception cref="Exceptions.MaskinportenConfigurationException">
+    /// The Maskinporten configuration is incomplete or invalid. Very possibly because of a missing or corrupt maskinporten-settings.json file.
+    /// </exception>
+    /// <exception cref="Exceptions.MaskinportenTokenExpiredException">The token received from Maskinporten and/or Altinn Authentication has already expired.</exception>
+    /// <seealso cref="GetAccessToken"/>
+    public Task<JwtToken> GetAltinnExchangedToken(
         IEnumerable<string> scopes,
         CancellationToken cancellationToken = default
     );
diff --git a/src/Altinn.App.Core/Features/Maskinporten/MaskinportenClient.cs b/src/Altinn.App.Core/Features/Maskinporten/MaskinportenClient.cs
index d3bb6e30d..638ecacc3 100644
--- a/src/Altinn.App.Core/Features/Maskinporten/MaskinportenClient.cs
+++ b/src/Altinn.App.Core/Features/Maskinporten/MaskinportenClient.cs
@@ -1,6 +1,11 @@
+using System.Net.Http.Headers;
 using System.Text.Json;
+using Altinn.App.Core.Configuration;
+using Altinn.App.Core.Constants;
+using Altinn.App.Core.Features.Maskinporten.Constants;
 using Altinn.App.Core.Features.Maskinporten.Exceptions;
 using Altinn.App.Core.Features.Maskinporten.Models;
+using Altinn.App.Core.Models;
 using Microsoft.Extensions.Caching.Hybrid;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
@@ -10,34 +15,49 @@
 namespace Altinn.App.Core.Features.Maskinporten;
 
 /// <inheritdoc/>
-public sealed class MaskinportenClient : IMaskinportenClient
+internal sealed class MaskinportenClient : IMaskinportenClient
 {
     /// <summary>
     /// The margin to take into consideration when determining if a token has expired (seconds).
     /// <remarks>This value represents the worst-case latency scenario for <em>outbound</em> connections carrying the access token.</remarks>
     /// </summary>
-    internal const int TokenExpirationMargin = 30;
+    internal static readonly TimeSpan TokenExpirationMargin = TimeSpan.FromSeconds(30);
 
-    private const string CacheKeySalt = "maskinportenScope-";
-    private static readonly HybridCacheEntryOptions _defaultCacheExpiration = CacheExpiry(TimeSpan.FromSeconds(60));
+    internal MaskinportenSettings Settings =>
+        _options.Get(Variant == VariantDefault ? Microsoft.Extensions.Options.Options.DefaultName : Variant);
+
+    internal const string VariantDefault = "default";
+    internal const string VariantInternal = "internal";
+    internal readonly string Variant;
+
+    private readonly string _maskinportenCacheKeySalt;
+    private readonly string _altinnCacheKeySalt;
+    private static readonly HybridCacheEntryOptions _defaultCacheExpiration = CacheExpiryFactory(
+        TimeSpan.FromSeconds(60)
+    );
     private readonly ILogger<MaskinportenClient> _logger;
     private readonly IOptionsMonitor<MaskinportenSettings> _options;
+    private readonly PlatformSettings _platformSettings;
     private readonly IHttpClientFactory _httpClientFactory;
-    private readonly TimeProvider _timeprovider;
+    private readonly TimeProvider _timeProvider;
     private readonly HybridCache _tokenCache;
     private readonly Telemetry? _telemetry;
 
     /// <summary>
     /// Instantiates a new <see cref="MaskinportenClient"/> object.
     /// </summary>
+    /// <param name="variant">Variant (default/internal).</param>
     /// <param name="options">Maskinporten settings.</param>
+    /// <param name="platformSettings">Platform settings.</param>
     /// <param name="httpClientFactory">HttpClient factory.</param>
     /// <param name="tokenCache">Token cache store.</param>
     /// <param name="logger">Logger interface.</param>
     /// <param name="timeProvider">Optional TimeProvider implementation.</param>
     /// <param name="telemetry">Optional telemetry service.</param>
     public MaskinportenClient(
+        string variant,
         IOptionsMonitor<MaskinportenSettings> options,
+        IOptions<PlatformSettings> platformSettings,
         IHttpClientFactory httpClientFactory,
         HybridCache tokenCache,
         ILogger<MaskinportenClient> logger,
@@ -45,63 +65,134 @@ public MaskinportenClient(
         Telemetry? telemetry = null
     )
     {
+        if (variant != VariantDefault && variant != VariantInternal)
+            throw new ArgumentException($"Invalid variant '{variant}' provided to MaskinportenClient");
+
+        Variant = variant;
+        _maskinportenCacheKeySalt = $"maskinportenScope-{variant}";
+        _altinnCacheKeySalt = $"maskinportenScope-altinn-{variant}";
         _options = options;
+        _platformSettings = platformSettings.Value;
         _telemetry = telemetry;
-        _timeprovider = timeProvider ?? TimeProvider.System;
+        _timeProvider = timeProvider ?? TimeProvider.System;
         _logger = logger;
         _httpClientFactory = httpClientFactory;
         _tokenCache = tokenCache;
     }
 
     /// <inheritdoc/>
-    public async Task<MaskinportenTokenResponse> GetAccessToken(
+    public async Task<JwtToken> GetAccessToken(
         IEnumerable<string> scopes,
         CancellationToken cancellationToken = default
     )
     {
         string formattedScopes = FormattedScopes(scopes);
-        string cacheKey = $"{CacheKeySalt}_{formattedScopes}";
-        DateTimeOffset referenceTime = _timeprovider.GetUtcNow();
+        string cacheKey = $"{_maskinportenCacheKeySalt}_{formattedScopes}";
+        DateTimeOffset referenceTime = _timeProvider.GetUtcNow();
 
-        _telemetry?.StartGetAccessTokenActivity(_options.CurrentValue.ClientId, formattedScopes);
+        _logger.LogDebug("Retrieving Maskinporten token for scopes: {Scopes}", formattedScopes);
+        _telemetry?.StartGetAccessTokenActivity(Variant, Settings.ClientId, formattedScopes);
 
         var result = await _tokenCache.GetOrCreateAsync(
             cacheKey,
-            async cancel =>
+            (Self: this, FormattedScopes: formattedScopes, ReferenceTime: referenceTime),
+            static async (state, cancellationToken) =>
             {
-                // Fetch token
-                var token = await HandleMaskinportenAuthentication(formattedScopes, cancel);
-                var now = _timeprovider.GetUtcNow();
-                var cacheExpiry = referenceTime.AddSeconds(token.ExpiresIn - TokenExpirationMargin);
-                if (cacheExpiry <= now)
+                state.Self._logger.LogDebug("Token is not in cache, generating new");
+
+                JwtToken token = await state.Self.HandleMaskinportenAuthentication(
+                    state.FormattedScopes,
+                    cancellationToken
+                );
+
+                var expiresIn = state.Self.GetTokenExpiryWithMargin(token);
+                if (expiresIn <= TimeSpan.Zero)
                 {
                     throw new MaskinportenTokenExpiredException(
                         $"Access token cannot be used because it has a calculated expiration in the past (taking into account a margin of {TokenExpirationMargin} seconds): {token}"
                     );
                 }
 
-                // Wrap and return
-                return new TokenCacheEntry(
-                    Token: token,
-                    Expiration: cacheExpiry - referenceTime,
-                    HasSetExpiration: false
+                return new TokenCacheEntry(Token: token, ExpiresIn: expiresIn, HasSetExpiration: false);
+            },
+            cancellationToken: cancellationToken,
+            options: _defaultCacheExpiration
+        );
+
+        if (result.HasSetExpiration is false)
+        {
+            _logger.LogDebug("Updating token cache with appropriate expiration");
+            result = result with { HasSetExpiration = true };
+            await _tokenCache.SetAsync(
+                cacheKey,
+                result,
+                options: CacheExpiryFactory(result.ExpiresIn),
+                cancellationToken: cancellationToken
+            );
+        }
+        else
+        {
+            _logger.LogDebug("Token retrieved from cache: {Token}", result.Token);
+            _telemetry?.RecordMaskinportenTokenRequest(Telemetry.Maskinporten.RequestResult.Cached);
+        }
+
+        return result.Token;
+    }
+
+    /// <inheritdoc/>
+    public async Task<JwtToken> GetAltinnExchangedToken(
+        IEnumerable<string> scopes,
+        CancellationToken cancellationToken = default
+    )
+    {
+        string formattedScopes = FormattedScopes(scopes);
+        string cacheKey = $"{_altinnCacheKeySalt}_{formattedScopes}";
+
+        _logger.LogDebug("Retrieving Altinn token for scopes: {Scopes}", formattedScopes);
+        _telemetry?.StartGetAltinnExchangedAccessTokenActivity(Variant, Settings.ClientId, formattedScopes);
+
+        var result = await _tokenCache.GetOrCreateAsync(
+            cacheKey,
+            (Self: this, Scopes: scopes),
+            static async (state, cancellationToken) =>
+            {
+                state.Self._logger.LogDebug("Token is not in cache, generating new");
+                JwtToken maskinportenToken = await state.Self.GetAccessToken(state.Scopes, cancellationToken);
+                JwtToken altinnToken = await state.Self.HandleMaskinportenAltinnTokenExchange(
+                    maskinportenToken,
+                    cancellationToken
                 );
+
+                var expiresIn = state.Self.GetTokenExpiryWithMargin(altinnToken);
+                if (expiresIn <= TimeSpan.Zero)
+                {
+                    throw new MaskinportenTokenExpiredException(
+                        $"Access token cannot be used because it has a calculated expiration in the past (taking into account a margin of {TokenExpirationMargin} seconds): {altinnToken}"
+                    );
+                }
+
+                return new TokenCacheEntry(Token: altinnToken, ExpiresIn: expiresIn, HasSetExpiration: false);
             },
             cancellationToken: cancellationToken,
             options: _defaultCacheExpiration
         );
 
-        // Update cache with token expiration if applicable
         if (result.HasSetExpiration is false)
         {
+            _logger.LogDebug("Updating token cache with appropriate expiration");
             result = result with { HasSetExpiration = true };
             await _tokenCache.SetAsync(
                 cacheKey,
                 result,
-                options: CacheExpiry(result.Expiration),
+                options: CacheExpiryFactory(result.ExpiresIn),
                 cancellationToken: cancellationToken
             );
         }
+        else
+        {
+            _logger.LogDebug("Token retrieved from cache: {Token}", result.Token);
+            _telemetry?.RecordMaskinportenAltinnTokenExchangeRequest(Telemetry.Maskinporten.RequestResult.Cached);
+        }
 
         return result.Token;
     }
@@ -113,32 +204,36 @@ await _tokenCache.SetAsync(
     /// <param name="cancellationToken">An optional cancellation token.</param>
     /// <returns><inheritdoc cref="GetAccessToken"/></returns>
     /// <exception cref="MaskinportenAuthenticationException"><inheritdoc cref="GetAccessToken"/></exception>
-    private async Task<MaskinportenTokenResponse> HandleMaskinportenAuthentication(
+    private async Task<JwtToken> HandleMaskinportenAuthentication(
         string formattedScopes,
         CancellationToken cancellationToken = default
     )
     {
         try
         {
-            string jwt = GenerateJwtGrant(formattedScopes);
-            FormUrlEncodedContent payload = GenerateAuthenticationPayload(jwt);
+            _logger.LogDebug("Using MaskinportenClient.Variant={Variant} for authorization", Variant);
+            string jwtGrant = GenerateJwtGrant(formattedScopes);
+            FormUrlEncodedContent payload = AuthenticationPayloadFactory(jwtGrant);
 
             _logger.LogDebug(
                 "Sending grant request to Maskinporten: {GrantRequest}",
                 await payload.ReadAsStringAsync(cancellationToken)
             );
 
-            string tokenAuthority = _options.CurrentValue.Authority.Trim('/');
+            string tokenAuthority = Settings.Authority.Trim('/');
             using HttpClient client = _httpClientFactory.CreateClient();
             using HttpResponseMessage response = await client.PostAsync(
                 $"{tokenAuthority}/token",
                 payload,
                 cancellationToken
             );
-            MaskinportenTokenResponse token = await ParseServerResponse(response, cancellationToken);
 
-            _logger.LogDebug("Token retrieved successfully");
-            return token;
+            MaskinportenTokenResponse tokenResponse = await ParseServerResponse(response, cancellationToken);
+
+            _logger.LogDebug("Token retrieved successfully: {Token}", tokenResponse);
+            _telemetry?.RecordMaskinportenTokenRequest(Telemetry.Maskinporten.RequestResult.New);
+
+            return tokenResponse.AccessToken;
         }
         catch (MaskinportenException)
         {
@@ -146,10 +241,61 @@ await payload.ReadAsStringAsync(cancellationToken)
         }
         catch (Exception e)
         {
+            _telemetry?.RecordMaskinportenTokenRequest(Telemetry.Maskinporten.RequestResult.Error);
             throw new MaskinportenAuthenticationException($"Authentication with Maskinporten failed: {e.Message}", e);
         }
     }
 
+    /// <summary>
+    /// Handles the exchange of a Maskinporten token for an Altinn token.
+    /// </summary>
+    /// <param name="maskinportenToken">A Maskinporten issued token object</param>
+    /// <param name="cancellationToken">An optional cancellation token.</param>
+    /// <returns><inheritdoc cref="GetAltinnExchangedToken"/></returns>
+    /// <exception cref="MaskinportenAuthenticationException"><inheritdoc cref="GetAltinnExchangedToken"/></exception>
+    private async Task<JwtToken> HandleMaskinportenAltinnTokenExchange(
+        JwtToken maskinportenToken,
+        CancellationToken cancellationToken = default
+    )
+    {
+        try
+        {
+            _logger.LogDebug(
+                "Sending exchange request to Altinn Authentication with Bearer token: {MaskinportenToken}",
+                maskinportenToken
+            );
+
+            using HttpClient client = _httpClientFactory.CreateClient();
+            string url = _platformSettings.ApiAuthenticationEndpoint.TrimEnd('/') + "/exchange/maskinporten";
+
+            using var request = new HttpRequestMessage(HttpMethod.Get, url);
+            request.Headers.TryAddWithoutValidation(
+                General.SubscriptionKeyHeaderName,
+                _platformSettings.SubscriptionKey
+            );
+            request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", maskinportenToken.Value);
+
+            using HttpResponseMessage response = await client.SendAsync(request, cancellationToken);
+            response.EnsureSuccessStatusCode();
+
+            string token = await response.Content.ReadAsStringAsync(cancellationToken);
+
+            _logger.LogDebug("Token retrieved successfully");
+            _telemetry?.RecordMaskinportenAltinnTokenExchangeRequest(Telemetry.Maskinporten.RequestResult.New);
+
+            return JwtToken.Parse(token);
+        }
+        catch (MaskinportenException)
+        {
+            throw;
+        }
+        catch (Exception e)
+        {
+            _telemetry?.RecordMaskinportenAltinnTokenExchangeRequest(Telemetry.Maskinporten.RequestResult.Error);
+            throw new MaskinportenAuthenticationException($"Authentication with Altinn failed: {e.Message}", e);
+        }
+    }
+
     /// <summary>
     /// Generates a JWT grant for the supplied scope claims along with the pre-configured client id and private key.
     /// </summary>
@@ -161,7 +307,7 @@ internal string GenerateJwtGrant(string formattedScopes)
         MaskinportenSettings? settings;
         try
         {
-            settings = _options.CurrentValue;
+            settings = Settings;
         }
         catch (OptionsValidationException e)
         {
@@ -171,7 +317,7 @@ internal string GenerateJwtGrant(string formattedScopes)
             );
         }
 
-        var now = _timeprovider.GetUtcNow();
+        var now = _timeProvider.GetUtcNow();
         var expiry = now.AddMinutes(2);
         var jwtDescriptor = new SecurityTokenDescriptor
         {
@@ -182,8 +328,8 @@ internal string GenerateJwtGrant(string formattedScopes)
             SigningCredentials = new SigningCredentials(settings.GetJsonWebKey(), SecurityAlgorithms.RsaSha256),
             Claims = new Dictionary<string, object>
             {
-                ["scope"] = formattedScopes,
-                ["jti"] = Guid.NewGuid().ToString(),
+                [JwtClaimTypes.Scope] = formattedScopes,
+                [JwtClaimTypes.JwtId] = Guid.NewGuid().ToString(),
             },
         };
 
@@ -200,7 +346,7 @@ internal string GenerateJwtGrant(string formattedScopes)
     /// </para>
     /// </summary>
     /// <param name="jwtAssertion">The JWT token generated by <see cref="GenerateJwtGrant"/>.</param>
-    internal static FormUrlEncodedContent GenerateAuthenticationPayload(string jwtAssertion)
+    internal static FormUrlEncodedContent AuthenticationPayloadFactory(string jwtAssertion)
     {
         return new FormUrlEncodedContent(
             new Dictionary<string, string>
@@ -218,7 +364,7 @@ internal static FormUrlEncodedContent GenerateAuthenticationPayload(string jwtAs
     /// <param name="cancellationToken">An optional cancellation token.</param>
     /// <returns>A <see cref="MaskinportenTokenResponse"/> for successful requests.</returns>
     /// <exception cref="MaskinportenAuthenticationException">Authentication failed.
-    /// This could be caused by an authentication/authorization issue or a myriad of tother circumstances.</exception>
+    /// This could be caused by an authentication/authorisation issue or a myriad of other circumstances.</exception>
     internal static async Task<MaskinportenTokenResponse> ParseServerResponse(
         HttpResponseMessage httpResponse,
         CancellationToken cancellationToken = default
@@ -266,7 +412,7 @@ internal static async Task<MaskinportenTokenResponse> ParseServerResponse(
     /// <returns>A single string containing the supplied scopes.</returns>
     internal static string FormattedScopes(IEnumerable<string> scopes) => string.Join(" ", scopes);
 
-    internal static HybridCacheEntryOptions CacheExpiry(TimeSpan localExpiry, TimeSpan? overallExpiry = null)
+    private static HybridCacheEntryOptions CacheExpiryFactory(TimeSpan localExpiry, TimeSpan? overallExpiry = null)
     {
         return new HybridCacheEntryOptions
         {
@@ -274,4 +420,9 @@ internal static HybridCacheEntryOptions CacheExpiry(TimeSpan localExpiry, TimeSp
             Expiration = overallExpiry ?? localExpiry,
         };
     }
+
+    private TimeSpan GetTokenExpiryWithMargin(JwtToken token)
+    {
+        return token.ExpiresAt - _timeProvider.GetUtcNow() - TokenExpirationMargin;
+    }
 }
diff --git a/src/Altinn.App.Core/Features/Maskinporten/Models/MaskinportenTokenResponse.cs b/src/Altinn.App.Core/Features/Maskinporten/Models/MaskinportenTokenResponse.cs
index 4a9f63593..cbab31935 100644
--- a/src/Altinn.App.Core/Features/Maskinporten/Models/MaskinportenTokenResponse.cs
+++ b/src/Altinn.App.Core/Features/Maskinporten/Models/MaskinportenTokenResponse.cs
@@ -1,71 +1,43 @@
-using System.ComponentModel;
 using System.Text.Json.Serialization;
-using System.Text.RegularExpressions;
+using Altinn.App.Core.Models;
 
 namespace Altinn.App.Core.Features.Maskinporten.Models;
 
 /// <summary>
-/// The response received from Maskinporten after a successful grant request.
+/// The response received from Maskinporten after a successful grant request
 /// </summary>
-[ImmutableObject(true)]
-public sealed partial record MaskinportenTokenResponse
+internal sealed record MaskinportenTokenResponse
 {
-    private static readonly Regex _jwtStructurePattern = JwtRegexFactory();
-
     /// <summary>
-    /// The JWT access token to be used in the Authorization header for downstream requests.
+    /// The JWT access token to be used for authorisation of http requests
     /// </summary>
     [JsonPropertyName("access_token")]
-    public required string AccessToken { get; init; }
+    [JsonConverter(typeof(JwtTokenJsonConverter))]
+    public required JwtToken AccessToken { get; init; }
 
     /// <summary>
-    /// The type of JWT received. In this context, the value is always `Bearer`.
+    /// The type of JWT received. In this context, the value is always `Bearer`
     /// </summary>
     [JsonPropertyName("token_type")]
     public required string TokenType { get; init; }
 
     /// <summary>
-    /// The number of seconds until token expiry. Typically set to 120 = 2 minutes.
+    /// The number of seconds until token expiry. Typically set to 120 = 2 minutes
     /// </summary>
     [JsonPropertyName("expires_in")]
     public required int ExpiresIn { get; init; }
 
     /// <summary>
-    /// The scope(s) associated with the authorization token (<see cref="AccessToken"/>).
+    /// The scope(s) associated with the authorization token (<see cref="AccessToken"/>)
     /// </summary>
     [JsonPropertyName("scope")]
     public required string Scope { get; init; }
 
-    /// <summary>
-    /// Convenience conversion of <see cref="ExpiresIn"/> to an actual instant in time.
-    /// </summary>
-    public DateTime ExpiresAt => _createdAt.AddSeconds(ExpiresIn);
-
-    /// <summary>
-    /// Internal tracker used by <see cref="ExpiresAt"/> to calculate an expiry <see cref="DateTime"/>.
-    /// </summary>
-    private readonly DateTime _createdAt = DateTime.UtcNow;
-
-    /// <summary>
-    /// Is the token expired?
-    /// </summary>
-    public bool IsExpired()
-    {
-        return ExpiresAt < DateTime.UtcNow;
-    }
-
     /// <summary>
     /// Stringifies the content of this instance, while masking the JWT signature part of <see cref="AccessToken"/>
     /// </summary>
     public override string ToString()
     {
-        var accessTokenMatch = _jwtStructurePattern.Match(AccessToken);
-        var maskedToken = accessTokenMatch.Success
-            ? $"{accessTokenMatch.Groups[1]}.{accessTokenMatch.Groups[2]}.xxx"
-            : "<masked>";
-        return $"{nameof(AccessToken)}: {maskedToken}, {nameof(TokenType)}: {TokenType}, {nameof(Scope)}: {Scope}, {nameof(ExpiresIn)}: {ExpiresIn}, {nameof(ExpiresAt)}: {ExpiresAt}";
+        return $"{nameof(AccessToken)}: {AccessToken}, {nameof(TokenType)}: {TokenType}, {nameof(Scope)}: {Scope}, {nameof(ExpiresIn)}: {ExpiresIn}";
     }
-
-    [GeneratedRegex(@"^(.+)\.(.+)\.(.+)$", RegexOptions.Multiline)]
-    private static partial Regex JwtRegexFactory();
 }
diff --git a/src/Altinn.App.Core/Features/Maskinporten/Models/TokenCacheEntry.cs b/src/Altinn.App.Core/Features/Maskinporten/Models/TokenCacheEntry.cs
index f71ead563..2b747ae12 100644
--- a/src/Altinn.App.Core/Features/Maskinporten/Models/TokenCacheEntry.cs
+++ b/src/Altinn.App.Core/Features/Maskinporten/Models/TokenCacheEntry.cs
@@ -1,6 +1,8 @@
 using System.ComponentModel;
+using Altinn.App.Core.Models;
 
 namespace Altinn.App.Core.Features.Maskinporten.Models;
 
+// `ImmutableObject` prevents serialization with HybridCache
 [ImmutableObject(true)]
-internal sealed record TokenCacheEntry(MaskinportenTokenResponse Token, TimeSpan Expiration, bool HasSetExpiration);
+internal sealed record TokenCacheEntry(JwtToken Token, TimeSpan ExpiresIn, bool HasSetExpiration);
diff --git a/src/Altinn.App.Core/Features/Telemetry/Telemetry.Correspondence.cs b/src/Altinn.App.Core/Features/Telemetry/Telemetry.Correspondence.cs
new file mode 100644
index 000000000..4f8cde608
--- /dev/null
+++ b/src/Altinn.App.Core/Features/Telemetry/Telemetry.Correspondence.cs
@@ -0,0 +1,55 @@
+using System.ComponentModel.DataAnnotations;
+using System.Diagnostics;
+using NetEscapades.EnumGenerators;
+using static Altinn.App.Core.Features.Telemetry.Correspondence;
+using Tag = System.Collections.Generic.KeyValuePair<string, object?>;
+
+namespace Altinn.App.Core.Features;
+
+partial class Telemetry
+{
+    private void InitCorrespondence(InitContext context)
+    {
+        InitMetricCounter(
+            context,
+            MetricNameOrder,
+            init: static m =>
+            {
+                foreach (var result in CorrespondenceResultExtensions.GetValues())
+                {
+                    m.Add(0, new Tag(InternalLabels.Result, result.ToStringFast()));
+                }
+            }
+        );
+    }
+
+    internal Activity? StartSendCorrespondenceActivity()
+    {
+        return ActivitySource.StartActivity("Correspondence.Send");
+    }
+
+    internal Activity? StartCorrespondenceStatusActivity(Guid correspondenceId)
+    {
+        var activity = ActivitySource.StartActivity("Correspondence.Status");
+        activity?.AddTag(Labels.CorrespondenceId, correspondenceId);
+        return activity;
+    }
+
+    internal void RecordCorrespondenceOrder(CorrespondenceResult result) =>
+        _counters[MetricNameOrder].Add(1, new Tag(InternalLabels.Result, result.ToStringFast()));
+
+    internal static class Correspondence
+    {
+        internal static readonly string MetricNameOrder = Metrics.CreateLibName("correspondence_orders");
+
+        [EnumExtensions]
+        internal enum CorrespondenceResult
+        {
+            [Display(Name = "success")]
+            Success,
+
+            [Display(Name = "error")]
+            Error,
+        }
+    }
+}
diff --git a/src/Altinn.App.Core/Features/Telemetry/Telemetry.Maskinporten.cs b/src/Altinn.App.Core/Features/Telemetry/Telemetry.Maskinporten.cs
index 1c771e9dc..db7d91042 100644
--- a/src/Altinn.App.Core/Features/Telemetry/Telemetry.Maskinporten.cs
+++ b/src/Altinn.App.Core/Features/Telemetry/Telemetry.Maskinporten.cs
@@ -21,11 +21,32 @@ private void InitMaskinporten(InitContext context)
                 }
             }
         );
+        InitMetricCounter(
+            context,
+            MetricNameTokenExchangeRequest,
+            init: static m =>
+            {
+                foreach (var result in RequestResultExtensions.GetValues())
+                {
+                    m.Add(0, new Tag(InternalLabels.Result, result.ToStringFast()));
+                }
+            }
+        );
     }
 
-    internal Activity? StartGetAccessTokenActivity(string clientId, string scopes)
+    internal Activity? StartGetAccessTokenActivity(string variant, string clientId, string scopes)
     {
         var activity = ActivitySource.StartActivity("Maskinporten.GetAccessToken");
+        activity?.SetTag("maskinporten.variant", variant);
+        activity?.SetTag("maskinporten.scopes", scopes);
+        activity?.SetTag("maskinporten.client_id", clientId);
+        return activity;
+    }
+
+    internal Activity? StartGetAltinnExchangedAccessTokenActivity(string variant, string clientId, string scopes)
+    {
+        var activity = ActivitySource.StartActivity("Maskinporten.GetAltinnExchangedAccessToken");
+        activity?.SetTag("maskinporten.variant", variant);
         activity?.SetTag("maskinporten.scopes", scopes);
         activity?.SetTag("maskinporten.client_id", clientId);
         return activity;
@@ -36,9 +57,17 @@ internal void RecordMaskinportenTokenRequest(RequestResult result)
         _counters[MetricNameTokenRequest].Add(1, new Tag(InternalLabels.Result, result.ToStringFast()));
     }
 
+    internal void RecordMaskinportenAltinnTokenExchangeRequest(RequestResult result)
+    {
+        _counters[MetricNameTokenExchangeRequest].Add(1, new Tag(InternalLabels.Result, result.ToStringFast()));
+    }
+
     internal static class Maskinporten
     {
         internal static readonly string MetricNameTokenRequest = Metrics.CreateLibName("maskinporten_token_requests");
+        internal static readonly string MetricNameTokenExchangeRequest = Metrics.CreateLibName(
+            "maskinporten_altinn_exchange_requests"
+        );
 
         [EnumExtensions]
         internal enum RequestResult
diff --git a/src/Altinn.App.Core/Features/Telemetry/Telemetry.cs b/src/Altinn.App.Core/Features/Telemetry/Telemetry.cs
index fc1a14933..6732e0894 100644
--- a/src/Altinn.App.Core/Features/Telemetry/Telemetry.cs
+++ b/src/Altinn.App.Core/Features/Telemetry/Telemetry.cs
@@ -76,6 +76,7 @@ internal void Init()
             InitProcesses(context);
             InitValidation(context);
             InitMaskinporten(context);
+            InitCorrespondence(context);
 
             // NOTE: This Telemetry class is registered as a singleton
             // Metrics could be kept in fields of the respective objects that use them for instrumentation
@@ -169,6 +170,11 @@ public static class Labels
         /// Label for the organisation number.
         /// </summary>
         public const string OrganisationNumber = "organisation.number";
+
+        /// <summary>
+        /// Label for the Correspondence ID.
+        /// </summary>
+        public const string CorrespondenceId = "correspondence.id";
     }
 
     internal static class InternalLabels
diff --git a/src/Altinn.App.Core/Features/Telemetry/TelemetryActivityExtensions.cs b/src/Altinn.App.Core/Features/Telemetry/TelemetryActivityExtensions.cs
index b2c8dab43..2e9c37a49 100644
--- a/src/Altinn.App.Core/Features/Telemetry/TelemetryActivityExtensions.cs
+++ b/src/Altinn.App.Core/Features/Telemetry/TelemetryActivityExtensions.cs
@@ -1,4 +1,5 @@
 using System.Diagnostics;
+using Altinn.App.Core.Features.Correspondence.Models;
 using Altinn.App.Core.Models.Process;
 using Altinn.Platform.Storage.Interface.Models;
 using Microsoft.AspNetCore.Mvc;
@@ -265,6 +266,27 @@ public static Activity SetOrganisationNumber(this Activity activity, string? org
         return activity;
     }
 
+    internal static Activity SetCorrespondence(this Activity activity, SendCorrespondenceResponse? response)
+    {
+        if (response is not null)
+        {
+            if (response.Correspondences is { Count: 1 })
+            {
+                activity.SetTag(Labels.CorrespondenceId, response.Correspondences[0].CorrespondenceId);
+            }
+
+            var tags = new ActivityTagsCollection();
+            tags.Add("ids", response.Correspondences?.Select(c => c.CorrespondenceId.ToString()) ?? []);
+            tags.Add("statuses", response.Correspondences?.Select(c => c.Status.ToString()) ?? []);
+            tags.Add("count", response.Correspondences?.Count ?? 0);
+            tags.Add("attachments", response.AttachmentIds?.Count ?? 0);
+            tags.Add("operation", "send");
+            activity.AddEvent(new ActivityEvent("correspondence", tags: tags));
+        }
+
+        return activity;
+    }
+
     internal static Activity SetProblemDetails(this Activity activity, ProblemDetails problemDetails)
     {
         // Leave activity status to ASP.NET Core, as it will be set depending on status code?
@@ -344,7 +366,7 @@ internal static Activity SetProblemDetails(this Activity activity, ProblemDetail
     internal static void Errored(this Activity activity, Exception? exception = null, string? error = null)
     {
         activity.SetStatus(ActivityStatusCode.Error, error);
-        if(exception is not null)
+        if (exception is not null)
         {
             activity.AddException(exception);
         }
diff --git a/src/Altinn.App.Core/Models/JwtToken.cs b/src/Altinn.App.Core/Models/JwtToken.cs
new file mode 100644
index 000000000..f60a092dd
--- /dev/null
+++ b/src/Altinn.App.Core/Models/JwtToken.cs
@@ -0,0 +1,132 @@
+using System.ComponentModel;
+using System.IdentityModel.Tokens.Jwt;
+using System.Text.RegularExpressions;
+
+namespace Altinn.App.Core.Models;
+
+/// <summary>
+/// Represents an OAuth 2.0 access token in JWT format
+/// Needs to be unencrypted
+/// </summary>
+[ImmutableObject(true)] // `ImmutableObject` prevents serialization with HybridCache
+public readonly partial struct JwtToken : IEquatable<JwtToken>
+{
+    /// <summary>
+    /// The access token value (JWT format)
+    /// </summary>
+    public string Value { get; }
+
+    private readonly JwtSecurityToken _jwtSecurityToken;
+
+    /// <summary>
+    /// The instant in time when the token expires
+    /// </summary>
+    public DateTimeOffset ExpiresAt => _jwtSecurityToken.ValidTo;
+
+    /// <summary>
+    /// Is the token expired?
+    /// </summary>
+    public bool IsExpired(TimeProvider? timeProvider = null) =>
+        ExpiresAt < (timeProvider?.GetUtcNow() ?? DateTimeOffset.UtcNow);
+
+    /// <summary>
+    /// The scope(s) associated with the token
+    /// </summary>
+    public string? Scope => _jwtSecurityToken.Payload.TryGetValue("scope", out var scope) ? scope.ToString() : null;
+
+    private JwtToken(string jwtToken, JwtSecurityToken jwtSecurityToken)
+    {
+        Value = jwtToken;
+        _jwtSecurityToken = jwtSecurityToken;
+    }
+
+    /// <summary>
+    /// Parses an access token
+    /// </summary>
+    /// <param name="value">The value to parse</param>
+    /// <exception cref="FormatException">The access token is not valid</exception>
+    public static JwtToken Parse(string value)
+    {
+        return TryParse(value, out var accessToken)
+            ? accessToken
+            : throw new FormatException($"Invalid access token format: {value}");
+    }
+
+    /// <summary>
+    /// Attempt to parse an access token
+    /// </summary>
+    /// <param name="value">The value to parse</param>
+    /// <param name="jwtToken">The resulting <see cref="JwtToken"/> instance</param>
+    /// <returns>`true` on successful parse, `false` otherwise</returns>
+    public static bool TryParse(string value, out JwtToken jwtToken)
+    {
+        jwtToken = default;
+
+        JwtSecurityTokenHandler handler = new();
+        try
+        {
+            JwtSecurityToken jwt = handler.ReadJwtToken(value);
+            jwtToken = new JwtToken(value, jwt);
+        }
+        catch
+        {
+            return false;
+        }
+
+        return true;
+    }
+
+    // Matches a string with pattern eyXXX.eyXXX.XXX, allowing underscores and hyphens
+    [GeneratedRegex(@"^((?:ey[\w-]+\.){2})([\w-]+)$")]
+    private static partial Regex JwtRegex();
+
+    private static string MaskJwtSignature(string accessToken)
+    {
+        var accessTokenMatch = JwtRegex().Match(accessToken);
+        return accessTokenMatch.Success ? $"{accessTokenMatch.Groups[1]}<masked>" : "<masked>";
+    }
+
+    /// <summary>
+    /// Determines whether the specified object is equal to the current object
+    /// </summary>
+    public bool Equals(JwtToken other) => Value == other.Value;
+
+    /// <summary>
+    /// Determines whether the specified object is equal to the current object
+    /// </summary>
+    public override bool Equals(object? obj) => obj is JwtToken other && Equals(other);
+
+    /// <summary>
+    /// Returns the hash code for the access token value
+    /// </summary>
+    public override int GetHashCode() => Value.GetHashCode();
+
+    /// <summary>
+    /// Returns a string representation of the access token with a masked signature component
+    /// </summary>
+    public override string ToString() => MaskJwtSignature(Value);
+
+    /// <summary>
+    /// Returns a string representation of the access token with an intact signature component
+    /// </summary>
+    public string ToStringUnmasked() => Value;
+
+    /// <summary>
+    /// Determines whether two specified instances of <see cref="JwtToken"/> are equal
+    /// </summary>
+    public static bool operator ==(JwtToken left, JwtToken right) => left.Equals(right);
+
+    /// <summary>
+    /// Determines whether two specified instances of <see cref="JwtToken"/> are not equal
+    /// </summary>
+    public static bool operator !=(JwtToken left, JwtToken right) => !left.Equals(right);
+
+    /// <summary>
+    /// Implicit conversion from <see cref="JwtToken"/> to string
+    /// </summary>
+    /// <param name="accessToken">The access token instance</param>
+    public static implicit operator string(JwtToken accessToken)
+    {
+        return accessToken.Value;
+    }
+}
diff --git a/src/Altinn.App.Core/Models/JwtTokenJsonConverter.cs b/src/Altinn.App.Core/Models/JwtTokenJsonConverter.cs
new file mode 100644
index 000000000..01af8b792
--- /dev/null
+++ b/src/Altinn.App.Core/Models/JwtTokenJsonConverter.cs
@@ -0,0 +1,28 @@
+using System.Text.Json;
+using System.Text.Json.Serialization;
+
+namespace Altinn.App.Core.Models;
+
+/// <summary>
+/// Json converter to transform between <see cref="string"/> and <see cref="JwtToken"/>
+/// </summary>
+internal class JwtTokenJsonConverter : JsonConverter<JwtToken>
+{
+    /// <inheritdoc/>
+    public override JwtToken Read(ref Utf8JsonReader reader, Type typeToConvert, JsonSerializerOptions options)
+    {
+        if (reader.TokenType != JsonTokenType.String)
+        {
+            throw new JsonException("Expected string token for AccessToken property.");
+        }
+
+        var tokenValue = reader.GetString() ?? throw new JsonException("AccessToken string value is null.");
+        return JwtToken.Parse(tokenValue);
+    }
+
+    /// <inheritdoc/>
+    public override void Write(Utf8JsonWriter writer, JwtToken value, JsonSerializerOptions options)
+    {
+        writer.WriteStringValue(value);
+    }
+}
diff --git a/src/Altinn.App.Core/Models/LanguageCode.cs b/src/Altinn.App.Core/Models/LanguageCode.cs
new file mode 100644
index 000000000..1038b6b3c
--- /dev/null
+++ b/src/Altinn.App.Core/Models/LanguageCode.cs
@@ -0,0 +1,137 @@
+using System.Text.RegularExpressions;
+
+namespace Altinn.App.Core.Models;
+
+#pragma warning disable CA1000
+
+/// <summary>
+/// Specification details for language code ISO 639-1
+/// </summary>
+public readonly partial struct Iso6391 : ILanguageCodeStandard
+{
+    /// <inheritdoc/>
+    public static LanguageCodeValidationResult Validate(string code)
+    {
+        string? errorMessage = null;
+        if (string.IsNullOrWhiteSpace(code))
+            errorMessage = "Code value cannot be empty.";
+        else if (code.Length != 2)
+            errorMessage = $"Invalid code length. Received {code.Length} characters, expected 2 (ISO 639-1).";
+        else if (ValidationRegex().IsMatch(code) is false)
+            errorMessage = "Code value must only contain letters.";
+
+        return new LanguageCodeValidationResult(errorMessage is null, errorMessage);
+    }
+
+    [GeneratedRegex(@"^[a-zA-Z]{2}$")]
+    private static partial Regex ValidationRegex();
+}
+
+/// <summary>
+/// Specifications for language code standards
+/// </summary>
+public interface ILanguageCodeStandard
+{
+    /// <summary>
+    /// Validation instructions for the language code implementation
+    /// </summary>
+    /// <param name="code">The code to validate, e.g. "no" in the case of ISO 639-1</param>
+    static abstract LanguageCodeValidationResult Validate(string code);
+};
+
+/// <summary>
+/// The result of a language code validation
+/// </summary>
+/// <param name="IsValid">Is the code valid?</param>
+/// <param name="ErrorMessage">If not valid, what is the reason given?</param>
+public sealed record LanguageCodeValidationResult(bool IsValid, string? ErrorMessage);
+
+/// <summary>
+/// Represents a language code
+/// </summary>
+public readonly struct LanguageCode<TLangCodeStandard> : IEquatable<LanguageCode<TLangCodeStandard>>
+    where TLangCodeStandard : struct, ILanguageCodeStandard
+{
+    /// <summary>
+    /// The language code value
+    /// </summary>
+    public string Value { get; }
+
+    private LanguageCode(string code)
+    {
+        Value = code.ToLowerInvariant();
+    }
+
+    /// <summary>
+    /// Parses a language code
+    /// </summary>
+    /// <param name="code">The language code</param>
+    /// <exception cref="FormatException">The language code format is invalid</exception>
+    public static LanguageCode<TLangCodeStandard> Parse(string code)
+    {
+        LanguageCodeValidationResult validationResult = TryParse(code, out var instance);
+
+        return validationResult.IsValid
+            ? instance
+            : throw new FormatException($"Invalid language code format: {validationResult.ErrorMessage}");
+    }
+
+    /// <summary>
+    /// Attempts to parse a language code
+    /// </summary>
+    /// <param name="code">The code to parse</param>
+    /// <param name="result">The resulting <see cref="LanguageCodeValidationResult"/></param>
+    public static LanguageCodeValidationResult TryParse(string code, out LanguageCode<TLangCodeStandard> result)
+    {
+        var validationResult = TLangCodeStandard.Validate(code);
+        if (!validationResult.IsValid)
+        {
+            result = default;
+            return validationResult;
+        }
+
+        result = new LanguageCode<TLangCodeStandard>(code);
+        return new LanguageCodeValidationResult(true, null);
+    }
+
+    /// <summary>
+    /// Determines whether the specified object is equal to the current object
+    /// </summary>
+    public bool Equals(LanguageCode<TLangCodeStandard> other) => Value == other.Value;
+
+    /// <summary>
+    /// Determines whether the specified object is equal to the current object
+    /// </summary>
+    public override bool Equals(object? obj) => obj is LanguageCode<TLangCodeStandard> other && Equals(other);
+
+    /// <summary>
+    /// Returns the hash code for the language code value
+    /// </summary>
+    public override int GetHashCode() => Value.GetHashCode();
+
+    /// <summary>
+    /// Returns a string representation of the language code
+    /// </summary>
+    public override string ToString() => Value;
+
+    /// <summary>
+    /// Determines whether two specified instances of <see cref="LanguageCode{TLangCodeStandard}"/> are equal
+    /// </summary>
+    public static bool operator ==(LanguageCode<TLangCodeStandard> left, LanguageCode<TLangCodeStandard> right) =>
+        left.Equals(right);
+
+    /// <summary>
+    /// Determines whether two specified instances of <see cref="LanguageCode{TLangCodeStandard}"/> are not equal
+    /// </summary>
+    public static bool operator !=(LanguageCode<TLangCodeStandard> left, LanguageCode<TLangCodeStandard> right) =>
+        !left.Equals(right);
+
+    /// <summary>
+    /// Implicit conversion from <see cref="LanguageCode{TLangCodeStandard}"/> to string
+    /// </summary>
+    /// <param name="languageCode">The language code instance</param>
+    public static implicit operator string(LanguageCode<TLangCodeStandard> languageCode)
+    {
+        return languageCode.Value;
+    }
+}
diff --git a/src/Altinn.App.Core/Models/LanguageCodeJsonConverter.cs b/src/Altinn.App.Core/Models/LanguageCodeJsonConverter.cs
new file mode 100644
index 000000000..d64053afd
--- /dev/null
+++ b/src/Altinn.App.Core/Models/LanguageCodeJsonConverter.cs
@@ -0,0 +1,29 @@
+using System.Text.Json;
+using System.Text.Json.Serialization;
+
+namespace Altinn.App.Core.Models;
+
+/// <summary>
+/// Json converter to transform between <see cref="string"/> and <see cref="LanguageCode{TLangCodeStandard}"/>
+/// </summary>
+internal class LanguageCodeJsonConverter<T> : JsonConverter<LanguageCode<T>>
+    where T : struct, ILanguageCodeStandard
+{
+    /// <inheritdoc/>
+    public override LanguageCode<T> Read(ref Utf8JsonReader reader, Type typeToConvert, JsonSerializerOptions options)
+    {
+        if (reader.TokenType != JsonTokenType.String)
+        {
+            throw new JsonException("Expected string token for LanguageCode property.");
+        }
+
+        var tokenValue = reader.GetString() ?? throw new JsonException("LanguageCode string value is null.");
+        return LanguageCode<T>.Parse(tokenValue);
+    }
+
+    /// <inheritdoc/>
+    public override void Write(Utf8JsonWriter writer, LanguageCode<T> value, JsonSerializerOptions options)
+    {
+        writer.WriteStringValue(value);
+    }
+}
diff --git a/src/Altinn.App.Core/Models/NationalIdentityNumber.cs b/src/Altinn.App.Core/Models/NationalIdentityNumber.cs
new file mode 100644
index 000000000..79e2775c3
--- /dev/null
+++ b/src/Altinn.App.Core/Models/NationalIdentityNumber.cs
@@ -0,0 +1,140 @@
+using System.Globalization;
+
+namespace Altinn.App.Core.Models;
+
+/// <summary>
+/// Represents a Norwegian national identity number
+/// <remarks>
+/// The validation in this type is hard coded to the Norwegian national identity number format
+/// </remarks>
+/// </summary>
+public readonly struct NationalIdentityNumber : IEquatable<NationalIdentityNumber>
+{
+    /// <summary>
+    /// The national identity number value
+    /// </summary>
+    public string Value { get; }
+
+    private NationalIdentityNumber(string nationalIdentityNumber)
+    {
+        Value = nationalIdentityNumber;
+    }
+
+    /// <summary>
+    /// Parses a national identity number
+    /// </summary>
+    /// <param name="value">The value to parse</param>
+    /// <exception cref="FormatException">The number is not valid</exception>
+    public static NationalIdentityNumber Parse(string value)
+    {
+        return TryParse(value, out var nationalIdentityNumber)
+            ? nationalIdentityNumber
+            : throw new FormatException($"Invalid national identity number format: {value}");
+    }
+
+    /// <summary>
+    /// Attempt to parse a national identity number
+    /// </summary>
+    /// <param name="value">The value to parse</param>
+    /// <param name="nationalIdentityNumber">The resulting <see cref="NationalIdentityNumber"/> instance</param>
+    /// <returns>`true` on successful parse, `false` otherwise</returns>
+    public static bool TryParse(string value, out NationalIdentityNumber nationalIdentityNumber)
+    {
+        nationalIdentityNumber = default;
+
+        if (value.Length != 11)
+            return false;
+
+        ReadOnlySpan<int> weightsDigit10 = [3, 7, 6, 1, 8, 9, 4, 5, 2];
+        ReadOnlySpan<int> weightsDigit11 = [5, 4, 3, 2, 7, 6, 5, 4, 3, 2];
+
+        int sum10 = 0;
+        int sum11 = 0;
+
+        for (int i = 0; i < 11; i++)
+        {
+            if (!int.TryParse(value.AsSpan(i, 1), CultureInfo.InvariantCulture, out int currentDigit))
+                return false;
+
+            if (i < 9)
+            {
+                sum10 += currentDigit * weightsDigit10[i];
+                sum11 += currentDigit * weightsDigit11[i];
+                continue;
+            }
+
+            if (i == 9)
+            {
+                var ctrl10 = Mod11(sum10) switch
+                {
+                    11 => 0,
+                    var result => result,
+                };
+
+                if (ctrl10 != currentDigit)
+                    return false;
+
+                sum11 += ctrl10 * weightsDigit11[i];
+            }
+
+            if (i == 10)
+            {
+                var ctrl11 = Mod11(sum11) switch
+                {
+                    11 => 0,
+                    var result => result,
+                };
+
+                if (ctrl11 != currentDigit)
+                    return false;
+            }
+        }
+
+        nationalIdentityNumber = new NationalIdentityNumber(value);
+        return true;
+    }
+
+    private static int Mod11(int value)
+    {
+        return 11 - (value % 11);
+    }
+
+    /// <summary>
+    /// Determines whether the specified object is equal to the current object
+    /// </summary>
+    public bool Equals(NationalIdentityNumber other) => Value == other.Value;
+
+    /// <summary>
+    /// Determines whether the specified object is equal to the current object
+    /// </summary>
+    public override bool Equals(object? obj) => obj is NationalIdentityNumber other && Equals(other);
+
+    /// <summary>
+    /// Returns the hash code for the national identity number value
+    /// </summary>
+    public override int GetHashCode() => Value.GetHashCode();
+
+    /// <summary>
+    /// Returns a string representation of the national identity number
+    /// </summary>
+    public override string ToString() => Value;
+
+    /// <summary>
+    /// Determines whether two specified instances of <see cref="NationalIdentityNumber"/> are equal
+    /// </summary>
+    public static bool operator ==(NationalIdentityNumber left, NationalIdentityNumber right) => left.Equals(right);
+
+    /// <summary>
+    /// Determines whether two specified instances of <see cref="NationalIdentityNumber"/> are not equal
+    /// </summary>
+    public static bool operator !=(NationalIdentityNumber left, NationalIdentityNumber right) => !left.Equals(right);
+
+    /// <summary>
+    /// Implicit conversion from <see cref="NationalIdentityNumber"/> to string
+    /// </summary>
+    /// <param name="nationalIdentityNumber">The national identity number instance</param>
+    public static implicit operator string(NationalIdentityNumber nationalIdentityNumber)
+    {
+        return nationalIdentityNumber.Value;
+    }
+}
diff --git a/src/Altinn.App.Core/Models/NationalIdentityNumberJsonConverter.cs b/src/Altinn.App.Core/Models/NationalIdentityNumberJsonConverter.cs
new file mode 100644
index 000000000..f3d1261c7
--- /dev/null
+++ b/src/Altinn.App.Core/Models/NationalIdentityNumberJsonConverter.cs
@@ -0,0 +1,32 @@
+using System.Text.Json;
+using System.Text.Json.Serialization;
+
+namespace Altinn.App.Core.Models;
+
+/// <summary>
+/// Json converter to transform between <see cref="string"/> and <see cref="NationalIdentityNumber"/>
+/// </summary>
+internal class NationalIdentityNumberJsonConverter : JsonConverter<NationalIdentityNumber>
+{
+    /// <inheritdoc/>
+    public override NationalIdentityNumber Read(
+        ref Utf8JsonReader reader,
+        Type typeToConvert,
+        JsonSerializerOptions options
+    )
+    {
+        if (reader.TokenType != JsonTokenType.String)
+        {
+            throw new JsonException("Expected string token for NationalIdentityNumber property.");
+        }
+
+        var tokenValue = reader.GetString() ?? throw new JsonException("NationalIdentityNumber string value is null.");
+        return NationalIdentityNumber.Parse(tokenValue);
+    }
+
+    /// <inheritdoc/>
+    public override void Write(Utf8JsonWriter writer, NationalIdentityNumber value, JsonSerializerOptions options)
+    {
+        writer.WriteStringValue(value);
+    }
+}
diff --git a/src/Altinn.App.Core/Models/OrganisationNumber.cs b/src/Altinn.App.Core/Models/OrganisationNumber.cs
new file mode 100644
index 000000000..1d040c1b2
--- /dev/null
+++ b/src/Altinn.App.Core/Models/OrganisationNumber.cs
@@ -0,0 +1,147 @@
+using System.Globalization;
+
+namespace Altinn.App.Core.Models;
+
+/// <summary>
+/// Represents the format of an organisation number
+/// </summary>
+public enum OrganisationNumberFormat
+{
+    /// <summary>
+    /// Represents only the locally recognised organisation number, e.g. "991825827".
+    /// </summary>
+    Local,
+
+    /// <summary>
+    /// Represents only the locally recognised organisation number, e.g. "0192:991825827".
+    /// </summary>
+    International,
+}
+
+/// <summary>
+/// Represents a Norwegian organisation number
+/// <remarks>
+/// The validation in this type is hard coded to the Norwegian organisation number format
+/// </remarks>
+/// </summary>
+public readonly struct OrganisationNumber : IEquatable<OrganisationNumber>
+{
+    private readonly string _local;
+    private readonly string _international;
+
+    /// <summary>
+    /// Gets the organisation number as a string in the specified format
+    /// </summary>
+    /// <param name="format">The format to get</param>
+    /// <exception cref="ArgumentOutOfRangeException">Invalid format provided</exception>
+    public string Get(OrganisationNumberFormat format) =>
+        format switch
+        {
+            OrganisationNumberFormat.Local => _local,
+            OrganisationNumberFormat.International => _international,
+            _ => throw new ArgumentOutOfRangeException(nameof(format)),
+        };
+
+    private OrganisationNumber(string local, string international)
+    {
+        _local = local;
+        _international = international;
+    }
+
+    /// <summary>
+    /// Parses an organisation number
+    /// </summary>
+    /// <param name="value">The value to parse</param>
+    /// <exception cref="FormatException">The organisation number is not valid</exception>
+    public static OrganisationNumber Parse(string value)
+    {
+        return TryParse(value, out var organisationNumber)
+            ? organisationNumber
+            : throw new FormatException($"Invalid organisation number format: {value}");
+    }
+
+    /// <summary>
+    /// Attempt to parse an organisation number
+    /// </summary>
+    /// <param name="value">The value to parse</param>
+    /// <param name="organisationNumber">The resulting <see cref="OrganisationNumber"/> instance</param>
+    /// <returns>`true` on successful parse, `false` otherwise</returns>
+    public static bool TryParse(string value, out OrganisationNumber organisationNumber)
+    {
+        organisationNumber = default;
+
+        // Either local="991825827" or international="0192:991825827"
+        if (value.Length != 9 && value.Length != 14)
+            return false;
+
+        string local;
+        string international;
+        if (value.Length == 9)
+        {
+            local = value;
+            international = "0192:" + value;
+        }
+        else
+        {
+            if (!value.StartsWith("0192:", StringComparison.Ordinal))
+                return false;
+            local = value.Substring(5);
+            international = value;
+        }
+
+        ReadOnlySpan<int> weights = [3, 2, 7, 6, 5, 4, 3, 2];
+
+        int sum = 0;
+        for (int i = 0; i < local.Length - 1; i++)
+        {
+            if (!int.TryParse(local.AsSpan(i, 1), CultureInfo.InvariantCulture, out int currentDigit))
+                return false;
+            sum += currentDigit * weights[i];
+        }
+
+        int ctrlDigit = 11 - (sum % 11);
+        if (ctrlDigit == 11)
+        {
+            ctrlDigit = 0;
+        }
+
+        if (!int.TryParse(local.AsSpan(local.Length - 1, 1), CultureInfo.InvariantCulture, out var lastDigit))
+            return false;
+
+        if (lastDigit != ctrlDigit)
+            return false;
+
+        organisationNumber = new OrganisationNumber(local, international);
+        return true;
+    }
+
+    /// <summary>
+    /// Determines whether the specified object is equal to the current object
+    /// </summary>
+    public bool Equals(OrganisationNumber other) => _local == other._local;
+
+    /// <summary>
+    /// Determines whether the specified object is equal to the current object
+    /// </summary>
+    public override bool Equals(object? obj) => obj is OrganisationNumber other && Equals(other);
+
+    /// <summary>
+    /// Returns the hash code for the <see cref="OrganisationNumberFormat.Local"/> value
+    /// </summary>
+    public override int GetHashCode() => _local.GetHashCode();
+
+    /// <summary>
+    /// Returns a string representation of the <see cref="OrganisationNumberFormat.Local"/> organisation number
+    /// </summary>
+    public override string ToString() => _local;
+
+    /// <summary>
+    /// Determines whether two specified instances of <see cref="OrganisationNumber"/> are equal
+    /// </summary>
+    public static bool operator ==(OrganisationNumber left, OrganisationNumber right) => left.Equals(right);
+
+    /// <summary>
+    /// Determines whether two specified instances of <see cref="OrganisationNumber"/> are not equal
+    /// </summary>
+    public static bool operator !=(OrganisationNumber left, OrganisationNumber right) => !left.Equals(right);
+}
diff --git a/src/Altinn.App.Core/Models/OrganisationNumberJsonConverter.cs b/src/Altinn.App.Core/Models/OrganisationNumberJsonConverter.cs
new file mode 100644
index 000000000..c748d332f
--- /dev/null
+++ b/src/Altinn.App.Core/Models/OrganisationNumberJsonConverter.cs
@@ -0,0 +1,56 @@
+using System.Text.Json;
+using System.Text.Json.Serialization;
+
+namespace Altinn.App.Core.Models;
+
+/// <summary>
+/// Json converter to transform between <see cref="string"/> and <see cref="OrganisationNumber"/>
+/// </summary>
+[AttributeUsage(AttributeTargets.Property | AttributeTargets.Class, AllowMultiple = false)]
+internal class OrganisationNumberJsonConverterAttribute : JsonConverterAttribute
+{
+    private OrganisationNumberFormat _format { get; init; }
+
+    /// <inheritdoc cref="OrganisationNumberJsonConverterAttribute"/>
+    /// <param name="format">The desired organisation number format to use for <b>serialization</b></param>
+    public OrganisationNumberJsonConverterAttribute(OrganisationNumberFormat format)
+    {
+        _format = format;
+    }
+
+    /// <inheritdoc/>
+    public override JsonConverter? CreateConverter(Type typeToConvert)
+    {
+        return new OrganisationNumberJsonConverter(_format);
+    }
+}
+
+internal class OrganisationNumberJsonConverter : JsonConverter<OrganisationNumber>
+{
+    private OrganisationNumberFormat _format { get; init; }
+
+    public OrganisationNumberJsonConverter(OrganisationNumberFormat format)
+    {
+        _format = format;
+    }
+
+    public override OrganisationNumber Read(
+        ref Utf8JsonReader reader,
+        Type typeToConvert,
+        JsonSerializerOptions options
+    )
+    {
+        if (reader.TokenType != JsonTokenType.String)
+        {
+            throw new JsonException("Expected string token for OrganisationNumber property.");
+        }
+
+        var numberValue = reader.GetString() ?? throw new JsonException("OrganisationNumber string value is null.");
+        return OrganisationNumber.Parse(numberValue);
+    }
+
+    public override void Write(Utf8JsonWriter writer, OrganisationNumber value, JsonSerializerOptions options)
+    {
+        writer.WriteStringValue(value.Get(_format));
+    }
+}
diff --git a/test/Altinn.App.Api.Tests/Altinn.App.Api.Tests.csproj b/test/Altinn.App.Api.Tests/Altinn.App.Api.Tests.csproj
index e6f01904a..61beaf98a 100644
--- a/test/Altinn.App.Api.Tests/Altinn.App.Api.Tests.csproj
+++ b/test/Altinn.App.Api.Tests/Altinn.App.Api.Tests.csproj
@@ -30,6 +30,10 @@
     <ProjectReference Include="..\Altinn.App.Common.Tests\Altinn.App.Common.Tests.csproj" />
   </ItemGroup>
 
+  <ItemGroup>
+    <InternalsVisibleTo Include="Altinn.App.Core.Tests" />
+  </ItemGroup>
+
   <ItemGroup>
     <None Include="TestResources/**">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
@@ -47,4 +51,4 @@
     </None>
     <None Include="C:\dev\nugets\app-lib-dotnet\test\Altinn.App.Api.Tests\.editorconfig" />
   </ItemGroup>
-</Project>
\ No newline at end of file
+</Project>
diff --git a/test/Altinn.App.Api.Tests/Maskinporten/MaskinportenClientIntegrationTest.cs b/test/Altinn.App.Api.Tests/Maskinporten/MaskinportenClientIntegrationTest.cs
index b5d040294..6e6e8565a 100644
--- a/test/Altinn.App.Api.Tests/Maskinporten/MaskinportenClientIntegrationTest.cs
+++ b/test/Altinn.App.Api.Tests/Maskinporten/MaskinportenClientIntegrationTest.cs
@@ -1,14 +1,13 @@
 using Altinn.App.Api.Extensions;
 using Altinn.App.Api.Tests.Extensions;
 using Altinn.App.Api.Tests.TestUtils;
-using Altinn.App.Core.Extensions;
 using Altinn.App.Core.Features.Maskinporten;
+using Altinn.App.Core.Features.Maskinporten.Constants;
 using Altinn.App.Core.Features.Maskinporten.Delegates;
 using Altinn.App.Core.Features.Maskinporten.Models;
 using FluentAssertions;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Options;
-using Microsoft.IdentityModel.Tokens;
 
 namespace Altinn.App.Api.Tests.Maskinporten;
 
@@ -121,17 +120,30 @@ public void ConfigureMaskinportenClient_BindsToSpecifiedConfigPath()
     }
 
     [Theory]
-    [InlineData("client1", "scope1")]
-    [InlineData("client2", "scope1", "scope2", "scope3")]
-    public void UseMaskinportenAuthorization_AddsHandler_BindsToSpecifiedClient(
+    [InlineData(nameof(TokenAuthorities.Maskinporten), "client1", "scope1")]
+    [InlineData(nameof(TokenAuthorities.Maskinporten), "client2", "scope1", "scope2", "scope3")]
+    [InlineData(nameof(TokenAuthorities.AltinnTokenExchange), "doesntmatter")]
+    public void UseMaskinportenAuthorisation_AddsHandler_BindsToSpecifiedClient(
+        string tokenAuthority,
         string scope,
         params string[] additionalScopes
     )
     {
         // Arrange
+        Enum.TryParse(tokenAuthority, false, out TokenAuthorities actualTokenAuthority);
         var app = AppBuilder.Build(registerCustomAppServices: services =>
-            services.AddHttpClient<DummyHttpClient>().UseMaskinportenAuthorization(scope, additionalScopes)
-        );
+        {
+            _ = actualTokenAuthority switch
+            {
+                TokenAuthorities.Maskinporten => services
+                    .AddHttpClient<DummyHttpClient>()
+                    .UseMaskinportenAuthorisation(scope, additionalScopes),
+                TokenAuthorities.AltinnTokenExchange => services
+                    .AddHttpClient<DummyHttpClient>()
+                    .UseMaskinportenAltinnAuthorisation(scope, additionalScopes),
+                _ => throw new ArgumentException($"Unknown TokenAuthority {tokenAuthority}"),
+            };
+        });
 
         // Act
         var client = app.Services.GetRequiredService<DummyHttpClient>();
@@ -142,6 +154,7 @@ params string[] additionalScopes
         Assert.NotNull(delegatingHandler);
         var inputScopes = new[] { scope }.Concat(additionalScopes);
         delegatingHandler.Scopes.Should().BeEquivalentTo(inputScopes);
+        delegatingHandler.Authorities.Should().Be(actualTokenAuthority);
     }
 
     private sealed class DummyHttpClient(HttpClient client)
diff --git a/test/Altinn.App.Api.Tests/Mocks/JwtTokenMock.cs b/test/Altinn.App.Api.Tests/Mocks/JwtTokenMock.cs
index 35ebd0444..ea9760fff 100644
--- a/test/Altinn.App.Api.Tests/Mocks/JwtTokenMock.cs
+++ b/test/Altinn.App.Api.Tests/Mocks/JwtTokenMock.cs
@@ -14,15 +14,22 @@ public static class JwtTokenMock
     /// Generates a token with a self signed certificate included in the integration test project.
     /// </summary>
     /// <param name="principal">The claims principal to include in the token.</param>
-    /// <param name="tokenExipry">How long the token should be valid for.</param>
+    /// <param name="tokenExpiry">How long the token should be valid for.</param>
+    /// <param name="timeProvider">Alternative timeprovider, if applicable</param>
     /// <returns>A new token.</returns>
-    public static string GenerateToken(ClaimsPrincipal principal, TimeSpan tokenExipry)
+    public static string GenerateToken(
+        ClaimsPrincipal principal,
+        TimeSpan tokenExpiry,
+        TimeProvider? timeProvider = null
+    )
     {
         JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler();
+        var now = timeProvider?.GetUtcNow() ?? DateTimeOffset.UtcNow;
         SecurityTokenDescriptor tokenDescriptor = new SecurityTokenDescriptor
         {
             Subject = new ClaimsIdentity(principal.Identity),
-            Expires = DateTime.UtcNow.AddSeconds(tokenExipry.TotalSeconds),
+            Expires = now.Add(tokenExpiry).UtcDateTime,
+            NotBefore = now.UtcDateTime,
             SigningCredentials = GetSigningCredentials(),
             Audience = "altinn.no",
         };
diff --git a/test/Altinn.App.Api.Tests/TestUtils/AppBuilder.cs b/test/Altinn.App.Api.Tests/TestUtils/AppBuilder.cs
index 6fc035323..da954f912 100644
--- a/test/Altinn.App.Api.Tests/TestUtils/AppBuilder.cs
+++ b/test/Altinn.App.Api.Tests/TestUtils/AppBuilder.cs
@@ -1,7 +1,6 @@
 using Microsoft.AspNetCore.Builder;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
-using Microsoft.Extensions.Hosting;
 
 namespace Altinn.App.Api.Tests.TestUtils;
 
diff --git a/test/Altinn.App.Api.Tests/Utils/PrincipalUtil.cs b/test/Altinn.App.Api.Tests/Utils/PrincipalUtil.cs
index 7ead14239..8c5858c72 100644
--- a/test/Altinn.App.Api.Tests/Utils/PrincipalUtil.cs
+++ b/test/Altinn.App.Api.Tests/Utils/PrincipalUtil.cs
@@ -1,5 +1,9 @@
 using System.Security.Claims;
 using Altinn.App.Api.Tests.Mocks;
+using Altinn.App.Core.Features.Maskinporten;
+using Altinn.App.Core.Features.Maskinporten.Constants;
+using Altinn.App.Core.Features.Maskinporten.Models;
+using Altinn.App.Core.Models;
 using AltinnCore.Authentication.Constants;
 
 namespace Altinn.App.Api.Tests.Utils;
@@ -104,7 +108,13 @@ public static string GetSelfIdentifiedUserToken(string username, string partyId,
         return token;
     }
 
-    public static string GetOrgToken(string org, string orgNo, int authenticationLevel = 4)
+    public static string GetOrgToken(
+        string org,
+        string orgNo,
+        int authenticationLevel = 4,
+        TimeSpan? expiry = null,
+        TimeProvider? timeProvider = null
+    )
     {
         List<Claim> claims = new List<Claim>();
         string issuer = "www.altinn.no";
@@ -123,8 +133,35 @@ public static string GetOrgToken(string org, string orgNo, int authenticationLev
         ClaimsIdentity identity = new ClaimsIdentity("mock");
         identity.AddClaims(claims);
         ClaimsPrincipal principal = new ClaimsPrincipal(identity);
-        string token = JwtTokenMock.GenerateToken(principal, new TimeSpan(1, 1, 1));
+        expiry ??= new TimeSpan(1, 1, 1);
+        string token = JwtTokenMock.GenerateToken(principal, expiry.Value, timeProvider);
 
         return token;
     }
+
+    internal static MaskinportenTokenResponse GetMaskinportenToken(
+        string scope,
+        TimeSpan? expiry = null,
+        TimeProvider? timeProvider = null
+    )
+    {
+        List<Claim> claims = [];
+        const string issuer = "https://test.maskinporten.no/";
+        claims.Add(new Claim(JwtClaimTypes.Scope, scope, ClaimValueTypes.String, issuer));
+        claims.Add(new Claim(JwtClaimTypes.Maskinporten.AuthenticationMethod, "Mock", ClaimValueTypes.String, issuer));
+
+        ClaimsIdentity identity = new("mock");
+        identity.AddClaims(claims);
+        ClaimsPrincipal principal = new(identity);
+        expiry ??= TimeSpan.FromMinutes(2);
+        string accessToken = JwtTokenMock.GenerateToken(principal, expiry.Value, timeProvider);
+
+        return new MaskinportenTokenResponse
+        {
+            AccessToken = JwtToken.Parse(accessToken),
+            ExpiresIn = (int)expiry.Value.TotalSeconds,
+            Scope = scope,
+            TokenType = "Bearer",
+        };
+    }
 }
diff --git a/test/Altinn.App.Core.Tests/Features/Correspondence/Builder/CorrespondenceBuilderTests.cs b/test/Altinn.App.Core.Tests/Features/Correspondence/Builder/CorrespondenceBuilderTests.cs
new file mode 100644
index 000000000..2df94bd52
--- /dev/null
+++ b/test/Altinn.App.Core.Tests/Features/Correspondence/Builder/CorrespondenceBuilderTests.cs
@@ -0,0 +1,532 @@
+using System.Text;
+using Altinn.App.Core.Features.Correspondence.Builder;
+using Altinn.App.Core.Features.Correspondence.Models;
+using Altinn.App.Core.Models;
+using FluentAssertions;
+
+namespace Altinn.App.Core.Tests.Features.Correspondence.Builder;
+
+public class CorrespondenceBuilderTests
+{
+    [Fact]
+    public void Build_WithOnlyRequiredProperties_ShouldReturnValidCorrespondence()
+    {
+        // Arrange
+        OrganisationNumber sender = TestHelpers.GetOrganisationNumber(1);
+        IReadOnlyList<OrganisationOrPersonIdentifier> recipients =
+        [
+            OrganisationOrPersonIdentifier.Create(TestHelpers.GetOrganisationNumber(1)),
+            OrganisationOrPersonIdentifier.Create(TestHelpers.GetOrganisationNumber(2)),
+        ];
+        string resourceId = "resource-id";
+        string sendersReference = "sender-reference";
+        DateTimeOffset allowSystemDeleteAfter = DateTimeOffset.UtcNow.AddDays(60);
+        string contentTitle = "content-title";
+        LanguageCode<Iso6391> contentLanguage = LanguageCode<Iso6391>.Parse("no");
+        string contentSummary = "content-summary";
+        string contentBody = "content-body";
+
+        var builder = CorrespondenceRequestBuilder
+            .Create()
+            .WithResourceId(resourceId)
+            .WithSender(sender)
+            .WithSendersReference(sendersReference)
+            .WithRecipients(recipients)
+            .WithAllowSystemDeleteAfter(allowSystemDeleteAfter)
+            .WithContent(contentLanguage, contentTitle, contentSummary, contentBody);
+
+        // Act
+        var correspondence = builder.Build();
+
+        // Assert
+        correspondence.Should().NotBeNull();
+        correspondence.ResourceId.Should().Be("resource-id");
+        correspondence.Sender.Should().Be(sender);
+        correspondence.SendersReference.Should().Be("sender-reference");
+        correspondence.AllowSystemDeleteAfter.Should().BeExactly(allowSystemDeleteAfter);
+        correspondence.Recipients.Should().BeEquivalentTo(recipients);
+        correspondence.Content.Title.Should().Be(contentTitle);
+        correspondence.Content.Language.Should().Be(contentLanguage);
+        correspondence.Content.Summary.Should().Be(contentSummary);
+        correspondence.Content.Body.Should().Be(contentBody);
+    }
+
+    [Fact]
+    public void Build_WithAllProperties_ShouldReturnValidCorrespondence()
+    {
+        // Arrange
+        var sender = TestHelpers.GetOrganisationNumber(1);
+        var recipient = OrganisationOrPersonIdentifier.Create(TestHelpers.GetOrganisationNumber(2));
+        var data = new
+        {
+            sender,
+            recipient,
+            messageSender = "message-sender",
+            resourceId = "resource-id",
+            sendersReference = "senders-ref",
+            dueDateTime = DateTimeOffset.Now.AddDays(30),
+            allowDeleteAfter = DateTimeOffset.Now.AddDays(60),
+            ignoreReservation = true,
+            requestedPublishTime = DateTimeOffset.Now.AddSeconds(45),
+            propertyList = new Dictionary<string, string> { ["prop1"] = "value1", ["prop2"] = "value2" },
+            content = new
+            {
+                title = "content-title",
+                language = LanguageCode<Iso6391>.Parse("en"),
+                summary = "content-summary",
+                body = "content-body",
+            },
+            notification = new
+            {
+                template = CorrespondenceNotificationTemplate.GenericAltinnMessage,
+                emailSubject = "email-subject-1",
+                emailBody = "email-body-1",
+                smsBody = "sms-body-1",
+                reminderEmailSubject = "reminder-email-subject-1",
+                reminderEmailBody = "reminder-email-body-1",
+                reminderSmsBody = "reminder-sms-body-1",
+                requestedSendTime = DateTimeOffset.Now.AddDays(1),
+                sendersReference = "notification-senders-ref-1",
+                sendReminder = true,
+                notificationChannel = CorrespondenceNotificationChannel.EmailPreferred,
+                reminderNotificationChannel = CorrespondenceNotificationChannel.SmsPreferred,
+            },
+            attachments = new[]
+            {
+                new
+                {
+                    sender,
+                    filename = "file-1.txt",
+                    name = "File 1",
+                    sendersReference = "1234-1",
+                    dataType = "text/plain",
+                    data = "attachment-data-1",
+                    dataLocationType = CorrespondenceDataLocationType.ExistingCorrespondenceAttachment,
+                    isEncrypted = false,
+                    restrictionName = "restriction-name-1",
+                },
+                new
+                {
+                    sender,
+                    filename = "file-2.txt",
+                    name = "File 2",
+                    sendersReference = "1234-2",
+                    dataType = "text/plain",
+                    data = "attachment-data-2",
+                    dataLocationType = CorrespondenceDataLocationType.NewCorrespondenceAttachment,
+                    isEncrypted = true,
+                    restrictionName = "restriction-name-2",
+                },
+                new
+                {
+                    sender,
+                    filename = "file-3.txt",
+                    name = "File 3",
+                    sendersReference = "1234-3",
+                    dataType = "text/plain",
+                    data = "attachment-data-3",
+                    dataLocationType = CorrespondenceDataLocationType.ExisitingExternalStorage,
+                    isEncrypted = false,
+                    restrictionName = "restriction-name-3",
+                },
+            },
+            existingAttachments = new[] { Guid.NewGuid(), Guid.NewGuid(), Guid.NewGuid() },
+            externalReferences = new[]
+            {
+                new { type = CorrespondenceReferenceType.Generic, value = "ref-1" },
+                new { type = CorrespondenceReferenceType.AltinnAppInstance, value = "ref-2" },
+                new { type = CorrespondenceReferenceType.DialogportenDialogId, value = "ref-3" },
+                new { type = CorrespondenceReferenceType.DialogportenProcessId, value = "ref-4" },
+                new { type = CorrespondenceReferenceType.AltinnBrokerFileTransfer, value = "ref-5" },
+            },
+            replyOptions = new[]
+            {
+                new { url = "reply-url-1", text = "reply-text-1" },
+                new { url = "reply-url-2", text = "reply-text-2" },
+            },
+        };
+
+        var builder = CorrespondenceRequestBuilder
+            .Create()
+            .WithResourceId(data.resourceId)
+            .WithSender(data.sender)
+            .WithSendersReference(data.sendersReference)
+            .WithRecipient(data.recipient)
+            .WithAllowSystemDeleteAfter(data.allowDeleteAfter)
+            .WithContent(
+                CorrespondenceContentBuilder
+                    .Create()
+                    .WithLanguage(data.content.language)
+                    .WithTitle(data.content.title)
+                    .WithSummary(data.content.summary)
+                    .WithBody(data.content.body)
+            )
+            .WithNotification(
+                CorrespondenceNotificationBuilder
+                    .Create()
+                    .WithNotificationTemplate(data.notification.template)
+                    .WithEmailSubject(data.notification.emailSubject)
+                    .WithEmailBody(data.notification.emailBody)
+                    .WithSmsBody(data.notification.smsBody)
+                    .WithReminderEmailSubject(data.notification.reminderEmailSubject)
+                    .WithReminderEmailBody(data.notification.reminderEmailBody)
+                    .WithReminderSmsBody(data.notification.reminderSmsBody)
+                    .WithRequestedSendTime(data.notification.requestedSendTime)
+                    .WithSendersReference(data.notification.sendersReference)
+                    .WithSendReminder(data.notification.sendReminder)
+                    .WithNotificationChannel(data.notification.notificationChannel)
+                    .WithReminderNotificationChannel(data.notification.reminderNotificationChannel)
+            )
+            .WithDueDateTime(data.dueDateTime)
+            .WithMessageSender(data.messageSender)
+            .WithIgnoreReservation(data.ignoreReservation)
+            .WithRequestedPublishTime(data.requestedPublishTime)
+            .WithPropertyList(data.propertyList)
+            .WithAttachment(
+                CorrespondenceAttachmentBuilder
+                    .Create()
+                    .WithFilename(data.attachments[0].filename)
+                    .WithName(data.attachments[0].name)
+                    .WithSendersReference(data.attachments[0].sendersReference)
+                    .WithDataType(data.attachments[0].dataType)
+                    .WithData(Encoding.UTF8.GetBytes(data.attachments[0].data))
+                    .WithDataLocationType(data.attachments[0].dataLocationType)
+                    .WithIsEncrypted(data.attachments[0].isEncrypted)
+            )
+            .WithAttachment(
+                new CorrespondenceAttachment
+                {
+                    Filename = data.attachments[1].filename,
+                    Name = data.attachments[1].name,
+                    SendersReference = data.attachments[1].sendersReference,
+                    DataType = data.attachments[1].dataType,
+                    Data = Encoding.UTF8.GetBytes(data.attachments[1].data),
+                    DataLocationType = data.attachments[1].dataLocationType,
+                    IsEncrypted = data.attachments[1].isEncrypted,
+                }
+            )
+            .WithAttachments(
+                [
+                    new CorrespondenceAttachment
+                    {
+                        Filename = data.attachments[2].filename,
+                        Name = data.attachments[2].name,
+                        SendersReference = data.attachments[2].sendersReference,
+                        DataType = data.attachments[2].dataType,
+                        Data = Encoding.UTF8.GetBytes(data.attachments[2].data),
+                        DataLocationType = data.attachments[2].dataLocationType,
+                        IsEncrypted = data.attachments[2].isEncrypted,
+                    },
+                ]
+            )
+            .WithExistingAttachment(data.existingAttachments[0])
+            .WithExistingAttachments(data.existingAttachments.Skip(1).ToList())
+            .WithExternalReference(data.externalReferences[0].type, data.externalReferences[0].value)
+            .WithExternalReferences(
+                data.externalReferences.Skip(1)
+                    .Select(x => new CorrespondenceExternalReference
+                    {
+                        ReferenceType = x.type,
+                        ReferenceValue = x.value,
+                    })
+                    .ToList()
+            )
+            .WithReplyOption(data.replyOptions[0].url, data.replyOptions[0].text)
+            .WithReplyOptions(
+                [
+                    new CorrespondenceReplyOption
+                    {
+                        LinkUrl = data.replyOptions[1].url,
+                        LinkText = data.replyOptions[1].text,
+                    },
+                ]
+            );
+
+        // Act
+        var correspondence = builder.Build();
+
+        // Assert
+        Assert.NotNull(correspondence);
+        Assert.NotNull(correspondence.Content);
+        Assert.NotNull(correspondence.Content.Attachments);
+        Assert.NotNull(correspondence.Notification);
+        Assert.NotNull(correspondence.ExternalReferences);
+        Assert.NotNull(correspondence.ReplyOptions);
+
+        correspondence.ResourceId.Should().Be(data.resourceId);
+        correspondence.Sender.Should().Be(data.sender);
+        correspondence.SendersReference.Should().Be(data.sendersReference);
+        correspondence.Recipients.Should().BeEquivalentTo([data.recipient]);
+        correspondence.DueDateTime.Should().Be(data.dueDateTime);
+        correspondence.AllowSystemDeleteAfter.Should().Be(data.allowDeleteAfter);
+        correspondence.IgnoreReservation.Should().Be(data.ignoreReservation);
+        correspondence.RequestedPublishTime.Should().Be(data.requestedPublishTime);
+        correspondence.PropertyList.Should().BeEquivalentTo(data.propertyList);
+        correspondence.MessageSender.Should().Be(data.messageSender);
+
+        correspondence.Content.Title.Should().Be(data.content.title);
+        correspondence.Content.Language.Should().Be(data.content.language);
+        correspondence.Content.Summary.Should().Be(data.content.summary);
+        correspondence.Content.Body.Should().Be(data.content.body);
+        correspondence.Content.Attachments.Should().HaveCount(data.attachments.Length);
+        for (int i = 0; i < data.attachments.Length; i++)
+        {
+            correspondence.Content.Attachments[i].Filename.Should().Be(data.attachments[i].filename);
+            correspondence.Content.Attachments[i].Name.Should().Be(data.attachments[i].name);
+            correspondence.Content.Attachments[i].IsEncrypted.Should().Be(data.attachments[i].isEncrypted);
+            correspondence.Content.Attachments[i].SendersReference.Should().Be(data.attachments[i].sendersReference);
+            correspondence.Content.Attachments[i].DataType.Should().Be(data.attachments[i].dataType);
+            correspondence.Content.Attachments[i].DataLocationType.Should().Be(data.attachments[i].dataLocationType);
+            Encoding
+                .UTF8.GetString(correspondence.Content.Attachments[i].Data.Span)
+                .Should()
+                .Be(data.attachments[i].data);
+        }
+
+        correspondence.Notification.NotificationTemplate.Should().Be(data.notification.template);
+        correspondence.Notification.EmailSubject.Should().Be(data.notification.emailSubject);
+        correspondence.Notification.EmailBody.Should().Be(data.notification.emailBody);
+        correspondence.Notification.SmsBody.Should().Be(data.notification.smsBody);
+        correspondence.Notification.ReminderEmailSubject.Should().Be(data.notification.reminderEmailSubject);
+        correspondence.Notification.ReminderEmailBody.Should().Be(data.notification.reminderEmailBody);
+        correspondence.Notification.ReminderSmsBody.Should().Be(data.notification.reminderSmsBody);
+        correspondence.Notification.RequestedSendTime.Should().Be(data.notification.requestedSendTime);
+        correspondence.Notification.SendersReference.Should().Be(data.notification.sendersReference);
+        correspondence.Notification.SendReminder.Should().Be(data.notification.sendReminder);
+        correspondence.Notification.NotificationChannel.Should().Be(data.notification.notificationChannel);
+        correspondence
+            .Notification.ReminderNotificationChannel.Should()
+            .Be(data.notification.reminderNotificationChannel);
+
+        correspondence.ExistingAttachments.Should().BeEquivalentTo(data.existingAttachments);
+
+        correspondence.ExternalReferences.Should().HaveCount(data.externalReferences.Length);
+        for (int i = 0; i < data.externalReferences.Length; i++)
+        {
+            correspondence.ExternalReferences[i].ReferenceType.Should().Be(data.externalReferences[i].type);
+            correspondence.ExternalReferences[i].ReferenceValue.Should().Be(data.externalReferences[i].value);
+        }
+
+        correspondence.ReplyOptions.Should().HaveCount(data.replyOptions.Length);
+        for (int i = 0; i < data.replyOptions.Length; i++)
+        {
+            correspondence.ReplyOptions[i].LinkUrl.Should().Be(data.replyOptions[i].url);
+            correspondence.ReplyOptions[i].LinkText.Should().Be(data.replyOptions[i].text);
+        }
+    }
+
+    [Fact]
+    public void Builder_UpdatesAndOverwritesValuesCorrectly()
+    {
+        // Arrange
+        var builder = CorrespondenceRequestBuilder
+            .Create()
+            .WithResourceId("resourceId-1")
+            .WithSender(TestHelpers.GetOrganisationNumber(1))
+            .WithSendersReference("sender-reference-1")
+            .WithRecipient(OrganisationOrPersonIdentifier.Create(TestHelpers.GetOrganisationNumber(1)))
+            .WithAllowSystemDeleteAfter(DateTimeOffset.UtcNow.AddDays(1))
+            .WithContent(
+                CorrespondenceContentBuilder
+                    .Create()
+                    .WithLanguage(LanguageCode<Iso6391>.Parse("no"))
+                    .WithTitle("content-title-1")
+                    .WithSummary("content-summary-1")
+                    .WithBody("content-body-1")
+            )
+            .WithDueDateTime(DateTimeOffset.UtcNow.AddDays(1))
+            .WithNotification(
+                CorrespondenceNotificationBuilder
+                    .Create()
+                    .WithNotificationTemplate(CorrespondenceNotificationTemplate.GenericAltinnMessage)
+                    .WithEmailBody("email-body-1")
+            )
+            .WithReplyOption("url1", "text1")
+            .WithExternalReference(CorrespondenceReferenceType.Generic, "aaa")
+            .WithPropertyList(new Dictionary<string, string> { ["prop1"] = "value1", ["prop2"] = "value2" })
+            .WithExistingAttachment(Guid.Parse("a3ac4826-5873-4ecb-9fe7-dc4cfccd0afa"))
+            .WithRequestedPublishTime(DateTime.Today)
+            .WithIgnoreReservation(true);
+
+        builder.WithResourceId("resourceId-2");
+        builder.WithSender(TestHelpers.GetOrganisationNumber(2).Get(OrganisationNumberFormat.Local));
+        builder.WithSendersReference("sender-reference-2");
+        builder.WithRecipient(TestHelpers.GetOrganisationNumber(2).Get(OrganisationNumberFormat.International));
+        builder.WithRecipients(
+            [
+                OrganisationOrPersonIdentifier.Create(TestHelpers.GetOrganisationNumber(3)),
+                OrganisationOrPersonIdentifier.Create(TestHelpers.GetNationalIdentityNumber(4)),
+            ]
+        );
+        builder.WithRecipients(
+            [
+                TestHelpers.GetOrganisationNumber(5).Get(OrganisationNumberFormat.Local),
+                TestHelpers.GetNationalIdentityNumber(6).Value,
+            ]
+        );
+        builder.WithDueDateTime(DateTimeOffset.UtcNow.AddDays(2));
+        builder.WithAllowSystemDeleteAfter(DateTimeOffset.UtcNow.AddDays(2));
+        builder.WithContent("en", "content-title-2", "content-summary-2", "content-body-2");
+        builder.WithNotification(
+            CorrespondenceNotificationBuilder
+                .Create()
+                .WithNotificationTemplate(CorrespondenceNotificationTemplate.CustomMessage)
+                .WithEmailBody("email-body-2")
+        );
+        builder.WithExternalReference(CorrespondenceReferenceType.Generic, "aaa");
+        builder.WithExternalReference(
+            new CorrespondenceExternalReference
+            {
+                ReferenceType = CorrespondenceReferenceType.AltinnAppInstance,
+                ReferenceValue = "bbb",
+            }
+        );
+        builder.WithExternalReferences(
+            [
+                new CorrespondenceExternalReference
+                {
+                    ReferenceType = CorrespondenceReferenceType.DialogportenProcessId,
+                    ReferenceValue = "ccc",
+                },
+            ]
+        );
+        builder.WithReplyOption("url2", "text2");
+        builder.WithReplyOption(new CorrespondenceReplyOption { LinkUrl = "url3", LinkText = "text3" });
+        builder.WithReplyOptions([new CorrespondenceReplyOption { LinkUrl = "url4", LinkText = "text4" }]);
+        builder.WithPropertyList(new Dictionary<string, string> { ["prop2"] = "value2-redux", ["prop3"] = "value3" });
+        builder.WithExistingAttachment(Guid.Parse("eeb67483-7d6d-40dc-9861-3fc1beff7608"));
+        builder.WithExistingAttachments([Guid.Parse("9a12dfd9-6c70-489c-8b3d-77bb188c64b3")]);
+        builder.WithRequestedPublishTime(DateTime.Today.AddDays(1));
+
+        // Act
+        var correspondence = builder.Build();
+
+        // Assert
+        Assert.NotNull(correspondence);
+        Assert.NotNull(correspondence.Notification);
+
+        correspondence.ResourceId.Should().Be("resourceId-2");
+        correspondence.Sender.Should().Be(TestHelpers.GetOrganisationNumber(2));
+        correspondence.SendersReference.Should().Be("sender-reference-2");
+        correspondence.AllowSystemDeleteAfter.Should().BeSameDateAs(DateTimeOffset.UtcNow.AddDays(2));
+        correspondence.DueDateTime.Should().BeSameDateAs(DateTimeOffset.UtcNow.AddDays(2));
+        correspondence.Recipients.Should().HaveCount(6);
+        correspondence
+            .Recipients.Select(x => x.ToString())
+            .Should()
+            .BeEquivalentTo(
+                [
+                    TestHelpers.GetOrganisationNumber(1).Get(OrganisationNumberFormat.Local),
+                    TestHelpers.GetOrganisationNumber(2).Get(OrganisationNumberFormat.Local),
+                    TestHelpers.GetOrganisationNumber(3).Get(OrganisationNumberFormat.Local),
+                    TestHelpers.GetNationalIdentityNumber(4).Value,
+                    TestHelpers.GetOrganisationNumber(5).Get(OrganisationNumberFormat.Local),
+                    TestHelpers.GetNationalIdentityNumber(6).Value,
+                ]
+            );
+        correspondence.Content.Title.Should().Be("content-title-2");
+        correspondence.Content.Language.Should().Be(LanguageCode<Iso6391>.Parse("en"));
+        correspondence.Content.Summary.Should().Be("content-summary-2");
+        correspondence.Content.Body.Should().Be("content-body-2");
+        correspondence.Notification.NotificationTemplate.Should().Be(CorrespondenceNotificationTemplate.CustomMessage);
+        correspondence.Notification.EmailBody.Should().Be("email-body-2");
+        correspondence
+            .ExternalReferences.Should()
+            .BeEquivalentTo(
+                [
+                    new CorrespondenceExternalReference
+                    {
+                        ReferenceType = CorrespondenceReferenceType.Generic,
+                        ReferenceValue = "aaa",
+                    },
+                    new CorrespondenceExternalReference
+                    {
+                        ReferenceType = CorrespondenceReferenceType.Generic,
+                        ReferenceValue = "aaa",
+                    },
+                    new CorrespondenceExternalReference
+                    {
+                        ReferenceType = CorrespondenceReferenceType.AltinnAppInstance,
+                        ReferenceValue = "bbb",
+                    },
+                    new CorrespondenceExternalReference
+                    {
+                        ReferenceType = CorrespondenceReferenceType.DialogportenProcessId,
+                        ReferenceValue = "ccc",
+                    },
+                ]
+            );
+        correspondence
+            .ReplyOptions.Should()
+            .BeEquivalentTo(
+                [
+                    new CorrespondenceReplyOption { LinkUrl = "url1", LinkText = "text1" },
+                    new CorrespondenceReplyOption { LinkUrl = "url2", LinkText = "text2" },
+                    new CorrespondenceReplyOption { LinkUrl = "url3", LinkText = "text3" },
+                    new CorrespondenceReplyOption { LinkUrl = "url4", LinkText = "text4" },
+                ]
+            );
+        correspondence
+            .PropertyList.Should()
+            .BeEquivalentTo(
+                new Dictionary<string, string>
+                {
+                    ["prop1"] = "value1",
+                    ["prop2"] = "value2-redux",
+                    ["prop3"] = "value3",
+                }
+            );
+        correspondence
+            .ExistingAttachments!.Select(x => x.ToString())
+            .Should()
+            .BeEquivalentTo(
+                [
+                    "a3ac4826-5873-4ecb-9fe7-dc4cfccd0afa",
+                    "eeb67483-7d6d-40dc-9861-3fc1beff7608",
+                    "9a12dfd9-6c70-489c-8b3d-77bb188c64b3",
+                ]
+            );
+        correspondence.RequestedPublishTime.Should().BeSameDateAs(DateTime.Today.AddDays(1));
+        correspondence.IgnoreReservation.Should().BeTrue();
+    }
+
+    [Fact]
+    public void Builder_ValueTypeOverloads_ValidateInput()
+    {
+        // Arrange
+        var baseBuilder = CorrespondenceRequestBuilder
+            .Create()
+            .WithResourceId("resourceId-1")
+            .WithSender(TestHelpers.GetOrganisationNumber(1))
+            .WithSendersReference("sender-reference-1")
+            .WithRecipient(OrganisationOrPersonIdentifier.Create(TestHelpers.GetOrganisationNumber(1)))
+            .WithAllowSystemDeleteAfter(DateTimeOffset.UtcNow.AddDays(1))
+            .WithContent(
+                CorrespondenceContentBuilder
+                    .Create()
+                    .WithLanguage(LanguageCode<Iso6391>.Parse("no"))
+                    .WithTitle("content-title-1")
+                    .WithSummary("content-summary-1")
+                    .WithBody("content-body-1")
+            );
+
+        // Act
+        var act1 = () =>
+        {
+            baseBuilder.WithSender("123456789");
+        };
+        var act2 = () =>
+        {
+            baseBuilder.WithRecipient("123456789");
+        };
+        var act3 = () =>
+        {
+            CorrespondenceContentBuilder.Create().WithLanguage("nope");
+        };
+
+        // Assert
+        act1.Should().Throw<FormatException>();
+        act2.Should().Throw<FormatException>();
+        act3.Should().Throw<FormatException>();
+    }
+}
diff --git a/test/Altinn.App.Core.Tests/Features/Correspondence/CorrespondenceClientTests.cs b/test/Altinn.App.Core.Tests/Features/Correspondence/CorrespondenceClientTests.cs
new file mode 100644
index 000000000..45e62b47f
--- /dev/null
+++ b/test/Altinn.App.Core.Tests/Features/Correspondence/CorrespondenceClientTests.cs
@@ -0,0 +1,385 @@
+using System.Net;
+using Altinn.App.Api.Tests.Utils;
+using Altinn.App.Core.Features.Correspondence;
+using Altinn.App.Core.Features.Correspondence.Builder;
+using Altinn.App.Core.Features.Correspondence.Exceptions;
+using Altinn.App.Core.Features.Correspondence.Models;
+using Altinn.App.Core.Features.Maskinporten;
+using Altinn.App.Core.Features.Maskinporten.Models;
+using Altinn.App.Core.Models;
+using FluentAssertions;
+using Microsoft.AspNetCore.Builder;
+using Microsoft.Extensions.DependencyInjection;
+using Moq;
+using Xunit.Sdk;
+
+namespace Altinn.App.Core.Tests.Features.Correspondence;
+
+public class CorrespondenceClientTests
+{
+    private sealed record Fixture(WebApplication App) : IAsyncDisposable
+    {
+        public Mock<IHttpClientFactory> HttpClientFactoryMock =>
+            Mock.Get(App.Services.GetRequiredService<IHttpClientFactory>());
+
+        public Mock<IMaskinportenClient> MaskinportenClientMock =>
+            Mock.Get(App.Services.GetRequiredService<IMaskinportenClient>());
+
+        public ICorrespondenceClient CorrespondenceClient => App.Services.GetRequiredService<ICorrespondenceClient>();
+
+        public static Fixture Create()
+        {
+            var mockHttpClientFactory = new Mock<IHttpClientFactory>();
+            var mockMaskinportenClient = new Mock<IMaskinportenClient>();
+
+            var app = Api.Tests.TestUtils.AppBuilder.Build(registerCustomAppServices: services =>
+            {
+                services.AddSingleton(mockHttpClientFactory.Object);
+                services.AddSingleton(mockMaskinportenClient.Object);
+                services.Configure<MaskinportenSettings>(options =>
+                {
+                    options.Authority = "https://maskinporten.dev/";
+                    options.ClientId = "test-client-id";
+                    options.JwkBase64 =
+                        "ewogICAgICAicCI6ICItU09GNmp3V0N3b19nSlByTnJhcVNkNnZRckFzRmxZd1VScHQ0NC1BNlRXUnBoaUo4b3czSTNDWGxxUG1LeG5VWDVDcnd6SF8yeldTNGtaaU9zQTMtajhiUE9hUjZ2a3pRSG14YmFkWmFmZjBUckdJajNQUlhxcVdMRHdsZjNfNklDV2gzOFhodXNBeDVZRE0tRm8zZzRLVWVHM2NxMUFvTkJ4NHV6Sy1IRHMiLAogICAgICAia3R5IjogIlJTQSIsCiAgICAgICJxIjogIndwWUlpOVZJLUJaRk9aYUNaUmVhYm4xWElQbW8tbEJIendnc1RCdHVfeUJma1FQeGI1Q1ZnZFFnaVQ4dTR3Tkl4NC0zb2ROdXhsWGZING1Hc25xOWFRaFlRNFEyc2NPUHc5V2dNM1dBNE1GMXNQQXgzUGJLRkItU01RZmZ4aXk2cVdJSmRQSUJ4OVdFdnlseW9XbEhDcGZsUWplT3U2dk43WExsZ3c5T2JhVSIsCiAgICAgICJkIjogIks3Y3pqRktyWUJfRjJYRWdoQ1RQY2JTbzZZdExxelFwTlZleF9HZUhpTmprWmNpcEVaZ3g4SFhYLXpNSi01ZWVjaTZhY1ZjSzhhZzVhQy01Mk84LTU5aEU3SEE2M0FoRzJkWFdmamdQTXhaVE9MbnBheWtZbzNWa0NGNF9FekpLYmw0d2ludnRuTjBPc2dXaVZiTDFNZlBjWEdqbHNTUFBIUlAyaThDajRqX21OM2JVcy1FbVM5UzktSXlia1luYV9oNUMxMEluXy1tWHpsQ2dCNU9FTXFzd2tNUWRZVTBWbHVuWHM3YXlPT0h2WWpQMWFpYml0MEpyay1iWVFHSy1mUVFFVWNZRkFSN1ZLMkxIaUJwU0NvbzBiSjlCQ1BZb196bTVNVnVId21xbzNtdml1Vy1lMnVhbW5xVHpZUEVWRE1lMGZBSkZtcVBGcGVwTzVfcXE2USIsCiAgICAgICJlIjogIkFRQUIiLAogICAgICAidXNlIjogInNpZyIsCiAgICAgICJraWQiOiAiYXNkZjEyMzQiLAogICAgICAicWkiOiAicXpFUUdXOHBPVUgtR2pCaFUwVXNhWWtEM2dWTVJvTF9CbGlRckp4ZTAwY29YeUtIZGVEX2M1bDFDNFFJZzRJSjZPMnFZZ2wyamRnWVNmVHA0S2NDNk1Obm8tSVFiSnlPRDU2Qmo4eVJUUjA5TkZvTGhDUjNhY0xmMkhwTXNKNUlqbTdBUHFPVWlCeW9hVkExRlR4bzYtZGNfZ1NiQjh1ZDI2bFlFRHdsYWMwIiwKICAgICAgImRwIjogInRnTU14N2FFQ0NiQmctY005Vmo0Q2FXbGR0d01LWGxvTFNoWTFlSTJOS3BOTVFKR2JhdWdjTVRHQ21qTk1fblgzTVZ0cHRvMWFPbTMySlhCRjlqc1RHZWtONWJmVGNJbmZsZ3Bsc21uR2pMckNqN0xYTG9wWUxiUnBabF9iNm1JaThuU2ZCQXVQR2hEUzc4UWZfUXhFR1Bxb2h6cEZVTW5UQUxzOVI0Nkk1YyIsCiAgICAgICJhbGciOiAiUlMyNTYiLAogICAgICAiZHEiOiAibE40cF9ha1lZVXpRZTBWdHp4LW1zNTlLLUZ4bzdkQmJqOFhGOWhnSzdENzlQam5SRGJTRTNVWEgtcGlQSzNpSXhyeHFGZkZuVDJfRS15REJIMjBOMmZ4YllwUVZNQnpZc1UtUGQ2OFBBV1Nnd05TU29XVmhwdEdjaTh4bFlfMDJkWDRlbEF6T1ZlOUIxdXBEMjc5cWJXMVdKVG5TQmp4am1LVU5lQjVPdDAwIiwKICAgICAgIm4iOiAidlY3dW5TclNnekV3ZHo0dk8wTnNmWDB0R1NwT2RITE16aDFseUVtU2RYbExmeVYtcUxtbW9qUFI3S2pUU2NDbDI1SFI4SThvWG1mcDhSZ19vbnA0LUlZWW5ZV0RTNngxVlViOVlOQ3lFRTNQQTUtVjlOYzd5ckxxWXpyMTlOSkJmdmhJVEd5QUFVTjFCeW5JeXJ5NFFMbHRYYTRKSTFiLTh2QXNJQ0xyU1dQZDdibWxrOWo3bU1jV3JiWlNIZHNTMGNpVFgzYTc2UXdMb0F2SW54RlhCU0ludXF3ZVhnVjNCZDFQaS1DZGpCR0lVdXVyeVkybEwybmRnVHZUY2tZUTBYeEtGR3lCdDNaMEhJMzRBRFBrVEZneWFMX1F4NFpIZ3d6ZjRhTHBXaHF3OGVWanpPMXlucjJ3OUd4b2dSN1pWUjY3VFI3eUxSS3VrMWdIdFlkUkJ3IgogICAgfQ==";
+                });
+            });
+
+            return new Fixture(app);
+        }
+
+        public async ValueTask DisposeAsync() => await App.DisposeAsync();
+    }
+
+    private static class PayloadFactory
+    {
+        private static readonly Func<Task<JwtToken>> _defaultTokenFactory = async () =>
+            await Task.FromResult(
+                JwtToken.Parse(
+                    "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJpdHMtYS1tZSJ9.wLLw4Timcl9gnQvA93RgREz-6S5y1UfzI_GYVI_XVDA"
+                )
+            );
+
+        public static SendCorrespondencePayload Send(
+            Func<Task<JwtToken>>? tokenFactory = default,
+            CorrespondenceAuthorisation? authorisation = default
+        )
+        {
+            var request = CorrespondenceRequestBuilder
+                .Create()
+                .WithResourceId("resource-id")
+                .WithSender(OrganisationNumber.Parse("991825827"))
+                .WithSendersReference("senders-ref")
+                .WithRecipient(OrganisationOrPersonIdentifier.Parse("213872702"))
+                .WithAllowSystemDeleteAfter(DateTime.Now.AddYears(1))
+                .WithContent(
+                    CorrespondenceContentBuilder
+                        .Create()
+                        .WithLanguage(LanguageCode<Iso6391>.Parse("en"))
+                        .WithTitle("message-title")
+                        .WithSummary("message-summary")
+                        .WithBody("message-body")
+                )
+                .Build();
+
+            return authorisation is null
+                ? new SendCorrespondencePayload(request, tokenFactory ?? _defaultTokenFactory)
+                : new SendCorrespondencePayload(request, authorisation.Value);
+        }
+
+        public static GetCorrespondenceStatusPayload GetStatus(
+            Func<Task<JwtToken>>? tokenFactory = default,
+            CorrespondenceAuthorisation? authorisation = default
+        )
+        {
+            return authorisation is null
+                ? new GetCorrespondenceStatusPayload(Guid.NewGuid(), tokenFactory ?? _defaultTokenFactory)
+                : new GetCorrespondenceStatusPayload(Guid.NewGuid(), authorisation.Value);
+        }
+    }
+
+    [Fact]
+    public async Task Send_SuccessfulResponse_ReturnsCorrectResponse()
+    {
+        // Arrange
+        await using var fixture = Fixture.Create();
+        var mockHttpClientFactory = fixture.HttpClientFactoryMock;
+        var mockHttpClient = new Mock<HttpClient>();
+
+        var payload = PayloadFactory.Send();
+        var responseMessage = new HttpResponseMessage(HttpStatusCode.OK)
+        {
+            Content = new StringContent(
+                """
+                {
+                    "correspondences": [
+                        {
+                            "correspondenceId": "cf7a4a9f-45ce-46b9-b110-4f263b395842",
+                            "status": "Initialized",
+                            "recipient": "0192:213872702",
+                            "notifications": [
+                                {
+                                    "orderId": "05119865-6d46-415c-a2d7-65b9cd173e13",
+                                    "isReminder": false,
+                                    "status": "Success"
+                                }
+                            ]
+                        }
+                    ],
+                    "attachmentIds": [
+                        "25b87c22-e7cc-4c07-95eb-9afa32e3ee7b"
+                    ]
+                }
+                """
+            ),
+        };
+
+        mockHttpClientFactory.Setup(f => f.CreateClient(It.IsAny<string>())).Returns(mockHttpClient.Object);
+        mockHttpClient
+            .Setup(c => c.SendAsync(It.IsAny<HttpRequestMessage>(), It.IsAny<CancellationToken>()))
+            .ReturnsAsync(responseMessage);
+
+        // Act
+        var result = await fixture.CorrespondenceClient.Send(payload);
+
+        // Assert
+        Assert.NotNull(result);
+        result.AttachmentIds.Should().ContainSingle("25b87c22-e7cc-4c07-95eb-9afa32e3ee7b");
+        result.Correspondences.Should().HaveCount(1);
+        result.Correspondences[0].CorrespondenceId.Should().Be("cf7a4a9f-45ce-46b9-b110-4f263b395842");
+    }
+
+    [Fact]
+    public async Task GetStatus_SuccessfulResponse_ReturnsCorrectResponse()
+    {
+        // Arrange
+        await using var fixture = Fixture.Create();
+        var mockHttpClientFactory = fixture.HttpClientFactoryMock;
+        var mockHttpClient = new Mock<HttpClient>();
+
+        var payload = PayloadFactory.GetStatus();
+        var responseMessage = new HttpResponseMessage(HttpStatusCode.OK)
+        {
+            Content = new StringContent(
+                """
+                {
+                    "statusHistory": [
+                        {
+                            "status": "Published",
+                            "statusText": "Published"
+                        }
+                    ],
+                    "recipient": "0192:213872702",
+                    "correspondenceId": "94fa9dd9-734e-4712-9d49-4018aeb1a5dc",
+                    "resourceId": "apps-correspondence-integrasjon2",
+                    "sender": "0192:991825827",
+                    "sendersReference": "1234",
+                    "isConfirmationNeeded": true
+                }
+                """
+            ),
+        };
+
+        mockHttpClientFactory.Setup(f => f.CreateClient(It.IsAny<string>())).Returns(mockHttpClient.Object);
+        mockHttpClient
+            .Setup(c => c.SendAsync(It.IsAny<HttpRequestMessage>(), It.IsAny<CancellationToken>()))
+            .ReturnsAsync(responseMessage);
+
+        // Act
+        var result = await fixture.CorrespondenceClient.GetStatus(payload);
+
+        // Assert
+        Assert.NotNull(result);
+        result.StatusHistory.Should().HaveCount(1);
+        result.StatusHistory.First().Status.Should().Be(CorrespondenceStatus.Published);
+        result.Recipient.Should().Be("0192:213872702");
+        result.CorrespondenceId.Should().Be(Guid.Parse("94fa9dd9-734e-4712-9d49-4018aeb1a5dc"));
+        result.ResourceId.Should().Be("apps-correspondence-integrasjon2");
+        result.Sender.Should().Be(OrganisationNumber.Parse("991825827"));
+        result.SendersReference.Should().Be("1234");
+        result.IsConfirmationNeeded.Should().BeTrue();
+    }
+
+    [Theory]
+    [InlineData(HttpStatusCode.BadRequest)]
+    [InlineData(HttpStatusCode.InternalServerError)]
+    public async Task FailedResponse_ThrowsCorrespondenceRequestException(HttpStatusCode httpStatusCode)
+    {
+        // Arrange
+        await using var fixture = Fixture.Create();
+        var mockHttpClientFactory = fixture.HttpClientFactoryMock;
+        var mockHttpClient = new Mock<HttpClient>();
+        var responseMessage = new HttpResponseMessage(httpStatusCode)
+        {
+            Content = httpStatusCode switch
+            {
+                HttpStatusCode.BadRequest => new StringContent(
+                    """
+                    {
+                        "type": "https://tools.ietf.org/html/rfc9110#section-15.5.1",
+                        "title": "Bad Request",
+                        "status": 400,
+                        "detail": "For upload requests at least one attachment has to be included",
+                        "traceId": "00-3ceaba074547008ac46f622fd67d6c6e-e4129c2b46370667-00"
+                    }
+                    """
+                ),
+                _ => null,
+            },
+        };
+
+        mockHttpClientFactory.Setup(f => f.CreateClient(It.IsAny<string>())).Returns(mockHttpClient.Object);
+        mockHttpClient
+            .Setup(c => c.SendAsync(It.IsAny<HttpRequestMessage>(), It.IsAny<CancellationToken>()))
+            .ReturnsAsync(responseMessage);
+
+        // Act
+        Func<Task> send = async () =>
+        {
+            await fixture.CorrespondenceClient.Send(PayloadFactory.Send());
+        };
+        Func<Task> getStatus = async () =>
+        {
+            await fixture.CorrespondenceClient.GetStatus(PayloadFactory.GetStatus());
+        };
+
+        // Assert
+        await send.Should().ThrowAsync<CorrespondenceRequestException>();
+        await getStatus.Should().ThrowAsync<CorrespondenceRequestException>();
+    }
+
+    [Fact]
+    public async Task KnownCorrespondenceException_IsHandled()
+    {
+        // Arrange
+        await using var fixture = Fixture.Create();
+        var mockHttpClientFactory = fixture.HttpClientFactoryMock;
+        var mockHttpClient = new Mock<HttpClient>();
+
+        mockHttpClientFactory.Setup(f => f.CreateClient(It.IsAny<string>())).Returns(mockHttpClient.Object);
+        mockHttpClient
+            .Setup(c => c.SendAsync(It.IsAny<HttpRequestMessage>(), It.IsAny<CancellationToken>()))
+            .ReturnsAsync(
+                () =>
+                    throw new CorrespondenceRequestException(
+                        "Yikes",
+                        new CorrespondenceRequestException("Sometimes there's an inner exception")
+                    )
+            );
+
+        // Act
+        Func<Task> send = async () =>
+        {
+            await fixture.CorrespondenceClient.Send(PayloadFactory.Send());
+        };
+        Func<Task> getStatus = async () =>
+        {
+            await fixture.CorrespondenceClient.GetStatus(PayloadFactory.GetStatus());
+        };
+
+        // Assert
+        await send.Should()
+            .ThrowAsync<CorrespondenceRequestException>()
+            .WithInnerExceptionExactly(typeof(CorrespondenceRequestException));
+        await getStatus
+            .Should()
+            .ThrowAsync<CorrespondenceRequestException>()
+            .WithInnerExceptionExactly(typeof(CorrespondenceRequestException));
+    }
+
+    [Fact]
+    public async Task UnexpectedException_IsHandled()
+    {
+        // Arrange
+        await using var fixture = Fixture.Create();
+        var mockHttpClientFactory = fixture.HttpClientFactoryMock;
+        var mockHttpClient = new Mock<HttpClient>();
+
+        mockHttpClientFactory.Setup(f => f.CreateClient(It.IsAny<string>())).Returns(mockHttpClient.Object);
+        mockHttpClient
+            .Setup(c => c.SendAsync(It.IsAny<HttpRequestMessage>(), It.IsAny<CancellationToken>()))
+            .ReturnsAsync(() => throw new HttpRequestException("Surprise!"));
+
+        // Act
+        Func<Task> send = async () =>
+        {
+            await fixture.CorrespondenceClient.Send(PayloadFactory.Send());
+        };
+        Func<Task> getStatus = async () =>
+        {
+            await fixture.CorrespondenceClient.GetStatus(PayloadFactory.GetStatus());
+        };
+
+        // Assert
+        await send.Should()
+            .ThrowAsync<CorrespondenceRequestException>()
+            .WithInnerExceptionExactly(typeof(HttpRequestException));
+        await getStatus
+            .Should()
+            .ThrowAsync<CorrespondenceRequestException>()
+            .WithInnerExceptionExactly(typeof(HttpRequestException));
+    }
+
+    [Fact]
+    public async Task AuthorisationFactory_ImplementsMaskinportenCorrectly()
+    {
+        // Arrange
+        await using var fixture = Fixture.Create();
+        IEnumerable<string>? capturedMaskinportenScopes = null;
+        var mockHttpClientFactory = fixture.HttpClientFactoryMock;
+        var mockMaskinportenClient = fixture.MaskinportenClientMock;
+        var mockHttpClient = new Mock<HttpClient>();
+        var correspondencePayload = PayloadFactory.Send(authorisation: CorrespondenceAuthorisation.Maskinporten);
+        var altinnTokenResponse = PrincipalUtil.GetOrgToken("ttd");
+        var altinnTokenWrapperResponse = JwtToken.Parse(altinnTokenResponse);
+        var correspondenceResponse = new SendCorrespondenceResponse
+        {
+            Correspondences =
+            [
+                new CorrespondenceDetailsResponse
+                {
+                    CorrespondenceId = Guid.NewGuid(),
+                    Status = CorrespondenceStatus.Published,
+                    Recipient = OrganisationOrPersonIdentifier.Parse("991825827"),
+                },
+            ],
+        };
+
+        mockHttpClientFactory.Setup(f => f.CreateClient(It.IsAny<string>())).Returns(mockHttpClient.Object);
+        mockMaskinportenClient
+            .Setup(m => m.GetAltinnExchangedToken(It.IsAny<IEnumerable<string>>(), It.IsAny<CancellationToken>()))
+            .Callback<IEnumerable<string>, CancellationToken>(
+                (scopes, _) =>
+                {
+                    capturedMaskinportenScopes = scopes;
+                }
+            )
+            .ReturnsAsync(() => altinnTokenWrapperResponse)
+            .Verifiable(Times.Once);
+        mockHttpClient
+            .Setup(c => c.SendAsync(It.IsAny<HttpRequestMessage>(), It.IsAny<CancellationToken>()))
+            .ReturnsAsync(
+                (HttpRequestMessage request, CancellationToken _) =>
+                    request.RequestUri!.AbsolutePath switch
+                    {
+                        var path when path.EndsWith("/exchange/maskinporten") => TestHelpers.ResponseMessageFactory(
+                            altinnTokenResponse
+                        ),
+                        var path when path.EndsWith("/correspondence/upload") => TestHelpers.ResponseMessageFactory(
+                            correspondenceResponse
+                        ),
+                        _ => throw FailException.ForFailure($"Unknown mock endpoint: {request.RequestUri}"),
+                    }
+            );
+
+        // Act
+        var response = await fixture.CorrespondenceClient.Send(correspondencePayload);
+
+        // Assert
+        response.Should().BeEquivalentTo(correspondenceResponse);
+        mockMaskinportenClient.Verify();
+        capturedMaskinportenScopes
+            .Should()
+            .BeEquivalentTo(["altinn:correspondence.write", "altinn:serviceowner/instances.read"]);
+    }
+}
diff --git a/test/Altinn.App.Core.Tests/Features/Correspondence/Models/CorrespondenceRequestTests.cs b/test/Altinn.App.Core.Tests/Features/Correspondence/Models/CorrespondenceRequestTests.cs
new file mode 100644
index 000000000..525660fcc
--- /dev/null
+++ b/test/Altinn.App.Core.Tests/Features/Correspondence/Models/CorrespondenceRequestTests.cs
@@ -0,0 +1,300 @@
+using System.Text;
+using Altinn.App.Core.Features.Correspondence.Models;
+using Altinn.App.Core.Models;
+using FluentAssertions;
+
+namespace Altinn.App.Core.Tests.Features.Correspondence.Models;
+
+public class CorrespondenceRequestTests
+{
+    [Fact]
+    public async Task Serialise_ShouldAddCorrectFields()
+    {
+        // Arrange
+        var multipartContent = new MultipartFormDataContent();
+        var correspondence = new CorrespondenceRequest
+        {
+            ResourceId = "resource-id",
+            Sender = TestHelpers.GetOrganisationNumber(0),
+            SendersReference = "senders-reference",
+            RequestedPublishTime = DateTimeOffset.UtcNow.AddDays(1),
+            AllowSystemDeleteAfter = DateTimeOffset.UtcNow.AddDays(2),
+            DueDateTime = DateTimeOffset.UtcNow.AddDays(2),
+            IgnoreReservation = true,
+            MessageSender = "message-sender",
+            Recipients =
+            [
+                OrganisationOrPersonIdentifier.Create(TestHelpers.GetOrganisationNumber(1)),
+                OrganisationOrPersonIdentifier.Create(TestHelpers.GetNationalIdentityNumber(1)),
+            ],
+            Content = new CorrespondenceContent
+            {
+                Title = "title",
+                Body = "body",
+                Summary = "summary",
+                Language = LanguageCode<Iso6391>.Parse("no"),
+                Attachments =
+                [
+                    new CorrespondenceAttachment
+                    {
+                        Filename = "filename-1",
+                        Name = "name-1",
+                        SendersReference = "senders-reference-1",
+                        DataType = "application/pdf",
+                        Data = "data"u8.ToArray(),
+                    },
+                    new CorrespondenceAttachment
+                    {
+                        Filename = "filename-2",
+                        Name = "name-2",
+                        SendersReference = "senders-reference-2",
+                        DataType = "plain/text",
+                        Data = "data"u8.ToArray(),
+                        DataLocationType = CorrespondenceDataLocationType.NewCorrespondenceAttachment,
+                        IsEncrypted = true,
+                    },
+                ],
+            },
+            ExternalReferences =
+            [
+                new CorrespondenceExternalReference
+                {
+                    ReferenceType = CorrespondenceReferenceType.AltinnAppInstance,
+                    ReferenceValue = "reference-1",
+                },
+                new CorrespondenceExternalReference
+                {
+                    ReferenceType = CorrespondenceReferenceType.AltinnBrokerFileTransfer,
+                    ReferenceValue = "reference-2",
+                },
+                new CorrespondenceExternalReference
+                {
+                    ReferenceType = CorrespondenceReferenceType.DialogportenDialogId,
+                    ReferenceValue = "reference-3",
+                },
+                new CorrespondenceExternalReference
+                {
+                    ReferenceType = CorrespondenceReferenceType.DialogportenProcessId,
+                    ReferenceValue = "reference-4",
+                },
+                new CorrespondenceExternalReference
+                {
+                    ReferenceType = CorrespondenceReferenceType.Generic,
+                    ReferenceValue = "reference-5",
+                },
+            ],
+            PropertyList = new Dictionary<string, string> { { "key-1", "value-1" }, { "key-2", "value-2" } },
+            ReplyOptions =
+            [
+                new CorrespondenceReplyOption { LinkUrl = "link-url-1", LinkText = "link-text-1" },
+                new CorrespondenceReplyOption { LinkUrl = "link-url-2", LinkText = "link-text-2" },
+            ],
+            Notification = new CorrespondenceNotification
+            {
+                NotificationTemplate = CorrespondenceNotificationTemplate.CustomMessage,
+                EmailSubject = "email-subject",
+                EmailBody = "email-body",
+                SmsBody = "sms-body",
+                SendReminder = true,
+                ReminderEmailSubject = "reminder-email-subject",
+                ReminderEmailBody = "reminder-email-body",
+                ReminderSmsBody = "reminder-sms-body",
+                NotificationChannel = CorrespondenceNotificationChannel.EmailPreferred,
+                ReminderNotificationChannel = CorrespondenceNotificationChannel.SmsPreferred,
+                SendersReference = "senders-reference",
+                RequestedSendTime = DateTimeOffset.UtcNow,
+            },
+            ExistingAttachments = [Guid.NewGuid(), Guid.NewGuid()],
+        };
+
+        // Act
+        correspondence.Serialise(multipartContent);
+        // csharpier-ignore
+
+        // Assert
+        var expectedSerialisation = new Dictionary<string, object>
+        {
+            ["Recipients[0]"] = correspondence.Recipients[0],
+            ["Recipients[1]"] = correspondence.Recipients[1],
+            ["Correspondence.ResourceId"] = correspondence.ResourceId,
+            ["Correspondence.Sender"] = correspondence.Sender,
+            ["Correspondence.SendersReference"] = correspondence.SendersReference,
+            ["Correspondence.RequestedPublishTime"] = correspondence.RequestedPublishTime,
+            ["Correspondence.AllowSystemDeleteAfter"] = correspondence.AllowSystemDeleteAfter,
+            ["Correspondence.DueDateTime"] = correspondence.DueDateTime,
+            ["Correspondence.MessageSender"] = correspondence.MessageSender,
+            ["Correspondence.IgnoreReservation"] = correspondence.IgnoreReservation,
+            ["Correspondence.Content.Language"] = correspondence.Content.Language,
+            ["Correspondence.Content.MessageTitle"] = correspondence.Content.Title,
+            ["Correspondence.Content.MessageSummary"] = correspondence.Content.Summary,
+            ["Correspondence.Content.MessageBody"] = correspondence.Content.Body,
+            ["Correspondence.Content.Attachments[0].Filename"] = correspondence.Content.Attachments[0].Filename,
+            ["Correspondence.Content.Attachments[0].Name"] = correspondence.Content.Attachments[0].Name,
+            ["Correspondence.Content.Attachments[0].SendersReference"] = correspondence.Content.Attachments[0].SendersReference,
+            ["Correspondence.Content.Attachments[0].DataType"] = correspondence.Content.Attachments[0].DataType,
+            ["Correspondence.Content.Attachments[1].Filename"] = correspondence.Content.Attachments[1].Filename,
+            ["Correspondence.Content.Attachments[1].Name"] = correspondence.Content.Attachments[1].Name,
+            ["Correspondence.Content.Attachments[1].IsEncrypted"] = correspondence.Content.Attachments[1].IsEncrypted!,
+            ["Correspondence.Content.Attachments[1].SendersReference"] = correspondence.Content.Attachments[1].SendersReference,
+            ["Correspondence.Content.Attachments[1].DataType"] = correspondence.Content.Attachments[1].DataType,
+            ["Correspondence.ExternalReferences[0].ReferenceType"] = correspondence.ExternalReferences[0].ReferenceType,
+            ["Correspondence.ExternalReferences[0].ReferenceValue"] = correspondence.ExternalReferences[0].ReferenceValue!,
+            ["Correspondence.ExternalReferences[1].ReferenceType"] = correspondence.ExternalReferences[1].ReferenceType,
+            ["Correspondence.ExternalReferences[1].ReferenceValue"] = correspondence.ExternalReferences[1].ReferenceValue!,
+            ["Correspondence.ExternalReferences[2].ReferenceType"] = correspondence.ExternalReferences[2].ReferenceType,
+            ["Correspondence.ExternalReferences[2].ReferenceValue"] = correspondence.ExternalReferences[2].ReferenceValue!,
+            ["Correspondence.ExternalReferences[3].ReferenceType"] = correspondence.ExternalReferences[3].ReferenceType,
+            ["Correspondence.ExternalReferences[3].ReferenceValue"] = correspondence.ExternalReferences[3].ReferenceValue!,
+            ["Correspondence.ExternalReferences[4].ReferenceType"] = correspondence.ExternalReferences[4].ReferenceType,
+            ["Correspondence.ExternalReferences[4].ReferenceValue"] = correspondence.ExternalReferences[4].ReferenceValue!,
+            [$"Correspondence.PropertyList.{correspondence.PropertyList.Keys.First()}"] = correspondence.PropertyList.Values.First(),
+            [$"Correspondence.PropertyList.{correspondence.PropertyList.Keys.Last()}"] = correspondence.PropertyList.Values.Last(),
+            ["Correspondence.ReplyOptions[0].LinkUrl"] = correspondence.ReplyOptions[0].LinkUrl,
+            ["Correspondence.ReplyOptions[0].LinkText"] = correspondence.ReplyOptions[0].LinkText!,
+            ["Correspondence.ReplyOptions[1].LinkUrl"] = correspondence.ReplyOptions[1].LinkUrl,
+            ["Correspondence.ReplyOptions[1].LinkText"] = correspondence.ReplyOptions[1].LinkText!,
+            ["Correspondence.ExistingAttachments[0]"] = correspondence.ExistingAttachments[0],
+            ["Correspondence.ExistingAttachments[1]"] = correspondence.ExistingAttachments[1],
+            ["Correspondence.Notification.NotificationTemplate"] = correspondence.Notification.NotificationTemplate,
+            ["Correspondence.Notification.EmailSubject"] = correspondence.Notification.EmailSubject,
+            ["Correspondence.Notification.EmailBody"] = correspondence.Notification.EmailBody,
+            ["Correspondence.Notification.SmsBody"] = correspondence.Notification.SmsBody,
+            ["Correspondence.Notification.SendReminder"] = correspondence.Notification.SendReminder,
+            ["Correspondence.Notification.ReminderEmailSubject"] = correspondence.Notification.ReminderEmailSubject,
+            ["Correspondence.Notification.ReminderEmailBody"] = correspondence.Notification.ReminderEmailBody,
+            ["Correspondence.Notification.ReminderSmsBody"] = correspondence.Notification.ReminderSmsBody,
+            ["Correspondence.Notification.NotificationChannel"] = correspondence.Notification.NotificationChannel,
+            ["Correspondence.Notification.ReminderNotificationChannel"] = correspondence.Notification.ReminderNotificationChannel,
+            ["Correspondence.Notification.SendersReference"] = correspondence.Notification.SendersReference,
+            ["Correspondence.Notification.RequestedSendTime"] = correspondence.Notification.RequestedSendTime
+        };
+
+        foreach (var (key, value) in expectedSerialisation)
+        {
+            await AssertContent(multipartContent, key, value);
+        }
+    }
+
+    [Theory]
+    [InlineData("clashingFilename.txt", new[] { "clashingFilename(1).txt", "clashingFilename(2).txt" })]
+    [InlineData("clashingFilename", new[] { "clashingFilename(1)", "clashingFilename(2)" })]
+    public async Task Serialise_ShouldHandleClashingFilenames(string clashingFilename, string[] expectedResolutions)
+    {
+        // Arrange
+        var correspondence = new CorrespondenceRequest
+        {
+            ResourceId = "resource-id",
+            Sender = TestHelpers.GetOrganisationNumber(0),
+            SendersReference = "senders-reference",
+            AllowSystemDeleteAfter = DateTimeOffset.UtcNow.AddDays(2),
+            DueDateTime = DateTimeOffset.UtcNow.AddDays(2),
+            Recipients = [OrganisationOrPersonIdentifier.Create(TestHelpers.GetOrganisationNumber(1))],
+            Content = new CorrespondenceContent
+            {
+                Title = "title",
+                Body = "body",
+                Summary = "summary",
+                Language = LanguageCode<Iso6391>.Parse("no"),
+                Attachments =
+                [
+                    new CorrespondenceAttachment
+                    {
+                        Filename = clashingFilename,
+                        Name = "name-1",
+                        SendersReference = "senders-reference-1",
+                        DataType = "application/pdf",
+                        Data = Encoding.UTF8.GetBytes("data-1"),
+                    },
+                    new CorrespondenceAttachment
+                    {
+                        Filename = clashingFilename,
+                        Name = "name-2",
+                        SendersReference = "senders-reference-2",
+                        DataType = "plain/text",
+                        Data = Encoding.UTF8.GetBytes("data-2"),
+                    },
+                ],
+            },
+        };
+
+        // Act
+        MultipartFormDataContent multipartContent = correspondence.Serialise();
+
+        // Assert
+        await AssertContent(multipartContent, "Correspondence.Content.Attachments[0].Filename", expectedResolutions[0]);
+        await AssertContent(multipartContent, "Correspondence.Content.Attachments[1].Filename", expectedResolutions[1]);
+    }
+
+    [Fact]
+    public void Serialise_ClashingFilenames_ShouldUseReferenceComparison()
+    {
+        // Arrange
+        ReadOnlyMemory<byte> data = Encoding.UTF8.GetBytes("data");
+        List<CorrespondenceAttachment> identicalAttachments =
+        [
+            new CorrespondenceAttachment
+            {
+                Filename = "filename",
+                Name = "name",
+                SendersReference = "senders-reference",
+                DataType = "plain/text",
+                Data = data,
+            },
+            new CorrespondenceAttachment
+            {
+                Filename = "filename",
+                Name = "name",
+                SendersReference = "senders-reference",
+                DataType = "plain/text",
+                Data = data,
+            },
+            new CorrespondenceAttachment
+            {
+                Filename = "filename",
+                Name = "name",
+                SendersReference = "senders-reference",
+                DataType = "plain/text",
+                Data = data,
+            },
+        ];
+        var clonedAttachment = identicalAttachments.Last();
+
+        // Act
+        var processedAttachments = MultipartCorrespondenceItem.CalculateFilenameOverrides(identicalAttachments);
+        processedAttachments[clonedAttachment] = "overwritten";
+
+        // Assert
+        processedAttachments.Should().HaveCount(3);
+        processedAttachments[identicalAttachments[0]].Should().Contain("(1)");
+        processedAttachments[identicalAttachments[1]].Should().Contain("(2)");
+        processedAttachments[identicalAttachments[2]].Should().Contain("overwritten");
+    }
+
+    private static async Task AssertContent(MultipartFormDataContent content, string dispositionName, object value)
+    {
+        var item = content.GetItem(dispositionName);
+        var stringValue = FormattedString(value);
+
+        item.Should().NotBeNull($"FormDataContent with name `{dispositionName}` was not found");
+        item!.Headers.ContentDisposition!.Name.Should().NotBeNull();
+        dispositionName.Should().Be(item.Headers.ContentDisposition.Name!.Trim('\"'));
+        stringValue.Should().Be(await item.ReadAsStringAsync());
+    }
+
+    private static string FormattedString(object value)
+    {
+        Assert.NotNull(value);
+
+        return value switch
+        {
+            OrganisationNumber org => org.Get(OrganisationNumberFormat.International),
+            OrganisationOrPersonIdentifier.Organisation org => org.Value.Get(OrganisationNumberFormat.International),
+            DateTime dateTime => dateTime.ToString("O"),
+            DateTimeOffset dateTimeOffset => dateTimeOffset.ToString("O"),
+            _ => value.ToString()
+                ?? throw new NullReferenceException(
+                    $"ToString method call for object `{nameof(value)} ({value.GetType()})` returned null"
+                ),
+        };
+    }
+}
diff --git a/test/Altinn.App.Core.Tests/Features/Correspondence/Models/CorrespondenceResponseTests.cs b/test/Altinn.App.Core.Tests/Features/Correspondence/Models/CorrespondenceResponseTests.cs
new file mode 100644
index 000000000..dc2297165
--- /dev/null
+++ b/test/Altinn.App.Core.Tests/Features/Correspondence/Models/CorrespondenceResponseTests.cs
@@ -0,0 +1,372 @@
+using System.Globalization;
+using System.Text.Json;
+using Altinn.App.Core.Features.Correspondence.Models;
+using Altinn.App.Core.Models;
+using FluentAssertions;
+
+namespace Altinn.App.Core.Tests.Features.Correspondence.Models;
+
+public class CorrespondenceResponseTests
+{
+    [Fact]
+    public void Send_ValidResponse_DeserializesCorrectly()
+    {
+        // Arrange
+        var encodedResponse = """
+            {
+               "correspondences": [
+                  {
+                     "correspondenceId": "d22d8dda-7b56-48c0-b287-5052aa255d5b",
+                     "status": "Initialized",
+                     "recipient": "0192:213872702",
+                     "notifications": [
+                        {
+                           "orderId": "0ee29355-f2ca-4cd9-98e0-e97a4242d321",
+                           "isReminder": false,
+                           "status": "Success"
+                        }
+                     ]
+                  },
+                  {
+                     "correspondenceId": "d22d8dda-7b56-48c0-b287-5052aa255d5b",
+                     "status": "Published",
+                     "recipient": "26267892619",
+                     "notifications": [
+                        {
+                           "orderId": "0ee29355-f2ca-4cd9-98e0-e97a4242d321",
+                           "isReminder": true,
+                           "status": "MissingContact"
+                        }
+                     ]
+                  }
+               ],
+               "attachmentIds": [
+                  "cae24499-a5f9-425b-9c5b-4dac85fce891"
+               ]
+            }
+            """;
+
+        // Act
+        var parsedResponse = JsonSerializer.Deserialize<SendCorrespondenceResponse>(encodedResponse);
+
+        // Assert
+        Assert.NotNull(parsedResponse);
+        Assert.NotNull(parsedResponse.Correspondences);
+        Assert.NotNull(parsedResponse.AttachmentIds);
+
+        parsedResponse.Correspondences.Should().HaveCount(2);
+        parsedResponse
+            .Correspondences[0]
+            .CorrespondenceId.Should()
+            .Be(Guid.Parse("d22d8dda-7b56-48c0-b287-5052aa255d5b"));
+        parsedResponse.Correspondences[0].Status.Should().Be(CorrespondenceStatus.Initialized);
+        parsedResponse
+            .Correspondences[0]
+            .Recipient.Should()
+            .Be(OrganisationOrPersonIdentifier.Create(OrganisationNumber.Parse("0192:213872702")));
+
+        parsedResponse.Correspondences[0].Notifications.Should().HaveCount(1);
+        parsedResponse
+            .Correspondences[0]
+            .Notifications![0]
+            .OrderId.Should()
+            .Be(Guid.Parse("0ee29355-f2ca-4cd9-98e0-e97a4242d321"));
+        parsedResponse.Correspondences[0].Notifications![0].IsReminder.Should().BeFalse();
+        parsedResponse
+            .Correspondences[0]
+            .Notifications![0]
+            .Status.Should()
+            .Be(CorrespondenceNotificationStatusResponse.Success);
+
+        parsedResponse.Correspondences[1].Status.Should().Be(CorrespondenceStatus.Published);
+        parsedResponse
+            .Correspondences[1]
+            .Recipient.Should()
+            .Be(OrganisationOrPersonIdentifier.Create(NationalIdentityNumber.Parse("26267892619")));
+        parsedResponse.Correspondences[1].Notifications![0].IsReminder.Should().BeTrue();
+        parsedResponse
+            .Correspondences[1]
+            .Notifications![0]
+            .Status.Should()
+            .Be(CorrespondenceNotificationStatusResponse.MissingContact);
+
+        parsedResponse.AttachmentIds.Should().HaveCount(1);
+        parsedResponse.AttachmentIds[0].Should().Be(Guid.Parse("cae24499-a5f9-425b-9c5b-4dac85fce891"));
+    }
+
+    [Fact]
+    public void Status_ValidResponse_DeserializesCorrectly()
+    {
+        // Arrange
+        var encodedResponse = """
+            {
+                "statusHistory": [
+                    {
+                        "status": "Initialized",
+                        "statusText": "Initialized",
+                        "statusChanged": "2024-11-14T11:05:56.843628+00:00"
+                    },
+                    {
+                        "status": "ReadyForPublish",
+                        "statusText": "ReadyForPublish",
+                        "statusChanged": "2024-11-14T11:06:00.165998+00:00"
+                    },
+                    {
+                        "status": "Published",
+                        "statusText": "Published",
+                        "statusChanged": "2024-11-14T11:06:56.208705+00:00"
+                    }
+                ],
+                "notifications": [
+                    {
+                        "id": "598e8044-5ec4-43f9-8ce2-6a37c24cc7df",
+                        "sendersReference": "1234",
+                        "requestedSendTime": "2024-11-14T12:10:57.031351Z",
+                        "creator": "digdir",
+                        "created": "2024-11-14T11:05:57.237047Z",
+                        "isReminder": true,
+                        "notificationChannel": "EmailPreferred",
+                        "ignoreReservation": true,
+                        "resourceId": "apps-correspondence-integrasjon2",
+                        "processingStatus": {
+                            "status": "Registered",
+                            "description": "Order has been registered and is awaiting requested send time before processing.",
+                            "lastUpdate": "2024-11-14T11:05:57.237047Z"
+                        },
+                        "notificationStatusDetails": {
+                            "email": null,
+                            "sms": null
+                        }
+                    },
+                    {
+                        "id": "7ab0ff62-8c5d-4a2e-8ad2-7e7236e847a4",
+                        "sendersReference": "1234",
+                        "requestedSendTime": "2024-11-14T11:10:57.031351Z",
+                        "creator": "digdir",
+                        "created": "2024-11-14T11:05:57.054356Z",
+                        "isReminder": false,
+                        "notificationChannel": "EmailPreferred",
+                        "ignoreReservation": true,
+                        "resourceId": "apps-correspondence-integrasjon2",
+                        "processingStatus": {
+                            "status": "Completed",
+                            "description": "Order processing is completed. All notifications have been generated.",
+                            "lastUpdate": "2024-11-14T11:05:57.054356Z"
+                        },
+                        "notificationStatusDetails": {
+                            "email": {
+                                "id": "0dabcc5c-c3de-4636-922c-e7b351cdbbfa",
+                                "succeeded": true,
+                                "recipient": {
+                                    "emailAddress": "someone@digdir.no",
+                                    "mobileNumber": null,
+                                    "organizationNumber": "213872702",
+                                    "nationalIdentityNumber": null,
+                                    "isReserved": null
+                                },
+                                "sendStatus": {
+                                    "status": "Succeeded",
+                                    "description": "The email has been accepted by the third party email service and will be sent shortly.",
+                                    "lastUpdate": "2024-11-14T11:10:12.693438Z"
+                                }
+                            },
+                            "sms": null
+                        }
+                    }
+                ],
+                "recipient": "0192:213872702",
+                "markedUnread": null,
+                "correspondenceId": "94fa9dd9-734e-4712-9d49-4018aeb1a5dc",
+                "content": {
+                    "attachments": [
+                        {
+                            "created": "2024-11-14T11:05:56.843622+00:00",
+                            "dataLocationType": "AltinnCorrespondenceAttachment",
+                            "status": "Published",
+                            "statusText": "Published",
+                            "statusChanged": "2024-11-14T11:06:00.102333+00:00",
+                            "expirationTime": "0001-01-01T00:00:00+00:00",
+                            "id": "a40fad32-dad1-442d-b4e1-2564d4561c07",
+                            "fileName": "hello-world-3-1.pDf",
+                            "name": "This is the PDF filename 🍕",
+                            "isEncrypted": false,
+                            "checksum": "27bb85ec3681e3cd1ed44a079f5fc501",
+                            "sendersReference": "1234",
+                            "dataType": "application/pdf"
+                        }
+                    ],
+                    "language": "en",
+                    "messageTitle": "This is the title 👋🏻",
+                    "messageSummary": "This is the summary ✌️",
+                    "messageBody": "This is the message\n\nHere is a newline.\n\nHere are some emojis: 📎👴🏻👨🏼‍🍳🥰"
+                },
+                "created": "2024-11-14T11:05:56.575089+00:00",
+                "status": "Published",
+                "statusText": "Published",
+                "statusChanged": "2024-11-14T11:06:56.208705+00:00",
+                "resourceId": "apps-correspondence-integrasjon2",
+                "sender": "0192:991825827",
+                "sendersReference": "1234",
+                "messageSender": "Test Testesen",
+                "requestedPublishTime": "2024-05-29T13:31:28.290518+00:00",
+                "allowSystemDeleteAfter": "2025-05-29T13:31:28.290518+00:00",
+                "dueDateTime": "2025-05-29T13:31:28.290518+00:00",
+                "externalReferences": [
+                    {
+                        "referenceValue": "test",
+                        "referenceType": "AltinnBrokerFileTransfer"
+                    },
+                    {
+                        "referenceValue": "01932a59-edc3-7038-823e-cf46908cd83b",
+                        "referenceType": "DialogportenDialogId"
+                    }
+                ],
+                "propertyList": {
+                    "anim5": "string",
+                    "culpa_852": "string",
+                    "deserunt_12": "string"
+                },
+                "replyOptions": [
+                    {
+                        "linkURL": "www.dgidir.no",
+                        "linkText": "digdir"
+                    }
+                ],
+                "notification": null,
+                "ignoreReservation": true,
+                "published": "2024-11-14T11:06:56.208705+00:00",
+                "isConfirmationNeeded": false
+            }
+            """;
+
+        // Act
+        var parsedResponse = JsonSerializer.Deserialize<GetCorrespondenceStatusResponse>(encodedResponse);
+
+        // Assert
+        Assert.NotNull(parsedResponse);
+        parsedResponse.StatusHistory.Should().HaveCount(3);
+        parsedResponse
+            .StatusHistory.Last()
+            .Should()
+            .Be(
+                new CorrespondenceStatusEventResponse
+                {
+                    Status = CorrespondenceStatus.Published,
+                    StatusText = "Published",
+                    StatusChanged = DateTime.Parse("2024-11-14T11:06:56.208705+00:00"),
+                }
+            );
+        parsedResponse.Notifications.Should().HaveCount(2);
+        parsedResponse
+            .Notifications!.Last()
+            .Should()
+            .BeEquivalentTo(
+                new CorrespondenceNotificationOrderResponse
+                {
+                    Id = "7ab0ff62-8c5d-4a2e-8ad2-7e7236e847a4",
+                    SendersReference = "1234",
+                    RequestedSendTime = DateTimeOffset.Parse("2024-11-14T11:10:57.031351Z"),
+                    Creator = "digdir",
+                    Created = DateTimeOffset.Parse("2024-11-14T11:05:57.054356Z"),
+                    NotificationChannel = CorrespondenceNotificationChannel.EmailPreferred,
+                    IgnoreReservation = true,
+                    ResourceId = "apps-correspondence-integrasjon2",
+                    ProcessingStatus = new CorrespondenceNotificationStatusSummaryResponse
+                    {
+                        Status = "Completed",
+                        Description = "Order processing is completed. All notifications have been generated.",
+                        LastUpdate = DateTimeOffset.Parse("2024-11-14T11:05:57.054356Z"),
+                    },
+                    NotificationStatusDetails = new CorrespondenceNotificationSummaryResponse
+                    {
+                        Email = new CorrespondenceNotificationStatusDetailsResponse
+                        {
+                            Id = Guid.Parse("0dabcc5c-c3de-4636-922c-e7b351cdbbfa"),
+                            Succeeded = true,
+                            Recipient = new CorrespondenceNotificationRecipientResponse
+                            {
+                                EmailAddress = "someone@digdir.no",
+                                OrganisationNumber = "213872702",
+                            },
+                            SendStatus = new CorrespondenceNotificationStatusSummaryResponse
+                            {
+                                Status = "Succeeded",
+                                Description =
+                                    "The email has been accepted by the third party email service and will be sent shortly.",
+                                LastUpdate = DateTime.Parse("2024-11-14T11:10:12.693438Z").ToUniversalTime(),
+                            },
+                        },
+                    },
+                }
+            );
+        parsedResponse.Recipient.Should().Be("0192:213872702");
+        parsedResponse.CorrespondenceId.Should().Be(Guid.Parse("94fa9dd9-734e-4712-9d49-4018aeb1a5dc"));
+        parsedResponse
+            .Content.Should()
+            .BeEquivalentTo(
+                new CorrespondenceContentResponse
+                {
+                    Language = LanguageCode<Iso6391>.Parse("en"),
+                    MessageTitle = "This is the title 👋🏻",
+                    MessageSummary = "This is the summary ✌️",
+                    MessageBody = "This is the message\n\nHere is a newline.\n\nHere are some emojis: 📎👴🏻👨🏼‍🍳🥰",
+                    Attachments =
+                    [
+                        new CorrespondenceAttachmentResponse
+                        {
+                            Created = DateTimeOffset.Parse("2024-11-14T11:05:56.843622+00:00"),
+                            DataLocationType = CorrespondenceDataLocationTypeResponse.AltinnCorrespondenceAttachment,
+                            Status = CorrespondenceAttachmentStatusResponse.Published,
+                            StatusText = "Published",
+                            StatusChanged = DateTimeOffset.Parse("2024-11-14T11:06:00.102333+00:00"),
+                            Id = Guid.Parse("a40fad32-dad1-442d-b4e1-2564d4561c07"),
+                            FileName = "hello-world-3-1.pDf",
+                            Name = "This is the PDF filename 🍕",
+                            Checksum = "27bb85ec3681e3cd1ed44a079f5fc501",
+                            SendersReference = "1234",
+                            DataType = "application/pdf",
+                        },
+                    ],
+                }
+            );
+        parsedResponse.Created.Should().Be(DateTimeOffset.Parse("2024-11-14T11:05:56.575089+00:00"));
+        parsedResponse.Status.Should().Be(CorrespondenceStatus.Published);
+        parsedResponse.StatusText.Should().Be("Published");
+        parsedResponse.ResourceId.Should().Be("apps-correspondence-integrasjon2");
+        parsedResponse.Sender.Should().Be(OrganisationNumber.Parse("0192:991825827"));
+        parsedResponse.SendersReference.Should().Be("1234");
+        parsedResponse.MessageSender.Should().Be("Test Testesen");
+        parsedResponse.RequestedPublishTime.Should().Be(DateTimeOffset.Parse("2024-05-29T13:31:28.290518+00:00"));
+        parsedResponse.AllowSystemDeleteAfter.Should().Be(DateTimeOffset.Parse("2025-05-29T13:31:28.290518+00:00"));
+        parsedResponse.DueDateTime.Should().Be(DateTimeOffset.Parse("2025-05-29T13:31:28.290518+00:00"));
+        parsedResponse.ExternalReferences.Should().HaveCount(2);
+        parsedResponse
+            .ExternalReferences!.Last()
+            .Should()
+            .Be(
+                new CorrespondenceExternalReference
+                {
+                    ReferenceType = CorrespondenceReferenceType.DialogportenDialogId,
+                    ReferenceValue = "01932a59-edc3-7038-823e-cf46908cd83b",
+                }
+            );
+        parsedResponse
+            .PropertyList.Should()
+            .BeEquivalentTo(
+                new Dictionary<string, string>
+                {
+                    ["anim5"] = "string",
+                    ["culpa_852"] = "string",
+                    ["deserunt_12"] = "string",
+                }
+            );
+        parsedResponse.ReplyOptions.Should().HaveCount(1);
+        parsedResponse
+            .ReplyOptions!.First()
+            .Should()
+            .Be(new CorrespondenceReplyOption { LinkUrl = "www.dgidir.no", LinkText = "digdir" });
+        parsedResponse.IgnoreReservation.Should().BeTrue();
+        parsedResponse.Published.Should().Be(DateTimeOffset.Parse("2024-11-14T11:06:56.208705+00:00"));
+        parsedResponse.IsConfirmationNeeded.Should().BeFalse();
+    }
+}
diff --git a/test/Altinn.App.Core.Tests/Features/Correspondence/TestHelpers.cs b/test/Altinn.App.Core.Tests/Features/Correspondence/TestHelpers.cs
new file mode 100644
index 000000000..19ffd2062
--- /dev/null
+++ b/test/Altinn.App.Core.Tests/Features/Correspondence/TestHelpers.cs
@@ -0,0 +1,37 @@
+using System.Net;
+using System.Text.Json;
+using Altinn.App.Core.Features.Correspondence.Models;
+using Altinn.App.Core.Models;
+using Altinn.App.Core.Tests.Models;
+
+namespace Altinn.App.Core.Tests.Features.Correspondence;
+
+public static class TestHelpers
+{
+    public static OrganisationNumber GetOrganisationNumber(int index)
+    {
+        var i = index % OrganisationNumberTests.ValidOrganisationNumbers.Length;
+        return OrganisationNumber.Parse(OrganisationNumberTests.ValidOrganisationNumbers[i]);
+    }
+
+    public static NationalIdentityNumber GetNationalIdentityNumber(int index)
+    {
+        var i = index % NationalIdentityNumberTests.ValidNationalIdentityNumbers.Length;
+        return NationalIdentityNumber.Parse(NationalIdentityNumberTests.ValidNationalIdentityNumbers[i]);
+    }
+
+    public static HttpContent? GetItem(this MultipartFormDataContent content, string name)
+    {
+        return content.FirstOrDefault(item => item.Headers.ContentDisposition?.Name?.Trim('\"') == name);
+    }
+
+    public static HttpResponseMessage ResponseMessageFactory<T>(
+        T content,
+        HttpStatusCode statusCode = HttpStatusCode.OK
+    )
+    {
+        string test = content as string ?? JsonSerializer.Serialize(content);
+
+        return new HttpResponseMessage(statusCode) { Content = new StringContent(test) };
+    }
+}
diff --git a/test/Altinn.App.Core.Tests/Features/Maskinporten/Delegates/MaskinportenDelegatingHandlerTest.cs b/test/Altinn.App.Core.Tests/Features/Maskinporten/Delegates/MaskinportenDelegatingHandlerTest.cs
index b97780fae..be0b706cf 100644
--- a/test/Altinn.App.Core.Tests/Features/Maskinporten/Delegates/MaskinportenDelegatingHandlerTest.cs
+++ b/test/Altinn.App.Core.Tests/Features/Maskinporten/Delegates/MaskinportenDelegatingHandlerTest.cs
@@ -1,5 +1,5 @@
-using Altinn.App.Core.Features.Maskinporten.Exceptions;
-using Altinn.App.Core.Features.Maskinporten.Models;
+using Altinn.App.Api.Tests.Utils;
+using Altinn.App.Core.Features.Maskinporten.Constants;
 using FluentAssertions;
 using Moq;
 
@@ -12,18 +12,14 @@ public async Task SendAsync_AddsAuthorizationHeader()
     {
         // Arrange
         var scopes = new[] { "scope1", "scope2" };
+        var accessToken = PrincipalUtil.GetMaskinportenToken(scope: "-").AccessToken;
         var (client, handler) = TestHelpers.MockMaskinportenDelegatingHandlerFactory(
+            TokenAuthorities.Maskinporten,
             scopes,
-            new MaskinportenTokenResponse
-            {
-                TokenType = "Bearer",
-                Scope = "-",
-                AccessToken = "jwt-content-placeholder",
-                ExpiresIn = -1,
-            }
+            accessToken
         );
         var httpClient = new HttpClient(handler);
-        var request = new HttpRequestMessage(HttpMethod.Get, "https://unittesting.to.nowhere");
+        var request = new HttpRequestMessage(HttpMethod.Get, "https://some-maskinporten-url/token");
 
         // Act
         await httpClient.SendAsync(request);
@@ -32,32 +28,6 @@ public async Task SendAsync_AddsAuthorizationHeader()
         client.Verify(c => c.GetAccessToken(scopes, It.IsAny<CancellationToken>()), Times.Once);
         Assert.NotNull(request.Headers.Authorization);
         request.Headers.Authorization.Scheme.Should().Be("Bearer");
-        request.Headers.Authorization.Parameter.Should().Be("jwt-content-placeholder");
-    }
-
-    [Fact]
-    public async Task SendAsync_OnlyAccepts_BearerTokens()
-    {
-        // Arrange
-        var (_, handler) = TestHelpers.MockMaskinportenDelegatingHandlerFactory(
-            ["scope1", "scope2"],
-            new MaskinportenTokenResponse
-            {
-                TokenType = "MAC",
-                Scope = "-",
-                AccessToken = "jwt-content-placeholder",
-                ExpiresIn = -1,
-            }
-        );
-        var httpClient = new HttpClient(handler);
-        var request = new HttpRequestMessage(HttpMethod.Get, "https://unittesting.to.nowhere");
-
-        // Act
-        Func<Task> act = async () => await httpClient.SendAsync(request);
-
-        // Assert
-        await act.Should()
-            .ThrowAsync<MaskinportenUnsupportedTokenException>()
-            .WithMessage("Unsupported token type received from Maskinporten: *");
+        request.Headers.Authorization.Parameter.Should().Be(accessToken.ToStringUnmasked());
     }
 }
diff --git a/test/Altinn.App.Core.Tests/Features/Maskinporten/MaskinportenClientTest.cs b/test/Altinn.App.Core.Tests/Features/Maskinporten/MaskinportenClientTest.cs
index 4c9210cc1..59518d080 100644
--- a/test/Altinn.App.Core.Tests/Features/Maskinporten/MaskinportenClientTest.cs
+++ b/test/Altinn.App.Core.Tests/Features/Maskinporten/MaskinportenClientTest.cs
@@ -1,16 +1,15 @@
 using System.IdentityModel.Tokens.Jwt;
 using System.Net;
 using System.Text.Json;
+using Altinn.App.Api.Tests.Utils;
 using Altinn.App.Core.Features.Maskinporten;
 using Altinn.App.Core.Features.Maskinporten.Exceptions;
 using Altinn.App.Core.Features.Maskinporten.Models;
 using FluentAssertions;
-using Microsoft.Extensions.Caching.Hybrid;
+using Microsoft.AspNetCore.Builder;
 using Microsoft.Extensions.Caching.Memory;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Internal;
-using Microsoft.Extensions.Logging;
-using Microsoft.Extensions.Options;
 using Microsoft.Extensions.Time.Testing;
 using Moq;
 
@@ -23,38 +22,92 @@ private sealed class FakeTime(DateTimeOffset startDateTime) : FakeTimeProvider(s
         public DateTimeOffset UtcNow => GetUtcNow();
     }
 
-    private readonly Mock<IHttpClientFactory> _mockHttpClientFactory;
-    private readonly FakeTime _fakeTimeProvider;
-    private readonly MaskinportenClient _maskinportenClient;
-    private readonly MaskinportenSettings _maskinportenSettings = new()
+    private sealed record Fixture(WebApplication App) : IAsyncDisposable
     {
-        Authority = "https://maskinporten.dev/",
-        ClientId = "test-client-id",
-        JwkBase64 =
-            "ewogICAgICAicCI6ICItU09GNmp3V0N3b19nSlByTnJhcVNkNnZRckFzRmxZd1VScHQ0NC1BNlRXUnBoaUo4b3czSTNDWGxxUG1LeG5VWDVDcnd6SF8yeldTNGtaaU9zQTMtajhiUE9hUjZ2a3pRSG14YmFkWmFmZjBUckdJajNQUlhxcVdMRHdsZjNfNklDV2gzOFhodXNBeDVZRE0tRm8zZzRLVWVHM2NxMUFvTkJ4NHV6Sy1IRHMiLAogICAgICAia3R5IjogIlJTQSIsCiAgICAgICJxIjogIndwWUlpOVZJLUJaRk9aYUNaUmVhYm4xWElQbW8tbEJIendnc1RCdHVfeUJma1FQeGI1Q1ZnZFFnaVQ4dTR3Tkl4NC0zb2ROdXhsWGZING1Hc25xOWFRaFlRNFEyc2NPUHc5V2dNM1dBNE1GMXNQQXgzUGJLRkItU01RZmZ4aXk2cVdJSmRQSUJ4OVdFdnlseW9XbEhDcGZsUWplT3U2dk43WExsZ3c5T2JhVSIsCiAgICAgICJkIjogIks3Y3pqRktyWUJfRjJYRWdoQ1RQY2JTbzZZdExxelFwTlZleF9HZUhpTmprWmNpcEVaZ3g4SFhYLXpNSi01ZWVjaTZhY1ZjSzhhZzVhQy01Mk84LTU5aEU3SEE2M0FoRzJkWFdmamdQTXhaVE9MbnBheWtZbzNWa0NGNF9FekpLYmw0d2ludnRuTjBPc2dXaVZiTDFNZlBjWEdqbHNTUFBIUlAyaThDajRqX21OM2JVcy1FbVM5UzktSXlia1luYV9oNUMxMEluXy1tWHpsQ2dCNU9FTXFzd2tNUWRZVTBWbHVuWHM3YXlPT0h2WWpQMWFpYml0MEpyay1iWVFHSy1mUVFFVWNZRkFSN1ZLMkxIaUJwU0NvbzBiSjlCQ1BZb196bTVNVnVId21xbzNtdml1Vy1lMnVhbW5xVHpZUEVWRE1lMGZBSkZtcVBGcGVwTzVfcXE2USIsCiAgICAgICJlIjogIkFRQUIiLAogICAgICAidXNlIjogInNpZyIsCiAgICAgICJraWQiOiAiYXNkZjEyMzQiLAogICAgICAicWkiOiAicXpFUUdXOHBPVUgtR2pCaFUwVXNhWWtEM2dWTVJvTF9CbGlRckp4ZTAwY29YeUtIZGVEX2M1bDFDNFFJZzRJSjZPMnFZZ2wyamRnWVNmVHA0S2NDNk1Obm8tSVFiSnlPRDU2Qmo4eVJUUjA5TkZvTGhDUjNhY0xmMkhwTXNKNUlqbTdBUHFPVWlCeW9hVkExRlR4bzYtZGNfZ1NiQjh1ZDI2bFlFRHdsYWMwIiwKICAgICAgImRwIjogInRnTU14N2FFQ0NiQmctY005Vmo0Q2FXbGR0d01LWGxvTFNoWTFlSTJOS3BOTVFKR2JhdWdjTVRHQ21qTk1fblgzTVZ0cHRvMWFPbTMySlhCRjlqc1RHZWtONWJmVGNJbmZsZ3Bsc21uR2pMckNqN0xYTG9wWUxiUnBabF9iNm1JaThuU2ZCQXVQR2hEUzc4UWZfUXhFR1Bxb2h6cEZVTW5UQUxzOVI0Nkk1YyIsCiAgICAgICJhbGciOiAiUlMyNTYiLAogICAgICAiZHEiOiAibE40cF9ha1lZVXpRZTBWdHp4LW1zNTlLLUZ4bzdkQmJqOFhGOWhnSzdENzlQam5SRGJTRTNVWEgtcGlQSzNpSXhyeHFGZkZuVDJfRS15REJIMjBOMmZ4YllwUVZNQnpZc1UtUGQ2OFBBV1Nnd05TU29XVmhwdEdjaTh4bFlfMDJkWDRlbEF6T1ZlOUIxdXBEMjc5cWJXMVdKVG5TQmp4am1LVU5lQjVPdDAwIiwKICAgICAgIm4iOiAidlY3dW5TclNnekV3ZHo0dk8wTnNmWDB0R1NwT2RITE16aDFseUVtU2RYbExmeVYtcUxtbW9qUFI3S2pUU2NDbDI1SFI4SThvWG1mcDhSZ19vbnA0LUlZWW5ZV0RTNngxVlViOVlOQ3lFRTNQQTUtVjlOYzd5ckxxWXpyMTlOSkJmdmhJVEd5QUFVTjFCeW5JeXJ5NFFMbHRYYTRKSTFiLTh2QXNJQ0xyU1dQZDdibWxrOWo3bU1jV3JiWlNIZHNTMGNpVFgzYTc2UXdMb0F2SW54RlhCU0ludXF3ZVhnVjNCZDFQaS1DZGpCR0lVdXVyeVkybEwybmRnVHZUY2tZUTBYeEtGR3lCdDNaMEhJMzRBRFBrVEZneWFMX1F4NFpIZ3d6ZjRhTHBXaHF3OGVWanpPMXlucjJ3OUd4b2dSN1pWUjY3VFI3eUxSS3VrMWdIdFlkUkJ3IgogICAgfQ==",
-    };
+        internal static readonly MaskinportenSettings DefaultSettings = new()
+        {
+            Authority = "https://maskinporten.dev/",
+            ClientId = "test-client-id",
+            JwkBase64 =
+                "ewogICAgICAicCI6ICItU09GNmp3V0N3b19nSlByTnJhcVNkNnZRckFzRmxZd1VScHQ0NC1BNlRXUnBoaUo4b3czSTNDWGxxUG1LeG5VWDVDcnd6SF8yeldTNGtaaU9zQTMtajhiUE9hUjZ2a3pRSG14YmFkWmFmZjBUckdJajNQUlhxcVdMRHdsZjNfNklDV2gzOFhodXNBeDVZRE0tRm8zZzRLVWVHM2NxMUFvTkJ4NHV6Sy1IRHMiLAogICAgICAia3R5IjogIlJTQSIsCiAgICAgICJxIjogIndwWUlpOVZJLUJaRk9aYUNaUmVhYm4xWElQbW8tbEJIendnc1RCdHVfeUJma1FQeGI1Q1ZnZFFnaVQ4dTR3Tkl4NC0zb2ROdXhsWGZING1Hc25xOWFRaFlRNFEyc2NPUHc5V2dNM1dBNE1GMXNQQXgzUGJLRkItU01RZmZ4aXk2cVdJSmRQSUJ4OVdFdnlseW9XbEhDcGZsUWplT3U2dk43WExsZ3c5T2JhVSIsCiAgICAgICJkIjogIks3Y3pqRktyWUJfRjJYRWdoQ1RQY2JTbzZZdExxelFwTlZleF9HZUhpTmprWmNpcEVaZ3g4SFhYLXpNSi01ZWVjaTZhY1ZjSzhhZzVhQy01Mk84LTU5aEU3SEE2M0FoRzJkWFdmamdQTXhaVE9MbnBheWtZbzNWa0NGNF9FekpLYmw0d2ludnRuTjBPc2dXaVZiTDFNZlBjWEdqbHNTUFBIUlAyaThDajRqX21OM2JVcy1FbVM5UzktSXlia1luYV9oNUMxMEluXy1tWHpsQ2dCNU9FTXFzd2tNUWRZVTBWbHVuWHM3YXlPT0h2WWpQMWFpYml0MEpyay1iWVFHSy1mUVFFVWNZRkFSN1ZLMkxIaUJwU0NvbzBiSjlCQ1BZb196bTVNVnVId21xbzNtdml1Vy1lMnVhbW5xVHpZUEVWRE1lMGZBSkZtcVBGcGVwTzVfcXE2USIsCiAgICAgICJlIjogIkFRQUIiLAogICAgICAidXNlIjogInNpZyIsCiAgICAgICJraWQiOiAiYXNkZjEyMzQiLAogICAgICAicWkiOiAicXpFUUdXOHBPVUgtR2pCaFUwVXNhWWtEM2dWTVJvTF9CbGlRckp4ZTAwY29YeUtIZGVEX2M1bDFDNFFJZzRJSjZPMnFZZ2wyamRnWVNmVHA0S2NDNk1Obm8tSVFiSnlPRDU2Qmo4eVJUUjA5TkZvTGhDUjNhY0xmMkhwTXNKNUlqbTdBUHFPVWlCeW9hVkExRlR4bzYtZGNfZ1NiQjh1ZDI2bFlFRHdsYWMwIiwKICAgICAgImRwIjogInRnTU14N2FFQ0NiQmctY005Vmo0Q2FXbGR0d01LWGxvTFNoWTFlSTJOS3BOTVFKR2JhdWdjTVRHQ21qTk1fblgzTVZ0cHRvMWFPbTMySlhCRjlqc1RHZWtONWJmVGNJbmZsZ3Bsc21uR2pMckNqN0xYTG9wWUxiUnBabF9iNm1JaThuU2ZCQXVQR2hEUzc4UWZfUXhFR1Bxb2h6cEZVTW5UQUxzOVI0Nkk1YyIsCiAgICAgICJhbGciOiAiUlMyNTYiLAogICAgICAiZHEiOiAibE40cF9ha1lZVXpRZTBWdHp4LW1zNTlLLUZ4bzdkQmJqOFhGOWhnSzdENzlQam5SRGJTRTNVWEgtcGlQSzNpSXhyeHFGZkZuVDJfRS15REJIMjBOMmZ4YllwUVZNQnpZc1UtUGQ2OFBBV1Nnd05TU29XVmhwdEdjaTh4bFlfMDJkWDRlbEF6T1ZlOUIxdXBEMjc5cWJXMVdKVG5TQmp4am1LVU5lQjVPdDAwIiwKICAgICAgIm4iOiAidlY3dW5TclNnekV3ZHo0dk8wTnNmWDB0R1NwT2RITE16aDFseUVtU2RYbExmeVYtcUxtbW9qUFI3S2pUU2NDbDI1SFI4SThvWG1mcDhSZ19vbnA0LUlZWW5ZV0RTNngxVlViOVlOQ3lFRTNQQTUtVjlOYzd5ckxxWXpyMTlOSkJmdmhJVEd5QUFVTjFCeW5JeXJ5NFFMbHRYYTRKSTFiLTh2QXNJQ0xyU1dQZDdibWxrOWo3bU1jV3JiWlNIZHNTMGNpVFgzYTc2UXdMb0F2SW54RlhCU0ludXF3ZVhnVjNCZDFQaS1DZGpCR0lVdXVyeVkybEwybmRnVHZUY2tZUTBYeEtGR3lCdDNaMEhJMzRBRFBrVEZneWFMX1F4NFpIZ3d6ZjRhTHBXaHF3OGVWanpPMXlucjJ3OUd4b2dSN1pWUjY3VFI3eUxSS3VrMWdIdFlkUkJ3IgogICAgfQ==",
+        };
 
-    public MaskinportenClientTests()
-    {
-        _mockHttpClientFactory = new Mock<IHttpClientFactory>();
-        _fakeTimeProvider = new FakeTime(DateTimeOffset.UtcNow);
+        internal static readonly MaskinportenSettings InternalSettings = DefaultSettings with
+        {
+            ClientId = "internal-client-id",
+        };
 
-        var app = Api.Tests.TestUtils.AppBuilder.Build(registerCustomAppServices: services =>
-            services.Configure<MemoryCacheOptions>(options => options.Clock = _fakeTimeProvider)
-        );
+        public FakeTime FakeTime => App.Services.GetRequiredService<FakeTime>();
+        public Mock<IHttpClientFactory> HttpClientFactoryMock =>
+            Moq.Mock.Get(App.Services.GetRequiredService<IHttpClientFactory>());
 
-        var tokenCache = app.Services.GetRequiredService<HybridCache>();
-        var mockLogger = new Mock<ILogger<MaskinportenClient>>();
-        var mockOptions = new Mock<IOptionsMonitor<MaskinportenSettings>>();
-        mockOptions.Setup(o => o.CurrentValue).Returns(_maskinportenSettings);
-
-        _maskinportenClient = new MaskinportenClient(
-            mockOptions.Object,
-            _mockHttpClientFactory.Object,
-            tokenCache,
-            mockLogger.Object,
-            _fakeTimeProvider
-        );
+        public MaskinportenClient Client(string variant) =>
+            variant switch
+            {
+                MaskinportenClient.VariantInternal => (MaskinportenClient)
+                    App.Services.GetRequiredKeyedService<IMaskinportenClient>(MaskinportenClient.VariantInternal),
+                MaskinportenClient.VariantDefault => (MaskinportenClient)
+                    App.Services.GetRequiredService<IMaskinportenClient>(),
+                _ => throw new ArgumentException($"Unknown variant: {variant}"),
+            };
+
+        public static Fixture Create(bool configureMaskinporten = true)
+        {
+            var mockHttpClientFactory = new Mock<IHttpClientFactory>();
+            var fakeTimeProvider = new FakeTime(new DateTimeOffset(2024, 1, 1, 10, 0, 0, TimeSpan.Zero));
+
+            var app = Api.Tests.TestUtils.AppBuilder.Build(registerCustomAppServices: services =>
+            {
+                services.AddSingleton(mockHttpClientFactory.Object);
+                services.Configure<MemoryCacheOptions>(options => options.Clock = fakeTimeProvider);
+                services.AddSingleton<TimeProvider>(fakeTimeProvider);
+                services.AddSingleton(fakeTimeProvider);
+
+                if (configureMaskinporten)
+                {
+                    services.Configure<MaskinportenSettings>(options =>
+                    {
+                        options.Authority = DefaultSettings.Authority;
+                        options.ClientId = DefaultSettings.ClientId;
+                        options.JwkBase64 = DefaultSettings.JwkBase64;
+                    });
+                    services.Configure<MaskinportenSettings>(
+                        MaskinportenClient.VariantInternal,
+                        options =>
+                        {
+                            options.Authority = InternalSettings.Authority;
+                            options.ClientId = InternalSettings.ClientId;
+                            options.JwkBase64 = InternalSettings.JwkBase64;
+                        }
+                    );
+                }
+            });
+
+            return new Fixture(app);
+        }
+
+        public async ValueTask DisposeAsync() => await App.DisposeAsync();
+    }
+
+    public static TheoryData<string> Variants =>
+        new(MaskinportenClient.VariantDefault, MaskinportenClient.VariantInternal);
+
+    [Fact]
+    public async Task Test_DI_And_Configuration()
+    {
+        // Arrange
+        await using var fixture = Fixture.Create();
+        var defaultClient = fixture.Client(MaskinportenClient.VariantDefault);
+        var internalClient = fixture.Client(MaskinportenClient.VariantInternal);
+        Assert.NotNull(defaultClient);
+        Assert.NotNull(internalClient);
+
+        // Assert
+        defaultClient.Should().NotBeSameAs(internalClient);
+        defaultClient.Settings.Should().BeEquivalentTo(Fixture.DefaultSettings);
+        internalClient.Settings.Should().BeEquivalentTo(Fixture.InternalSettings);
+        internalClient.Variant.Should().Be(MaskinportenClient.VariantInternal);
+        defaultClient.Variant.Should().Be(MaskinportenClient.VariantDefault);
     }
 
     [Fact]
@@ -72,7 +125,7 @@ public async Task GenerateAuthenticationPayload_HasCorrectFormat()
         var jwt = "access-token-content";
 
         // Act
-        var content = MaskinportenClient.GenerateAuthenticationPayload(jwt);
+        var content = MaskinportenClient.AuthenticationPayloadFactory(jwt);
         var parsed = await TestHelpers.ParseFormUrlEncodedContent(content);
 
         // Assert
@@ -81,134 +134,195 @@ public async Task GenerateAuthenticationPayload_HasCorrectFormat()
         parsed["assertion"].Should().Be(jwt);
     }
 
-    [Fact]
-    public void GenerateJwtGrant_HasCorrectFormat()
+    [Theory]
+    [MemberData(nameof(Variants))]
+    public async Task GenerateJwtGrant_HasCorrectFormat(string variant)
     {
         // Arrange
+        await using var fixture = Fixture.Create();
+        var settings = fixture.Client(variant).Settings;
         var scopes = "scope1 scope2";
 
         // Act
-        var jwt = _maskinportenClient.GenerateJwtGrant(scopes);
+        var jwt = fixture.Client(variant).GenerateJwtGrant(scopes);
         var parsed = new JwtSecurityTokenHandler().ReadJwtToken(jwt);
 
         // Assert
         parsed.Audiences.Count().Should().Be(1);
-        parsed.Audiences.First().Should().Be(_maskinportenSettings.Authority);
-        parsed.Issuer.Should().Be(_maskinportenSettings.ClientId);
+        parsed.Audiences.First().Should().Be(settings.Authority);
+        parsed.Issuer.Should().Be(settings.ClientId);
         parsed.Claims.First(x => x.Type == "scope").Value.Should().Be(scopes);
     }
 
-    [Fact]
-    public async Task GetAccessToken_ReturnsAToken()
+    [Theory]
+    [MemberData(nameof(Variants))]
+    public async Task GenerateJwtGrant_HandlesMissingSettings(string variant)
     {
         // Arrange
-        string[] scopes = ["scope1", "scope2"];
-        var tokenResponse = new MaskinportenTokenResponse
+        await using var fixture = Fixture.Create(configureMaskinporten: false);
+
+        // Act
+        var act = () =>
         {
-            AccessToken = "access-token-content",
-            ExpiresIn = 120,
-            Scope = MaskinportenClient.FormattedScopes(scopes),
-            TokenType = "Bearer",
+            fixture.Client(variant).GenerateJwtGrant("scope");
         };
-        _mockHttpClientFactory
-            .Setup(x => x.CreateClient(It.IsAny<string>()))
+
+        // Assert
+        act.Should().Throw<MaskinportenConfigurationException>();
+    }
+
+    [Theory]
+    [MemberData(nameof(Variants))]
+    public async Task GetAccessToken_ReturnsAToken(string variant)
+    {
+        // Arrange
+        await using var fixture = Fixture.Create();
+        string[] scopes = ["scope1", "scope2"];
+        string formattedScopes = MaskinportenClient.FormattedScopes(scopes);
+        var maskinportenTokenResponse = PrincipalUtil.GetMaskinportenToken(
+            scope: formattedScopes,
+            expiry: TimeSpan.FromMinutes(2),
+            fixture.FakeTime
+        );
+        fixture
+            .HttpClientFactoryMock.Setup(x => x.CreateClient(It.IsAny<string>()))
             .Returns(() =>
             {
-                var mockHandler = TestHelpers.MockHttpMessageHandlerFactory(tokenResponse);
+                var mockHandler = TestHelpers.MockHttpMessageHandlerFactory(maskinportenTokenResponse);
                 return new HttpClient(mockHandler.Object);
             });
 
         // Act
-        var result = await _maskinportenClient.GetAccessToken(scopes);
+        var result = await fixture.Client(variant).GetAccessToken(scopes);
 
         // Assert
-        result.Should().BeEquivalentTo(tokenResponse, config => config.Excluding(x => x.ExpiresAt));
+        result.Should().BeEquivalentTo(maskinportenTokenResponse.AccessToken);
+        result.Scope.Should().BeEquivalentTo(formattedScopes);
     }
 
-    [Fact]
-    public async Task GetAccessToken_ThrowsExceptionWhenTokenIsExpired()
+    [Theory]
+    [MemberData(nameof(Variants))]
+    public async Task GetAltinnExchangedToken_ReturnsAToken(string variant)
     {
         // Arrange
-        var scopes = new List<string> { "scope1", "scope2" };
-        var tokenResponse = new MaskinportenTokenResponse
-        {
-            AccessToken = "expired-access-token",
-            ExpiresIn = MaskinportenClient.TokenExpirationMargin - 1,
-            Scope = "-",
-            TokenType = "Bearer",
-        };
+        await using var fixture = Fixture.Create();
+        string[] scopes = ["scope1", "scope2"];
+        var maskinportenTokenResponse = PrincipalUtil.GetMaskinportenToken(
+            scope: MaskinportenClient.FormattedScopes(scopes),
+            expiry: TimeSpan.FromMinutes(2),
+            fixture.FakeTime
+        );
+        var expiresIn = TimeSpan.FromMinutes(30);
+        var altinnAccessToken = PrincipalUtil.GetOrgToken("ttd", "160694123", 3, expiresIn, fixture.FakeTime);
+        fixture
+            .HttpClientFactoryMock.Setup(x => x.CreateClient(It.IsAny<string>()))
+            .Returns(() =>
+            {
+                var mockHandler = TestHelpers.MockHttpMessageHandlerFactory(
+                    maskinportenTokenResponse,
+                    altinnAccessToken
+                );
+                return new HttpClient(mockHandler.Object);
+            });
+
+        // Act
+        var result = await fixture.Client(variant).GetAltinnExchangedToken(scopes);
+
+        // Assert
+        result.Value.Should().NotBeNullOrWhiteSpace();
+        result.ExpiresAt.Should().Be(fixture.FakeTime.GetUtcNow().Add(expiresIn).UtcDateTime);
+    }
 
-        _mockHttpClientFactory
-            .Setup(x => x.CreateClient(It.IsAny<string>()))
+    [Theory]
+    [MemberData(nameof(Variants))]
+    public async Task GetAccessToken_ThrowsExceptionWhenTokenIsExpired(string variant)
+    {
+        // Arrange
+        await using var fixture = Fixture.Create();
+        var maskinportenTokenResponse = PrincipalUtil.GetMaskinportenToken(
+            scope: "-",
+            expiry: MaskinportenClient.TokenExpirationMargin - TimeSpan.FromSeconds(1),
+            fixture.FakeTime
+        );
+
+        fixture
+            .HttpClientFactoryMock.Setup(x => x.CreateClient(It.IsAny<string>()))
             .Returns(() =>
             {
-                var mockHandler = TestHelpers.MockHttpMessageHandlerFactory(tokenResponse);
+                var mockHandler = TestHelpers.MockHttpMessageHandlerFactory(maskinportenTokenResponse);
                 return new HttpClient(mockHandler.Object);
             });
 
         // Act
-        Func<Task> act = async () =>
+        Func<Task> act1 = async () =>
+        {
+            await fixture.Client(variant).GetAccessToken(["scope1", "scope2"]);
+        };
+        Func<Task> act2 = async () =>
         {
-            await _maskinportenClient.GetAccessToken(scopes);
+            await fixture.Client(variant).GetAltinnExchangedToken(["scope1", "scope2"]);
         };
 
         // Assert
-        await act.Should().ThrowAsync<MaskinportenTokenExpiredException>();
+        await act1.Should().ThrowAsync<MaskinportenTokenExpiredException>();
+        await act2.Should().ThrowAsync<MaskinportenTokenExpiredException>();
     }
 
-    [Fact]
-    public async Task GetAccessToken_UsesCachedTokenIfAvailable()
+    [Theory]
+    [MemberData(nameof(Variants))]
+    public async Task GetAccessToken_UsesCachedTokenIfAvailable(string variant)
     {
         // Arrange
+        await using var fixture = Fixture.Create();
         string[] scopes = ["scope1", "scope2"];
-        var tokenResponse = new MaskinportenTokenResponse
-        {
-            AccessToken = "2 minute access token content",
-            ExpiresIn = 120,
-            Scope = MaskinportenClient.FormattedScopes(scopes),
-            TokenType = "Bearer",
-        };
-        _mockHttpClientFactory
-            .Setup(x => x.CreateClient(It.IsAny<string>()))
+        var maskinportenTokenResponse = () =>
+            PrincipalUtil.GetMaskinportenToken(
+                scope: MaskinportenClient.FormattedScopes(scopes),
+                expiry: TimeSpan.FromMinutes(2),
+                fixture.FakeTime
+            );
+        fixture
+            .HttpClientFactoryMock.Setup(x => x.CreateClient(It.IsAny<string>()))
             .Returns(() =>
             {
-                var mockHandler = TestHelpers.MockHttpMessageHandlerFactory(tokenResponse);
+                var mockHandler = TestHelpers.MockHttpMessageHandlerFactory(maskinportenTokenResponse.Invoke());
                 return new HttpClient(mockHandler.Object);
             });
 
         // Act
-        var token1 = await _maskinportenClient.GetAccessToken(scopes);
-        _fakeTimeProvider.Advance(TimeSpan.FromMinutes(1));
-        var token2 = await _maskinportenClient.GetAccessToken(scopes);
+        var token1 = await fixture.Client(variant).GetAccessToken(scopes);
+        fixture.FakeTime.Advance(TimeSpan.FromMinutes(1));
+        var token2 = await fixture.Client(variant).GetAccessToken(scopes);
 
         // Assert
-        token1.Should().BeSameAs(token2);
+        token1.Should().BeEquivalentTo(token2);
     }
 
-    [Fact]
-    public async Task GetAccessToken_GeneratesNewTokenIfRequired()
+    [Theory]
+    [MemberData(nameof(Variants))]
+    public async Task GetAccessToken_GeneratesNewTokenIfRequired(string variant)
     {
         // Arrange
+        await using var fixture = Fixture.Create();
         string[] scopes = ["scope1", "scope2"];
-        var tokenResponse = new MaskinportenTokenResponse
-        {
-            AccessToken = "Very short lived access token",
-            ExpiresIn = MaskinportenClient.TokenExpirationMargin + 1,
-            Scope = MaskinportenClient.FormattedScopes(scopes),
-            TokenType = "Bearer",
-        };
-        _mockHttpClientFactory
-            .Setup(x => x.CreateClient(It.IsAny<string>()))
+        var maskinportenTokenResponse = () =>
+            PrincipalUtil.GetMaskinportenToken(
+                scope: MaskinportenClient.FormattedScopes(scopes),
+                expiry: MaskinportenClient.TokenExpirationMargin + TimeSpan.FromSeconds(1),
+                fixture.FakeTime
+            );
+        fixture
+            .HttpClientFactoryMock.Setup(x => x.CreateClient(It.IsAny<string>()))
             .Returns(() =>
             {
-                var mockHandler = TestHelpers.MockHttpMessageHandlerFactory(tokenResponse);
+                var mockHandler = TestHelpers.MockHttpMessageHandlerFactory(maskinportenTokenResponse.Invoke());
                 return new HttpClient(mockHandler.Object);
             });
 
         // Act
-        var token1 = await _maskinportenClient.GetAccessToken(scopes);
-        _fakeTimeProvider.Advance(TimeSpan.FromSeconds(10));
-        var token2 = await _maskinportenClient.GetAccessToken(scopes);
+        var token1 = await fixture.Client(variant).GetAccessToken(scopes);
+        fixture.FakeTime.Advance(TimeSpan.FromSeconds(10));
+        var token2 = await fixture.Client(variant).GetAccessToken(scopes);
 
         // Assert
         token1.Should().NotBeSameAs(token2);
@@ -264,17 +378,14 @@ await act.Should()
     public async Task ParseServerResponse_ThrowsOn_DisposedObject()
     {
         // Arrange
-        var tokenResponse = new MaskinportenTokenResponse
-        {
-            AccessToken = "access-token-content",
-            ExpiresIn = 120,
-            Scope = "scope1 scope2",
-            TokenType = "Bearer",
-        };
+        var maskinportenTokenResponse = PrincipalUtil.GetMaskinportenToken(
+            scope: "a b",
+            expiry: MaskinportenClient.TokenExpirationMargin + TimeSpan.FromSeconds(1)
+        );
         var validHttpResponse = new HttpResponseMessage
         {
             StatusCode = HttpStatusCode.OK,
-            Content = new StringContent(JsonSerializer.Serialize(tokenResponse)),
+            Content = new StringContent(JsonSerializer.Serialize(maskinportenTokenResponse)),
         };
 
         // Act
diff --git a/test/Altinn.App.Core.Tests/Features/Maskinporten/Models/MaskinportenSettingsTest.cs b/test/Altinn.App.Core.Tests/Features/Maskinporten/Models/MaskinportenSettingsTest.cs
index 717c9660a..37d5a3e9c 100644
--- a/test/Altinn.App.Core.Tests/Features/Maskinporten/Models/MaskinportenSettingsTest.cs
+++ b/test/Altinn.App.Core.Tests/Features/Maskinporten/Models/MaskinportenSettingsTest.cs
@@ -12,7 +12,7 @@ public class MaskinportenSettingsTest
     /// <summary>
     /// This key definition is complete and valid
     /// </summary>
-    private string validJwk = """
+    private static readonly string _validJwk = """
         {
             "p": "5BRHaF0zpryULcbyTf02xZUXMb26Ait8XvU4NsAYCH4iLNkC_zYRJ0X_qb0sJ_WVYecB1-nCV1Qr15KnsaKp1qBOx21_ftHHwdBE12z9KYGe1xQ4ZIXEP0OiR044XQPphRFVjWOF7wQKdoXlTNXCg4B3lo5waBj8eYmMHCxyK6k",
             "kty": "RSA",
@@ -30,15 +30,15 @@ public class MaskinportenSettingsTest
         """;
 
     /// <summary>
-    /// This is a Base64 encoded version of <see cref="validJwk"/>.
-    /// <inheritdoc cref="validJwk"/>
+    /// This is a Base64 encoded version of <see cref="_validJwk"/>.
+    /// <inheritdoc cref="_validJwk"/>
     /// </summary>
-    private string validJwk_Base64 => Convert.ToBase64String(Encoding.UTF8.GetBytes(validJwk));
+    private static string _validJwkBase64 => Convert.ToBase64String(Encoding.UTF8.GetBytes(_validJwk));
 
     /// <summary>
     /// This key definition is missing the `e` exponent and the `kid` identifier
     /// </summary>
-    private string invalidJwk = """
+    private static readonly string _invalidJwk = """
         {
             "p": "5BRHaF0zpryULcbyTf02xZUXMb26Ait8XvU4NsAYCH4iLNkC_zYRJ0X_qb0sJ_WVYecB1-nCV1Qr15KnsaKp1qBOx21_ftHHwdBE12z9KYGe1xQ4ZIXEP0OiR044XQPphRFVjWOF7wQKdoXlTNXCg4B3lo5waBj8eYmMHCxyK6k",
             "kty": "RSA",
@@ -56,10 +56,10 @@ public class MaskinportenSettingsTest
         """;
 
     /// <summary>
-    /// This is a Base64 encoded version of <see cref="invalidJwk"/>.
-    /// <inheritdoc cref="invalidJwk"/>
+    /// This is a Base64 encoded version of <see cref="_invalidJwk"/>.
+    /// <inheritdoc cref="_invalidJwk"/>
     /// </summary>
-    private string invalidJwk_base64 => Convert.ToBase64String(Encoding.UTF8.GetBytes(invalidJwk));
+    private static string _invalidJwkBase64 => Convert.ToBase64String(Encoding.UTF8.GetBytes(_invalidJwk));
 
     [Fact]
     public void ShouldDeserializeFromJsonCorrectly()
@@ -69,7 +69,7 @@ public void ShouldDeserializeFromJsonCorrectly()
             {
                 "authority": "https://maskinporten.dev/",
                 "clientId": "test-client",
-                "jwk": {{validJwk}}
+                "jwk": {{_validJwk}}
             }
             """;
 
@@ -91,7 +91,7 @@ public void ShouldDeserializeFromJsonCorrectly_Base64Encoded()
             {
                 "authority": "https://maskinporten.dev/",
                 "clientId": "test-client",
-                "jwkBase64": "{{validJwk_Base64}}"
+                "jwkBase64": "{{_validJwkBase64}}"
             }
             """;
 
@@ -113,7 +113,7 @@ public void ShouldValidateJwkAfterDeserializing()
             {
                 "authority": "https://maskinporten.dev/",
                 "clientId": "test-client",
-                "jwk": {{invalidJwk}}
+                "jwk": {{_invalidJwk}}
             }
             """;
 
@@ -139,7 +139,7 @@ public void ShouldValidateJwkAfterDeserializing_Base64()
             {
                 "authority": "https://maskinporten.dev/",
                 "clientId": "test-client",
-                "jwkBase64": "{{invalidJwk_base64}}"
+                "jwkBase64": "{{_invalidJwkBase64}}"
             }
             """;
 
diff --git a/test/Altinn.App.Core.Tests/Features/Maskinporten/Models/MaskinportenTokenResponseTest.cs b/test/Altinn.App.Core.Tests/Features/Maskinporten/Models/MaskinportenTokenResponseTest.cs
index 0c49cf5c0..3237bac93 100644
--- a/test/Altinn.App.Core.Tests/Features/Maskinporten/Models/MaskinportenTokenResponseTest.cs
+++ b/test/Altinn.App.Core.Tests/Features/Maskinporten/Models/MaskinportenTokenResponseTest.cs
@@ -1,5 +1,6 @@
 using System.Text.Json;
 using Altinn.App.Core.Features.Maskinporten.Models;
+using Altinn.App.Core.Models;
 using FluentAssertions;
 
 namespace Altinn.App.Core.Tests.Features.Maskinporten.Models;
@@ -10,9 +11,10 @@ public class MaskinportenTokenResponseTest
     public void ShouldDeserializeFromJsonCorrectly()
     {
         // Arrange
-        var json = """
+        var encodedToken = TestHelpers.GetEncodedAccessToken();
+        var json = $$"""
             {
-                "access_token": "jwt.content.here",
+                "access_token": "{{encodedToken.AccessToken}}",
                 "token_type": "Bearer",
                 "expires_in": 120,
                 "scope": "anything"
@@ -20,16 +22,34 @@ public void ShouldDeserializeFromJsonCorrectly()
             """;
 
         // Act
-        var beforeCreation = DateTime.UtcNow;
-        var token = JsonSerializer.Deserialize<MaskinportenTokenResponse>(json);
-        var afterCreation = DateTime.UtcNow;
+        var tokenResponse = JsonSerializer.Deserialize<MaskinportenTokenResponse>(json);
 
         // Assert
-        Assert.NotNull(token);
-        token.AccessToken.Should().Be("jwt.content.here");
-        token.TokenType.Should().Be("Bearer");
-        token.Scope.Should().Be("anything");
-        token.ExpiresIn.Should().Be(120);
-        token.ExpiresAt.Should().BeBefore(afterCreation.AddSeconds(120)).And.BeAfter(beforeCreation.AddSeconds(120));
+        Assert.NotNull(tokenResponse);
+        tokenResponse.AccessToken.Should().Be(JwtToken.Parse(encodedToken.AccessToken));
+        tokenResponse.TokenType.Should().Be("Bearer");
+        tokenResponse.Scope.Should().Be("anything");
+        tokenResponse.ExpiresIn.Should().Be(120);
+    }
+
+    [Fact]
+    public void ToString_ShouldMaskAccessToken()
+    {
+        // Arrange
+        var encodedToken = TestHelpers.GetEncodedAccessToken();
+
+        // Act
+        var tokenResponse = new MaskinportenTokenResponse
+        {
+            AccessToken = JwtToken.Parse(encodedToken.AccessToken),
+            Scope = "yep",
+            TokenType = "Bearer",
+            ExpiresIn = 120,
+        };
+
+        // Assert
+        tokenResponse.AccessToken.ToStringUnmasked().Should().Be(encodedToken.AccessToken);
+        tokenResponse.ToString().Should().NotContain(encodedToken.Components.Signature);
+        $"{tokenResponse}".Should().NotContain(encodedToken.Components.Signature);
     }
 }
diff --git a/test/Altinn.App.Core.Tests/Features/Maskinporten/TestHelpers.cs b/test/Altinn.App.Core.Tests/Features/Maskinporten/TestHelpers.cs
index c5fa1d892..edb33d29e 100644
--- a/test/Altinn.App.Core.Tests/Features/Maskinporten/TestHelpers.cs
+++ b/test/Altinn.App.Core.Tests/Features/Maskinporten/TestHelpers.cs
@@ -1,11 +1,13 @@
+using System.Linq.Expressions;
 using System.Net;
-using System.Security.Cryptography;
 using System.Text.Json;
+using Altinn.App.Api.Tests.Utils;
 using Altinn.App.Core.Features.Maskinporten;
+using Altinn.App.Core.Features.Maskinporten.Constants;
 using Altinn.App.Core.Features.Maskinporten.Delegates;
 using Altinn.App.Core.Features.Maskinporten.Models;
+using Altinn.App.Core.Models;
 using Microsoft.Extensions.Logging;
-using Microsoft.IdentityModel.Tokens;
 using Moq;
 using Moq.Protected;
 
@@ -13,14 +15,22 @@ namespace Altinn.App.Core.Tests.Features.Maskinporten;
 
 internal static class TestHelpers
 {
-    public static Mock<HttpMessageHandler> MockHttpMessageHandlerFactory(MaskinportenTokenResponse tokenResponse)
+    private static readonly Expression<Func<HttpRequestMessage, bool>> _isTokenRequest = req =>
+        req.RequestUri!.PathAndQuery.Contains("token", StringComparison.OrdinalIgnoreCase);
+    private static readonly Expression<Func<HttpRequestMessage, bool>> _isExchangeRequest = req =>
+        req.RequestUri!.PathAndQuery.Contains("exchange/maskinporten", StringComparison.OrdinalIgnoreCase);
+
+    public static Mock<HttpMessageHandler> MockHttpMessageHandlerFactory(
+        MaskinportenTokenResponse maskinportenTokenResponse,
+        string? altinnAccessToken = null
+    )
     {
         var handlerMock = new Mock<HttpMessageHandler>();
-        handlerMock
-            .Protected()
+        var protectedMock = handlerMock.Protected();
+        protectedMock
             .Setup<Task<HttpResponseMessage>>(
                 "SendAsync",
-                ItExpr.IsAny<HttpRequestMessage>(),
+                ItExpr.Is(_isTokenRequest),
                 ItExpr.IsAny<CancellationToken>()
             )
             .ReturnsAsync(
@@ -28,7 +38,23 @@ public static Mock<HttpMessageHandler> MockHttpMessageHandlerFactory(Maskinporte
                     new HttpResponseMessage
                     {
                         StatusCode = HttpStatusCode.OK,
-                        Content = new StringContent(JsonSerializer.Serialize(tokenResponse)),
+                        Content = new StringContent(JsonSerializer.Serialize(maskinportenTokenResponse)),
+                    }
+            );
+
+        altinnAccessToken ??= PrincipalUtil.GetOrgToken("ttd", "160694123", 3);
+        protectedMock
+            .Setup<Task<HttpResponseMessage>>(
+                "SendAsync",
+                ItExpr.Is(_isExchangeRequest),
+                ItExpr.IsAny<CancellationToken>()
+            )
+            .ReturnsAsync(
+                () =>
+                    new HttpResponseMessage
+                    {
+                        StatusCode = HttpStatusCode.OK,
+                        Content = new StringContent(altinnAccessToken),
                     }
             );
 
@@ -38,7 +64,11 @@ public static Mock<HttpMessageHandler> MockHttpMessageHandlerFactory(Maskinporte
     public static (
         Mock<IMaskinportenClient> client,
         MaskinportenDelegatingHandler handler
-    ) MockMaskinportenDelegatingHandlerFactory(IEnumerable<string> scopes, MaskinportenTokenResponse tokenResponse)
+    ) MockMaskinportenDelegatingHandlerFactory(
+        TokenAuthorities authorities,
+        IEnumerable<string> scopes,
+        JwtToken accessToken
+    )
     {
         var mockProvider = new Mock<IServiceProvider>();
         var innerHandlerMock = new Mock<DelegatingHandler>();
@@ -54,16 +84,21 @@ MaskinportenDelegatingHandler handler
             .Protected()
             .Setup<Task<HttpResponseMessage>>(
                 "SendAsync",
-                ItExpr.IsAny<HttpRequestMessage>(),
+                ItExpr.Is(_isTokenRequest),
                 ItExpr.IsAny<CancellationToken>()
             )
             .ReturnsAsync(new HttpResponseMessage(HttpStatusCode.OK));
 
         mockMaskinportenClient
             .Setup(c => c.GetAccessToken(scopes, It.IsAny<CancellationToken>()))
-            .ReturnsAsync(tokenResponse);
+            .ReturnsAsync(accessToken);
 
-        var handler = new MaskinportenDelegatingHandler(scopes, mockMaskinportenClient.Object, mockLogger.Object)
+        var handler = new MaskinportenDelegatingHandler(
+            authorities,
+            scopes,
+            mockMaskinportenClient.Object,
+            mockLogger.Object
+        )
         {
             InnerHandler = innerHandlerMock.Object,
         };
@@ -79,4 +114,17 @@ public static async Task<Dictionary<string, string>> ParseFormUrlEncodedContent(
             .Select(pair => pair.Split('='))
             .ToDictionary(split => Uri.UnescapeDataString(split[0]), split => Uri.UnescapeDataString(split[1]));
     }
+
+    public static (
+        string AccessToken,
+        (string Header, string Payload, string Signature) Components
+    ) GetEncodedAccessToken()
+    {
+        const string testTokenHeader = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9";
+        const string testTokenPayload = "eyJzdWIiOiJpdHMtYS1tZSJ9";
+        const string testTokenSignature = "wLLw4Timcl9gnQvA93RgREz-6S5y1UfzI_GYVI_XVDA";
+        const string testToken = testTokenHeader + "." + testTokenPayload + "." + testTokenSignature;
+
+        return (testToken, (testTokenHeader, testTokenPayload, testTokenSignature));
+    }
 }
diff --git a/test/Altinn.App.Core.Tests/Models/JwtTokenTests.cs b/test/Altinn.App.Core.Tests/Models/JwtTokenTests.cs
new file mode 100644
index 000000000..f14fbfdd7
--- /dev/null
+++ b/test/Altinn.App.Core.Tests/Models/JwtTokenTests.cs
@@ -0,0 +1,147 @@
+using Altinn.App.Core.Models;
+using Altinn.App.Core.Tests.Features.Maskinporten;
+using FluentAssertions;
+using Microsoft.Extensions.Time.Testing;
+
+namespace Altinn.App.Core.Tests.Models;
+
+public class AccessTokenTests
+{
+    private static readonly string[] _validTokens =
+    [
+        "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
+        "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoiSm9obiBEb2UifQ.DjwRE2jZhren2Wt37t5hlVru6Myq4AhpGLiiefF69u8",
+    ];
+    private static readonly string _invalidToken = "is.not.base64token";
+
+    [Fact]
+    public void Parse_ValidToken_ShouldReturnAccessToken()
+    {
+        // Arrange
+        var encodedToken = _validTokens[0];
+
+        // Act
+        var accessToken = JwtToken.Parse(encodedToken);
+
+        // Assert
+        accessToken.Value.Should().Be(encodedToken);
+    }
+
+    [Fact]
+    public void Parse_InvalidToken_ShouldThrowFormatException()
+    {
+        Assert.Throws<FormatException>(() => JwtToken.Parse(_invalidToken));
+    }
+
+    [Fact]
+    public void Equals_SameToken_ShouldReturnTrue()
+    {
+        // Arrange
+        var token1 = JwtToken.Parse(_validTokens[0]);
+        var token2 = JwtToken.Parse(_validTokens[0]);
+
+        // Act
+        bool result1 = token1.Equals(token2);
+        bool result2 = token1 == token2;
+        bool result3 = token1 != token2;
+
+        // Assert
+        result1.Should().BeTrue();
+        result2.Should().BeTrue();
+        result3.Should().BeFalse();
+    }
+
+    [Fact]
+    public void Equals_DifferentToken_ShouldReturnFalse()
+    {
+        // Arrange
+        var token1 = JwtToken.Parse(_validTokens[0]);
+        var token2 = JwtToken.Parse(_validTokens[1]);
+
+        // Act
+        bool result1 = token1.Equals(token2);
+        bool result2 = token1 == token2;
+        bool result3 = token1 != token2;
+
+        // Assert
+        result1.Should().BeFalse();
+        result2.Should().BeFalse();
+        result3.Should().BeTrue();
+    }
+
+    [Fact]
+    public void ToString_ShouldReturnMaskedToken()
+    {
+        // Arrange
+        var token = JwtToken.Parse(_validTokens[0]);
+
+        // Act
+        var maskedToken1 = token.ToString();
+        var maskedToken2 = $"{token}";
+
+        // Assert
+        maskedToken1.Should().Be(maskedToken2);
+        maskedToken1
+            .Should()
+            .Be(
+                "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.<masked>"
+            );
+    }
+
+    [Fact]
+    public void ImplicitConversion_ShouldReturnFullTokenString()
+    {
+        // Arrange
+        var token = JwtToken.Parse(_validTokens[0]);
+
+        // Act
+        string tokenString = token;
+
+        // Assert
+        tokenString.Should().Be(_validTokens[0]);
+    }
+
+    [Fact]
+    public void Value_Property_ShouldReturnFullTokenString()
+    {
+        // Arrange
+        var token = JwtToken.Parse(_validTokens[0]);
+
+        // Act
+        string tokenString = token.Value;
+
+        // Assert
+        tokenString.Should().Be(_validTokens[0]);
+    }
+
+    // [Theory]
+    // [InlineData(true)]
+    // [InlineData(false)]
+    // public void ShouldIndicateExpiry(bool expired)
+    // {
+    //     // Arrange
+    //     var encodedToken = TestHelpers.GetEncodedAccessToken();
+    //     var jwtToken = JwtToken.Parse(encodedToken.AccessToken);
+    //     var expiry = jwtToken.ExpiresAt;
+    //     var fakeTimeProvider = new FakeTimeProvider(expiry.AddDays(expired ? -1 : 1));
+
+    //     // Act
+    //     var isExpired = jwtToken.IsExpired(fakeTimeProvider);
+
+    //     // Assert
+    //     isExpired.Should().Be(expired);
+    // }
+
+    [Fact]
+    public void ToString_ShouldMask_AccessToken()
+    {
+        // Arrange
+        var encodedToken = TestHelpers.GetEncodedAccessToken();
+        var accessToken = JwtToken.Parse(encodedToken.AccessToken);
+
+        // Act, Assert
+        accessToken.ToStringUnmasked().Should().Be(encodedToken.AccessToken);
+        accessToken.ToString().Should().NotContain(encodedToken.Components.Signature);
+        $"{accessToken}".Should().NotContain(encodedToken.Components.Signature);
+    }
+}
diff --git a/test/Altinn.App.Core.Tests/Models/LanguageCodeTests.cs b/test/Altinn.App.Core.Tests/Models/LanguageCodeTests.cs
new file mode 100644
index 000000000..d9fbdcdf7
--- /dev/null
+++ b/test/Altinn.App.Core.Tests/Models/LanguageCodeTests.cs
@@ -0,0 +1,57 @@
+#nullable disable
+using Altinn.App.Core.Models;
+using FluentAssertions;
+
+namespace Altinn.App.Core.Tests.Models;
+
+public class LanguageCodeTests
+{
+    static readonly string[] _validIso6391Codes = ["aa", "Bb", "CC", "zz"];
+
+    static readonly string[] _invalidIso6391Codes = ["a.", " b", "abc", "😎🤓"];
+
+    [Fact]
+    public void ValidIso6391Code_ParsesOk()
+    {
+        foreach (var validCode in _validIso6391Codes)
+        {
+            var langCode = LanguageCode<Iso6391>.Parse(validCode);
+            langCode.Value.Should().Be(validCode.ToLowerInvariant());
+        }
+    }
+
+    [Fact]
+    public void InvalidIso6391Code_ThrowsException()
+    {
+        foreach (var invalidCode in _invalidIso6391Codes)
+        {
+            Action act = () => LanguageCode<Iso6391>.Parse(invalidCode);
+            act.Should().Throw<FormatException>();
+        }
+    }
+
+    [Fact]
+    public void Equality_WorksAsExpected()
+    {
+        var langCode1A = LanguageCode<Iso6391>.Parse(_validIso6391Codes[0]);
+        var langCode1B = LanguageCode<Iso6391>.Parse(_validIso6391Codes[0]);
+        var langCode2 = LanguageCode<Iso6391>.Parse(_validIso6391Codes[2]);
+
+        Assert.True(langCode1A == langCode1B);
+        Assert.True(langCode1A != langCode2);
+        Assert.False(langCode1A == langCode2);
+
+        langCode1A.Should().Be(langCode1B);
+        langCode1A.Should().NotBe(langCode2);
+    }
+
+    [Fact]
+    public void ImplicitStringConversion_WorksAsExpected()
+    {
+        foreach (var validCode in _validIso6391Codes)
+        {
+            string langCodeString = LanguageCode<Iso6391>.Parse(validCode);
+            langCodeString.Should().Be(validCode.ToLowerInvariant());
+        }
+    }
+}
diff --git a/test/Altinn.App.Core.Tests/Models/NationalIdentityNumberTests.cs b/test/Altinn.App.Core.Tests/Models/NationalIdentityNumberTests.cs
new file mode 100644
index 000000000..ae0e7f11e
--- /dev/null
+++ b/test/Altinn.App.Core.Tests/Models/NationalIdentityNumberTests.cs
@@ -0,0 +1,174 @@
+#nullable disable
+using Altinn.App.Core.Models;
+using FluentAssertions;
+
+namespace Altinn.App.Core.Tests.Models;
+
+public class NationalIdentityNumberTests
+{
+    internal static readonly string[] ValidNationalIdentityNumbers =
+    [
+        "13896396174",
+        "29896695590",
+        "21882448425",
+        "03917396654",
+        "61875300317",
+        "60896400498",
+        "65918300265",
+        "22869798367",
+        "02912447718",
+        "22909397689",
+        "26267892619",
+        "12318496828",
+        "20270310266",
+        "10084808933",
+        "09113920472",
+        "28044017069",
+        "18055606346",
+        "24063324295",
+        "16084521195",
+    ];
+
+    internal static readonly string[] InvalidNationalIdentityNumbers =
+    [
+        "13816396174",
+        "29896795590",
+        "21883418425",
+        "03917506654",
+        "61175310317",
+        "60996410498",
+        "65918310265",
+        "22869898467",
+        "02912447719",
+        "22909397680",
+        "26270892619",
+        "12318696828",
+        "20289310266",
+        "11084808933",
+        "08113921472",
+        "28044417069",
+        "180556f6346",
+        "240633242951",
+        "1234",
+    ];
+
+    [Fact]
+    public void Parse_ValidNumber_ShouldReturnOrganisationNumber()
+    {
+        foreach (var validNumber in ValidNationalIdentityNumbers)
+        {
+            var number = NationalIdentityNumber.Parse(validNumber);
+            number.Value.Should().Be(validNumber);
+        }
+    }
+
+    [Fact]
+    public void Parse_InvalidNumber_ShouldThrowFormatException()
+    {
+        foreach (var invalidNumber in InvalidNationalIdentityNumbers)
+        {
+            Action act = () => NationalIdentityNumber.Parse(invalidNumber);
+            act.Should().Throw<FormatException>();
+        }
+    }
+
+    // [Fact]
+    // public void TryParse_ValidNumber_ShouldReturnTrue()
+    // {
+    //     foreach (var validOrgNumber in ValidNationalIdentityNumbers)
+    //     {
+    //         OrganisationNumber.TryParse(validOrgNumber, out var parsed).Should().BeTrue();
+    //         parsed.Get(OrganisationNumberFormat.Local).Should().Be(validOrgNumber);
+    //     }
+    // }
+    //
+    // [Fact]
+    // public void TryParse_InvalidNumber_ShouldReturnFalse()
+    // {
+    //     foreach (var invalidOrgNumber in InvalidNationalIdentityNumbers)
+    //     {
+    //         OrganisationNumber.TryParse(invalidOrgNumber, out _).Should().BeFalse();
+    //     }
+    // }
+    //
+    // [Fact]
+    // public void Equals_SameNumber_ShouldReturnTrue()
+    // {
+    //     // Arrange
+    //     var number1 = OrganisationNumber.Parse(ValidNationalIdentityNumbers[0]);
+    //     var number2 = OrganisationNumber.Parse(ValidNationalIdentityNumbers[0]);
+    //
+    //     // Act
+    //     bool result1 = number1.Equals(number2);
+    //     bool result2 = number1 == number2;
+    //     bool result3 = number1 != number2;
+    //
+    //     // Assert
+    //     result1.Should().BeTrue();
+    //     result2.Should().BeTrue();
+    //     result3.Should().BeFalse();
+    // }
+    //
+    // [Fact]
+    // public void Equals_DifferentNumber_ShouldReturnFalse()
+    // {
+    //     // Arrange
+    //     var number1 = OrganisationNumber.Parse(ValidNationalIdentityNumbers[0]);
+    //     var number2 = OrganisationNumber.Parse(ValidNationalIdentityNumbers[1]);
+    //
+    //     // Act
+    //     bool result1 = number1.Equals(number2);
+    //     bool result2 = number1 == number2;
+    //     bool result3 = number1 != number2;
+    //
+    //     // Assert
+    //     result1.Should().BeFalse();
+    //     result2.Should().BeFalse();
+    //     result3.Should().BeTrue();
+    // }
+    //
+    // [Fact]
+    // public void ToString_ShouldReturnLocalFormat()
+    // {
+    //     // Arrange
+    //     var rawLocal = ValidNationalIdentityNumbers[0];
+    //     var number = OrganisationNumber.Parse(rawLocal);
+    //
+    //     // Act
+    //     var stringified1 = number.ToString();
+    //     var stringified2 = $"{number}";
+    //
+    //     // Assert
+    //     stringified1.Should().Be(rawLocal);
+    //     stringified2.Should().Be(rawLocal);
+    // }
+    //
+    // [Fact]
+    // public void GetMethod_ShouldReturnCorrectFormats()
+    // {
+    //     // Arrange
+    //     var rawLocal = ValidNationalIdentityNumbers[0];
+    //     var number = OrganisationNumber.Parse(rawLocal);
+    //
+    //     // Act
+    //     var stringified1 = number.Get(OrganisationNumberFormat.Local);
+    //     var stringified2 = number.Get(OrganisationNumberFormat.International);
+    //
+    //     // Assert
+    //     stringified1.Should().Be(rawLocal);
+    //     stringified2.Should().Be($"0192:{rawLocal}");
+    // }
+    //
+    // [Fact]
+    // public void ImplicitConversion_ShouldReturnFullTokenString()
+    // {
+    //     // Arrange
+    //     var token = AccessToken.Parse(_validTokens[0]);
+    //
+    //     // Act
+    //     string tokenString = token;
+    //
+    //     // Assert
+    //     tokenString.Should().Be(_validTokens[0]);
+    // }
+}
diff --git a/test/Altinn.App.Core.Tests/Models/OrganisationNumberTests.cs b/test/Altinn.App.Core.Tests/Models/OrganisationNumberTests.cs
new file mode 100644
index 000000000..37d8c647c
--- /dev/null
+++ b/test/Altinn.App.Core.Tests/Models/OrganisationNumberTests.cs
@@ -0,0 +1,151 @@
+#nullable disable
+using Altinn.App.Core.Models;
+using FluentAssertions;
+
+namespace Altinn.App.Core.Tests.Models;
+
+public class OrganisationNumberTests
+{
+    internal static readonly string[] ValidOrganisationNumbers =
+    [
+        "474103390",
+        "593422461",
+        "331660698",
+        "904162426",
+        "316620612",
+        "452496593",
+        "591955012",
+        "343679238",
+        "874408522",
+        "857498941",
+        "084209694",
+        "545482657",
+        "713789208",
+        "149618953",
+        "014888918",
+        "184961733",
+        "825076719",
+        "544332597",
+        "579390867",
+        "930771813",
+        "207154156",
+        "601050765",
+        "085483285",
+    ];
+
+    internal static readonly string[] InvalidOrganisationNumbers =
+    [
+        "474103392",
+        "593422460",
+        "331661698",
+        "904172426",
+        "316628612",
+        "452496592",
+        "591956012",
+        "343679338",
+        "874408520",
+        "857498949",
+        "084239694",
+        "545487657",
+        "623752180",
+        "177442146",
+        "262417258",
+        "897200890",
+        "509527177",
+        "956866735",
+        "760562895",
+        "516103886",
+        "192411646",
+        "486551298",
+        "370221387",
+        "569288067",
+        "322550165",
+        "773771810",
+        "862984904",
+        "548575390",
+        "183139014",
+        "181318036",
+        "843828242",
+        "668910901",
+        "123456789",
+        "987654321",
+        "12345",
+        "08548328f",
+    ];
+
+    [Fact]
+    public void Parse_ValidNumber_ShouldReturnOrganisationNumber()
+    {
+        foreach (var validOrgNumber in ValidOrganisationNumbers)
+        {
+            var orgNumber = OrganisationNumber.Parse(validOrgNumber);
+            var orgNumberLocal = orgNumber.Get(OrganisationNumberFormat.Local);
+            var orgNumberInternational = orgNumber.Get(OrganisationNumberFormat.International);
+
+            orgNumberLocal.Should().Be(validOrgNumber);
+            orgNumberInternational.Should().Be($"0192:{validOrgNumber}");
+        }
+    }
+
+    [Fact]
+    public void Parse_InvalidNumber_ShouldThrowFormatException()
+    {
+        foreach (var invalidOrgNumber in InvalidOrganisationNumbers)
+        {
+            Action act = () => OrganisationNumber.Parse(invalidOrgNumber);
+            act.Should().Throw<FormatException>();
+        }
+    }
+
+    [Fact]
+    public void Equals_SameNumber_ShouldReturnTrue()
+    {
+        // Arrange
+        var number1 = OrganisationNumber.Parse(ValidOrganisationNumbers[0]);
+        var number2 = OrganisationNumber.Parse(ValidOrganisationNumbers[0]);
+
+        // Act
+        bool result1 = number1.Equals(number2);
+        bool result2 = number1 == number2;
+        bool result3 = number1 != number2;
+
+        // Assert
+        result1.Should().BeTrue();
+        result2.Should().BeTrue();
+        result3.Should().BeFalse();
+    }
+
+    [Fact]
+    public void Equals_DifferentNumber_ShouldReturnFalse()
+    {
+        // Arrange
+        var number1 = OrganisationNumber.Parse(ValidOrganisationNumbers[0]);
+        var number2 = OrganisationNumber.Parse(ValidOrganisationNumbers[1]);
+
+        // Act
+        bool result1 = number1.Equals(number2);
+        bool result2 = number1 == number2;
+        bool result3 = number1 != number2;
+
+        // Assert
+        result1.Should().BeFalse();
+        result2.Should().BeFalse();
+        result3.Should().BeTrue();
+    }
+
+    [Fact]
+    public void ToString_ShouldReturnLocalFormat()
+    {
+        // Arrange
+        var rawLocal = ValidOrganisationNumbers[0];
+        var number = OrganisationNumber.Parse(rawLocal);
+
+        // Act
+        var stringified1 = number.ToString();
+        var stringified2 = $"{number}";
+
+        // Assert
+        stringified1.Should().Be(rawLocal);
+        stringified2.Should().Be(rawLocal);
+    }
+}

From b0ce0e597f8778980eedfe6eaec056b37bb53e62 Mon Sep 17 00:00:00 2001
From: Ivar Nesje <ivarne@users.noreply.github.com>
Date: Fri, 22 Nov 2024 08:12:10 +0100
Subject: [PATCH 2/5] Publish release notes to nuget (#921)

---
 .github/workflows/publish-release.yml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml
index 7f36baafe..70366fcd2 100644
--- a/.github/workflows/publish-release.yml
+++ b/.github/workflows/publish-release.yml
@@ -33,12 +33,17 @@ jobs:
       - name: Install deps
         run: |
           dotnet restore
+      - name: Extract release notes
+        id: extract-notes
+        run: echo "${{ github.event.release.body }}" > RELEASE_NOTES.md
       - name: Build
         run: |
           dotnet build --configuration Release --no-restore -p:Deterministic=true -p:BuildNumber=${{ github.run_number }}
       - name: Pack
         run: |
-          dotnet pack AppLibDotnet.sln --configuration Release --no-restore --no-build -p:Deterministic=true -p:BuildNumber=${{ github.run_number }}
+          dotnet pack AppLibDotnet.sln --configuration Release --no-restore --no-build \
+            -p:Deterministic=true -p:BuildNumber=${{ github.run_number }} \
+            -p:PackageReleaseNotes="$(cat RELEASE_NOTES.md)"
       - name: Versions
         run: |
           dotnet --version

From f492381e47dc66b1afe2747295b1f4fc3064c8ca Mon Sep 17 00:00:00 2001
From: Ivar Nesje <ivarne@users.noreply.github.com>
Date: Fri, 22 Nov 2024 10:35:46 +0100
Subject: [PATCH 3/5] Use extension methods instead of properties for
 convenience methods on IInstantanceDataAccessor (#907)

* Use extension methods instead of properties for convenience methods on IInstantanceDataAccessor

Interface properties with default implementations has a few drawbacks.

* They need to be mocked individually, because Moq does not use the default implementation
* They typically only serve as a starting point for futher filtering using linq. An extension methdod takes an argument (task/dataType) which is easier to understand than a linq .Where filter.

Another benefit is that we encapsulate appMetadata so that user code has even less reason to deal with dataType

* Fix sonar issues and improve test coverage
---
 .../Features/IInstanceDataAccessor.cs         | 153 ++++++++++++++++--
 .../Validation/Default/ExpressionValidator.cs |  30 ++--
 ...gacyIInstanceValidatorFormDataValidator.cs |  13 +-
 .../Wrappers/DataElementValidatorWrapper.cs   |  17 +-
 .../Wrappers/FormDataValidatorWrapper.cs      |   9 +-
 .../Helpers/DataModel/DataModel.cs            |  12 +-
 .../Implementation/AppResourcesSI.cs          |   4 +-
 .../Internal/Data/InstanceDataUnitOfWork.cs   |  50 +++---
 .../Expressions/LayoutEvaluatorState.cs       |   3 +-
 .../LayoutEvaluatorStateInitializer.cs        |  51 +-----
 .../Internal/Validation/IValidatorFactory.cs  |   7 +-
 .../Controllers/ActionsControllerTests.cs     |   9 +-
 .../Controllers/DataController_PostTests.cs   |   9 +-
 ...dator_ReturnsValidationErrors.verified.txt |  41 ++++-
 ...sNext_PdfFails_DataIsUnlocked.verified.txt |  45 +++++-
 .../models/default.validation.json            |  18 +++
 .../Default/ExpressionValidatorTests.cs       |   4 +-
 .../Default/LegacyIValidationFormDataTests.cs |   5 +-
 .../ValidationServiceOldTests.cs              |  41 ++---
 .../TestBackendExclusiveFunctions.cs          |   2 -
 .../CommonTests/TestContextList.cs            |   4 +-
 .../CommonTests/TestFunctions.cs              |   3 -
 .../CommonTests/TestInvalid.cs                |   3 +-
 .../FullTests/LayoutTestUtils.cs              |  39 ++---
 .../TestUtilities/DynamicClassBuilder.cs      |   4 +-
 .../TestUtilities/InstanceDataAccessorFake.cs |  59 +++----
 26 files changed, 364 insertions(+), 271 deletions(-)
 create mode 100644 test/Altinn.App.Api.Tests/Data/apps/tdd/contributer-restriction/models/default.validation.json

diff --git a/src/Altinn.App.Core/Features/IInstanceDataAccessor.cs b/src/Altinn.App.Core/Features/IInstanceDataAccessor.cs
index b27164a6e..81261f65a 100644
--- a/src/Altinn.App.Core/Features/IInstanceDataAccessor.cs
+++ b/src/Altinn.App.Core/Features/IInstanceDataAccessor.cs
@@ -13,22 +13,6 @@ public interface IInstanceDataAccessor
     /// </summary>
     Instance Instance { get; }
 
-    /// <summary>
-    /// The data elements on the instance.
-    /// </summary>
-    IEnumerable<DataElement> DataElements => Instance.Data;
-
-    /// <summary>
-    /// Data elements of the instance that has appLogic (form data elements).
-    /// </summary>
-    IEnumerable<DataElement> FormDataElements =>
-        Instance.Data.Where(d => GetDataType(d).AppLogic?.ClassRef is not null);
-
-    /// <summary>
-    /// Data elements of the instance that represents attachments/binary data (no appLogic).
-    /// </summary>
-    IEnumerable<DataElement> BinaryDataElements => Instance.Data.Where(d => GetDataType(d).AppLogic?.ClassRef is null);
-
     /// <summary>
     /// Get the actual data represented in the data element.
     /// </summary>
@@ -49,9 +33,144 @@ public interface IInstanceDataAccessor
     /// <throws>Throws an InvalidOperationException if the data element is not found on the instance</throws>
     DataElement GetDataElement(DataElementIdentifier dataElementIdentifier);
 
+    /// <summary>
+    /// Get the data type from application with the given type.
+    /// </summary>
+    /// <param name="dataTypeId">DataType.Id (from applicationmetadata.json)</param>
+    /// <returns>The data type (or null if it does not exist)</returns>
+    DataType? GetDataType(string dataTypeId);
+}
+
+/// <summary>
+/// Extension methods for IInstanceDataAccessor to simplify usage.
+/// </summary>
+public static class IInstanceDataAccessorExtensions
+{
     /// <summary>
     /// Get the dataType of a data element.
     /// </summary>
     /// <throws>Throws an InvalidOperationException if the data element is not found on the instance</throws>
-    DataType GetDataType(DataElementIdentifier dataElementIdentifier);
+    public static DataType GetDataType(
+        this IInstanceDataAccessor dataAccessor,
+        DataElementIdentifier dataElementIdentifier
+    )
+    {
+        var dataElement = dataAccessor.GetDataElement(dataElementIdentifier);
+        var dataType = dataAccessor.GetDataType(dataElement.DataType);
+        if (dataType is null)
+        {
+            throw new InvalidOperationException(
+                $"Data type {dataElement.DataType} not found in applicationmetadata.json"
+            );
+        }
+
+        return dataType;
+    }
+
+    /// <summary>
+    /// Get the actual data represented in the data element (cast into T).
+    /// </summary>
+    /// <returns>The deserialized data model for this data element or an exception for non-form data elements</returns>
+    public static async Task<T> GetFormData<T>(
+        this IInstanceDataAccessor accessor,
+        DataElementIdentifier dataElementIdentifier
+    )
+        where T : class
+    {
+        object data = await accessor.GetFormData(dataElementIdentifier);
+        if (data is T t)
+        {
+            return t;
+        }
+        throw new InvalidOperationException($"Data element {dataElementIdentifier} is not of type {typeof(T)}");
+    }
+
+    /// <summary>
+    /// Get all elements of a specific data type.
+    /// </summary>
+    public static IEnumerable<DataElement> GetDataElementsForType(
+        this IInstanceDataAccessor accessor,
+        string dataTypeId
+    ) => accessor.Instance.Data.Where(dataElement => dataTypeId.Equals(dataElement.DataType, StringComparison.Ordinal));
+
+    /// <summary>
+    /// Get all elements of a specific data type.
+    /// </summary>
+    public static IEnumerable<DataElement> GetDataElementsForType(
+        this IInstanceDataAccessor accessor,
+        DataType dataType
+    ) => accessor.GetDataElementsForType(dataType.Id);
+
+    /// <summary>
+    /// Retrieves the data elements associated with a specific task.
+    /// </summary>
+    /// <param name="accessor">The instance data accessor.</param>
+    /// <param name="taskId">The identifier of the task.</param>
+    /// <returns>An enumerable collection of tuples containing the data type and data element associated with the specified task.</returns>
+    public static IEnumerable<(DataType dataType, DataElement dataElement)> GetDataElementsForTask(
+        this IInstanceDataAccessor accessor,
+        string taskId
+    )
+    {
+        foreach (var dataElement in accessor.Instance.Data)
+        {
+            var dataType = accessor.GetDataType(dataElement.DataType);
+            if (taskId.Equals(dataType?.TaskId, StringComparison.Ordinal))
+            {
+                yield return (dataType, dataElement);
+            }
+        }
+    }
+
+    /// <summary>
+    /// Get all form data elements along with their data types.
+    /// </summary>
+    public static IEnumerable<(DataType dataType, DataElement dataElement)> GetDataElementsWithFormData(
+        this IInstanceDataAccessor accessor
+    )
+    {
+        foreach (var dataElement in accessor.Instance.Data)
+        {
+            var dataType = accessor.GetDataType(dataElement.DataType);
+            if (dataType?.AppLogic?.ClassRef is not null)
+            {
+                yield return (dataType, dataElement);
+            }
+        }
+    }
+
+    /// <summary>
+    /// Get all form data elements along with their data types for a specific task.
+    /// </summary>
+    public static IEnumerable<(DataType dataType, DataElement dataElement)> GetDataElementsWithFormDataForTask(
+        this IInstanceDataAccessor accessor,
+        string taskId
+    )
+    {
+        foreach (var dataElement in accessor.Instance.Data)
+        {
+            var dataType = accessor.GetDataType(dataElement.DataType);
+            if (dataType?.AppLogic?.ClassRef is not null && taskId.Equals(dataType.TaskId, StringComparison.Ordinal))
+            {
+                yield return (dataType, dataElement);
+            }
+        }
+    }
+
+    /// <summary>
+    /// Get all data elements along with their data types.
+    /// </summary>
+    public static IEnumerable<(DataType dataType, DataElement dataElement)> GetDataElements(
+        this IInstanceDataAccessor accessor
+    )
+    {
+        foreach (var dataElement in accessor.Instance.Data)
+        {
+            var dataType = accessor.GetDataType(dataElement.DataType);
+            if (dataType is not null)
+            {
+                yield return (dataType, dataElement);
+            }
+        }
+    }
 }
diff --git a/src/Altinn.App.Core/Features/Validation/Default/ExpressionValidator.cs b/src/Altinn.App.Core/Features/Validation/Default/ExpressionValidator.cs
index 9539bd0fe..58ec71910 100644
--- a/src/Altinn.App.Core/Features/Validation/Default/ExpressionValidator.cs
+++ b/src/Altinn.App.Core/Features/Validation/Default/ExpressionValidator.cs
@@ -51,7 +51,14 @@ IAppMetadata appMetadata
     /// <summary>
     /// Only run for tasks that specifies a layout set
     /// </summary>
-    public bool ShouldRunForTask(string taskId) => GetDataTypesWithExpressionsForTask(taskId).Any();
+    public bool ShouldRunForTask(string taskId) =>
+        _appMetadata
+            .GetApplicationMetadata()
+            .Result.DataTypes.Exists(dt =>
+                dt.TaskId == taskId
+                && dt.AppLogic?.ClassRef is not null
+                && _appResourceService.GetValidationConfiguration(dt.Id) is not null
+            );
 
     /// <summary>
     /// This validator has the code "Expression" and this is known by the frontend, who may request this validator to not run for incremental validation.
@@ -75,10 +82,10 @@ public async Task<List<ValidationIssue>> Validate(
     )
     {
         var validationIssues = new List<ValidationIssue>();
-        foreach (var (dataType, validationConfig) in GetDataTypesWithExpressionsForTask(taskId))
+        foreach (var (dataType, dataElement) in dataAccessor.GetDataElementsForTask(taskId))
         {
-            var formDataElementsForTask = dataAccessor.DataElements.Where(d => d.DataType == dataType.Id);
-            foreach (var dataElement in formDataElementsForTask)
+            var validationConfig = _appResourceService.GetValidationConfiguration(dataType.Id);
+            if (!string.IsNullOrEmpty(validationConfig))
             {
                 var issues = await ValidateFormData(dataElement, dataAccessor, validationConfig, taskId, language);
                 validationIssues.AddRange(issues);
@@ -426,19 +433,4 @@ out JsonElement validationsObject
         }
         return expressionValidations;
     }
-
-    private IEnumerable<KeyValuePair<DataType, string>> GetDataTypesWithExpressionsForTask(string taskId)
-    {
-        var appMetadata = _appMetadata.GetApplicationMetadata().Result;
-        foreach (
-            var dataType in appMetadata.DataTypes.Where(dt => dt.TaskId == taskId && dt.AppLogic?.ClassRef is not null)
-        )
-        {
-            var validationConfig = _appResourceService.GetValidationConfiguration(dataType.Id);
-            if (validationConfig != null)
-            {
-                yield return KeyValuePair.Create(dataType, validationConfig);
-            }
-        }
-    }
 }
diff --git a/src/Altinn.App.Core/Features/Validation/Default/LegacyIInstanceValidatorFormDataValidator.cs b/src/Altinn.App.Core/Features/Validation/Default/LegacyIInstanceValidatorFormDataValidator.cs
index 1fb78dbf5..741c06480 100644
--- a/src/Altinn.App.Core/Features/Validation/Default/LegacyIInstanceValidatorFormDataValidator.cs
+++ b/src/Altinn.App.Core/Features/Validation/Default/LegacyIInstanceValidatorFormDataValidator.cs
@@ -2,7 +2,6 @@
 using System.Diagnostics;
 using Altinn.App.Core.Configuration;
 using Altinn.App.Core.Features.Validation.Helpers;
-using Altinn.App.Core.Internal.App;
 using Altinn.App.Core.Models;
 using Altinn.App.Core.Models.Validation;
 using Microsoft.AspNetCore.Mvc.ModelBinding;
@@ -16,7 +15,6 @@ namespace Altinn.App.Core.Features.Validation.Default;
 public class LegacyIInstanceValidatorFormDataValidator : IValidator
 {
     private readonly IInstanceValidator _instanceValidator;
-    private readonly IAppMetadata _appMetadata;
     private readonly GeneralSettings _generalSettings;
 
     /// <summary>
@@ -24,12 +22,10 @@ public class LegacyIInstanceValidatorFormDataValidator : IValidator
     /// </summary>
     public LegacyIInstanceValidatorFormDataValidator(
         IOptions<GeneralSettings> generalSettings,
-        IInstanceValidator instanceValidator,
-        IAppMetadata appMetadata
+        IInstanceValidator instanceValidator
     )
     {
         _instanceValidator = instanceValidator;
-        _appMetadata = appMetadata;
         _generalSettings = generalSettings.Value;
     }
 
@@ -57,12 +53,7 @@ public async Task<List<ValidationIssue>> Validate(
     )
     {
         var issues = new List<ValidationIssue>();
-        var appMetadata = await _appMetadata.GetApplicationMetadata();
-        var dataTypes = appMetadata
-            .DataTypes.Where(d => d.TaskId == taskId && d.AppLogic?.ClassRef != null)
-            .Select(d => d.Id)
-            .ToList();
-        foreach (var dataElement in dataAccessor.DataElements.Where(d => dataTypes.Contains(d.DataType)))
+        foreach (var (_, dataElement) in dataAccessor.GetDataElementsWithFormDataForTask(taskId))
         {
             var data = await dataAccessor.GetFormData(dataElement);
             var modelState = new ModelStateDictionary();
diff --git a/src/Altinn.App.Core/Features/Validation/Wrappers/DataElementValidatorWrapper.cs b/src/Altinn.App.Core/Features/Validation/Wrappers/DataElementValidatorWrapper.cs
index 4bfcf7cc8..e9ca6f06d 100644
--- a/src/Altinn.App.Core/Features/Validation/Wrappers/DataElementValidatorWrapper.cs
+++ b/src/Altinn.App.Core/Features/Validation/Wrappers/DataElementValidatorWrapper.cs
@@ -11,17 +11,11 @@ internal class DataElementValidatorWrapper : IValidator
 {
     private readonly IDataElementValidator _dataElementValidator;
     private readonly string _taskId;
-    private readonly List<DataType> _dataTypes;
 
-    public DataElementValidatorWrapper(
-        IDataElementValidator dataElementValidator,
-        string taskId,
-        List<DataType> dataTypes
-    )
+    public DataElementValidatorWrapper(IDataElementValidator dataElementValidator, string taskId)
     {
         _dataElementValidator = dataElementValidator;
         _taskId = taskId;
-        _dataTypes = dataTypes;
     }
 
     /// <inheritdoc />
@@ -47,17 +41,10 @@ public async Task<List<ValidationIssue>> Validate(
     {
         var issues = new List<ValidationIssue>();
         var validateAllElements = _dataElementValidator.DataType == "*";
-        foreach (var dataElement in dataAccessor.DataElements)
+        foreach (var (dataType, dataElement) in dataAccessor.GetDataElementsForTask(taskId))
         {
             if (validateAllElements || _dataElementValidator.DataType == dataElement.DataType)
             {
-                var dataType = _dataTypes.Find(d => d.Id == dataElement.DataType);
-                if (dataType is null)
-                {
-                    throw new InvalidOperationException(
-                        $"DataType {dataElement.DataType} not found in dataTypes from applicationmetadata"
-                    );
-                }
                 var dataElementValidationResult = await _dataElementValidator.ValidateDataElement(
                     dataAccessor.Instance,
                     dataElement,
diff --git a/src/Altinn.App.Core/Features/Validation/Wrappers/FormDataValidatorWrapper.cs b/src/Altinn.App.Core/Features/Validation/Wrappers/FormDataValidatorWrapper.cs
index c92b68a46..7231a50f8 100644
--- a/src/Altinn.App.Core/Features/Validation/Wrappers/FormDataValidatorWrapper.cs
+++ b/src/Altinn.App.Core/Features/Validation/Wrappers/FormDataValidatorWrapper.cs
@@ -36,14 +36,9 @@ public async Task<List<ValidationIssue>> Validate(
     {
         var issues = new List<ValidationIssue>();
         var validateAllElements = _formDataValidator.DataType == "*";
-        foreach (var dataElement in dataAccessor.DataElements)
+        foreach (var (dataType, dataElement) in dataAccessor.GetDataElementsWithFormData())
         {
-            var dataType = dataAccessor.GetDataType(dataElement);
-            if (dataType.AppLogic?.ClassRef == null)
-            {
-                continue;
-            }
-            if (!validateAllElements && _formDataValidator.DataType != dataElement.DataType)
+            if (!validateAllElements && _formDataValidator.DataType != dataType.Id)
             {
                 continue;
             }
diff --git a/src/Altinn.App.Core/Helpers/DataModel/DataModel.cs b/src/Altinn.App.Core/Helpers/DataModel/DataModel.cs
index 14f1ad8bc..c231af7aa 100644
--- a/src/Altinn.App.Core/Helpers/DataModel/DataModel.cs
+++ b/src/Altinn.App.Core/Helpers/DataModel/DataModel.cs
@@ -17,21 +17,15 @@ public class DataModel
     /// <summary>
     /// Constructor that wraps a POCO data model, and gives extra tool for working with the data
     /// </summary>
-    public DataModel(IInstanceDataAccessor dataAccessor, ApplicationMetadata appMetadata)
+    public DataModel(IInstanceDataAccessor dataAccessor)
     {
         _dataAccessor = dataAccessor;
-        foreach (var dataElement in dataAccessor.DataElements)
+        foreach (var (dataType, dataElement) in dataAccessor.GetDataElementsWithFormData())
         {
-            var dataTypeId = dataElement.DataType;
-            var dataType = appMetadata.DataTypes.Find(d => d.Id == dataTypeId);
-            if (dataType is { MaxCount: 1, AppLogic.ClassRef: not null })
+            if (dataType is { MaxCount: 1 })
             {
                 _dataIdsByType.TryAdd(dataElement.DataType, dataElement);
             }
-            else
-            {
-                _dataIdsByType.TryAdd(dataElement.Id, null);
-            }
         }
     }
 
diff --git a/src/Altinn.App.Core/Implementation/AppResourcesSI.cs b/src/Altinn.App.Core/Implementation/AppResourcesSI.cs
index 3310e7961..1046be0aa 100644
--- a/src/Altinn.App.Core/Implementation/AppResourcesSI.cs
+++ b/src/Altinn.App.Core/Implementation/AppResourcesSI.cs
@@ -498,8 +498,8 @@ private static byte[] ReadFileContentsFromLegalPath(string legalPath, string fil
     public string? GetValidationConfiguration(string dataTypeId)
     {
         using var activity = _telemetry?.StartGetValidationConfigurationActivity();
-        string legalPath = $"{_settings.AppBasePath}{_settings.ModelsFolder}";
-        string filename = $"{legalPath}{dataTypeId}.{_settings.ValidationConfigurationFileName}";
+        string legalPath = Path.Join(_settings.AppBasePath, _settings.ModelsFolder);
+        string filename = Path.Join(legalPath, $"{dataTypeId}.{_settings.ValidationConfigurationFileName}");
         PathHelper.EnsureLegalPath(legalPath, filename);
 
         string? filedata = null;
diff --git a/src/Altinn.App.Core/Internal/Data/InstanceDataUnitOfWork.cs b/src/Altinn.App.Core/Internal/Data/InstanceDataUnitOfWork.cs
index d07fd9ee3..314f2426a 100644
--- a/src/Altinn.App.Core/Internal/Data/InstanceDataUnitOfWork.cs
+++ b/src/Altinn.App.Core/Internal/Data/InstanceDataUnitOfWork.cs
@@ -1,4 +1,5 @@
 using System.Collections.Concurrent;
+using System.Diagnostics;
 using System.Diagnostics.CodeAnalysis;
 using System.Globalization;
 using Altinn.App.Core.Features;
@@ -80,7 +81,7 @@ public async Task<object> GetFormData(DataElementIdentifier dataElementIdentifie
 
                 return _modelSerializationService.DeserializeFromStorage(
                     binaryData.Span,
-                    GetDataType(dataElementIdentifier)
+                    this.GetDataType(dataElementIdentifier)
                 );
             }
         );
@@ -89,10 +90,8 @@ public async Task<object> GetFormData(DataElementIdentifier dataElementIdentifie
     /// <inheritdoc />
     public async Task<ReadOnlyMemory<byte>> GetBinaryData(DataElementIdentifier dataElementIdentifier)
     {
-        if (_instanceOwnerPartyId == 0 || _instanceGuid == Guid.Empty)
-        {
-            throw new InvalidOperationException("Cannot access instance data before it has been created");
-        }
+        // Verify that the data element exists on the instance
+        GetDataElement(dataElementIdentifier);
 
         return await _binaryCache.GetOrCreate(
             dataElementIdentifier,
@@ -110,26 +109,19 @@ await _dataClient.GetDataBytes(
     /// <inheritdoc />
     public DataElement GetDataElement(DataElementIdentifier dataElementIdentifier)
     {
+        if (_instanceOwnerPartyId == 0 || _instanceGuid == Guid.Empty)
+        {
+            throw new InvalidOperationException("Cannot access instance data before it has been created");
+        }
+
         return Instance.Data.Find(d => d.Id == dataElementIdentifier.Id)
             ?? throw new InvalidOperationException(
-                $"Data element of id {dataElementIdentifier.Id} not found on instance"
+                $"Data element of id {dataElementIdentifier.Id} not found on instance with id {Instance.Id}"
             );
     }
 
     /// <inheritdoc />
-    public DataType GetDataType(DataElementIdentifier dataElementIdentifier)
-    {
-        var dataElement = GetDataElement(dataElementIdentifier);
-        var dataType = _appMetadata.DataTypes.Find(d => d.Id == dataElement.DataType);
-        if (dataType is null)
-        {
-            throw new InvalidOperationException(
-                $"Data type {dataElement.DataType} not found in applicationmetadata.json"
-            );
-        }
-
-        return dataType;
-    }
+    public DataType? GetDataType(string dataTypeId) => _appMetadata.DataTypes.Find(d => d.Id == dataTypeId);
 
     /// <inheritdoc />
     public FormDataChange AddFormDataElement(string dataTypeId, object model)
@@ -222,7 +214,17 @@ public void RemoveDataElement(DataElementIdentifier dataElementIdentifier)
                 $"Data element with id {dataElementIdentifier.Id} not found in instance"
             );
         }
-        var dataType = GetDataType(dataElementIdentifier);
+        var dataType =
+            GetDataType(dataElement.DataType)
+            ?? throw new InvalidOperationException(
+                $"Data element {dataElement.Id} has data type {dataElement.DataType}, but the data type is not found in app metadata"
+            );
+        if (_changesForDeletion.Any(c => c.DataElementIdentifier == dataElementIdentifier))
+        {
+            throw new InvalidOperationException(
+                $"Data element with id {dataElementIdentifier.Id} is already marked for deletion"
+            );
+        }
         if (dataType.AppLogic?.ClassRef is null)
         {
             _changesForDeletion.Add(
@@ -289,7 +291,7 @@ public DataElementChanges GetDataElementChanges(bool initializeAltinnRowId)
                 // Deleted (and created) changes gets added bellow
                 continue;
             }
-            var dataType = GetDataType(dataElementIdentifier);
+            var dataType = this.GetDataType(dataElementIdentifier);
 
             if (!_formDataCache.TryGetCachedValue(dataElementIdentifier, out object? data))
             {
@@ -359,8 +361,8 @@ DataElementChange change
         {
             BinaryDataChange bc => bc.CurrentBinaryData,
             FormDataChange fdc => fdc.CurrentBinaryData
-                ?? throw new InvalidOperationException("FormDataChange must set CurrentBinaryData before saving"),
-            _ => throw new InvalidOperationException("Change must be of type BinaryChange or FormDataChange"),
+                ?? throw new UnreachableException("FormDataChange must set CurrentBinaryData before saving"),
+            _ => throw new UnreachableException("Change must be of type BinaryChange or FormDataChange"),
         };
         // Use the BinaryData because we serialize before saving.
         var dataElement = await _dataClient.InsertBinaryData(
@@ -509,7 +511,7 @@ internal async Task SaveChanges(DataElementChanges changes)
     /// </summary>
     internal void SetFormData(DataElementIdentifier dataElementIdentifier, object data)
     {
-        var dataType = GetDataType(dataElementIdentifier);
+        var dataType = this.GetDataType(dataElementIdentifier);
         if (dataType.AppLogic?.ClassRef is not { } classRef)
         {
             throw new InvalidOperationException($"Data element {dataElementIdentifier.Id} don't have app logic");
diff --git a/src/Altinn.App.Core/Internal/Expressions/LayoutEvaluatorState.cs b/src/Altinn.App.Core/Internal/Expressions/LayoutEvaluatorState.cs
index 81b109efe..b72682244 100644
--- a/src/Altinn.App.Core/Internal/Expressions/LayoutEvaluatorState.cs
+++ b/src/Altinn.App.Core/Internal/Expressions/LayoutEvaluatorState.cs
@@ -29,12 +29,11 @@ public LayoutEvaluatorState(
         IInstanceDataAccessor dataAccessor,
         LayoutModel? componentModel,
         FrontEndSettings frontEndSettings,
-        ApplicationMetadata applicationMetadata,
         string? gatewayAction = null,
         string? language = null
     )
     {
-        _dataModel = new DataModel(dataAccessor, applicationMetadata);
+        _dataModel = new DataModel(dataAccessor);
         _componentModel = componentModel;
         _frontEndSettings = frontEndSettings;
         _instanceContext = dataAccessor.Instance;
diff --git a/src/Altinn.App.Core/Internal/Expressions/LayoutEvaluatorStateInitializer.cs b/src/Altinn.App.Core/Internal/Expressions/LayoutEvaluatorStateInitializer.cs
index 796d4aefb..343770ca7 100644
--- a/src/Altinn.App.Core/Internal/Expressions/LayoutEvaluatorStateInitializer.cs
+++ b/src/Altinn.App.Core/Internal/Expressions/LayoutEvaluatorStateInitializer.cs
@@ -85,47 +85,7 @@ public DataElement GetDataElement(DataElementIdentifier dataElementIdentifier)
                 );
         }
 
-        public DataType GetDataType(DataElementIdentifier dataElementIdentifier)
-        {
-            var dataElement = GetDataElement(dataElementIdentifier);
-            var dataType = _applicationMetadata.DataTypes.Find(d => d.Id == dataElement.DataType);
-            if (dataType is null)
-            {
-                throw new InvalidOperationException(
-                    $"Data type {dataElement.DataType} not found in applicationmetadata.json"
-                );
-            }
-
-            return dataType;
-        }
-
-        // Not implemented
-        public void AddFormDataElement(string dataType, object model)
-        {
-            throw new NotImplementedException(
-                "The obsolete LayoutEvaluatorStateInitializer.Init method does not support adding data elements"
-            );
-        }
-
-        public void AddAttachmentDataElement(
-            string dataType,
-            string contentType,
-            string? filename,
-            ReadOnlyMemory<byte> data
-        )
-        {
-            throw new NotImplementedException(
-                "The obsolete LayoutEvaluatorStateInitializer.Init method does not support adding data elements"
-            );
-        }
-
-        // Not implemented
-        public void RemoveDataElement(DataElementIdentifier dataElementIdentifier)
-        {
-            throw new NotImplementedException(
-                "The obsolete LayoutEvaluatorStateInitializer.Init method does not support removing data elements"
-            );
-        }
+        public DataType? GetDataType(string dataTypeId) => _applicationMetadata.DataTypes.Find(d => d.Id == dataTypeId);
     }
 
     /// <summary>
@@ -144,11 +104,11 @@ public async Task<LayoutEvaluatorState> Init(
         Debug.Assert(dataElement is not null);
         var appMetadata = await _appMetadata.GetApplicationMetadata();
         var dataAccessor = new SingleDataElementAccessor(instance, dataElement, appMetadata, data);
-        return new LayoutEvaluatorState(dataAccessor, layouts, _frontEndSettings, appMetadata, gatewayAction);
+        return new LayoutEvaluatorState(dataAccessor, layouts, _frontEndSettings, gatewayAction);
     }
 
     /// <inheritdoc />
-    public async Task<LayoutEvaluatorState> Init(
+    public Task<LayoutEvaluatorState> Init(
         IInstanceDataAccessor dataAccessor,
         string? taskId,
         string? gatewayAction = null,
@@ -156,8 +116,9 @@ public async Task<LayoutEvaluatorState> Init(
     )
     {
         LayoutModel? layouts = taskId is not null ? _appResources.GetLayoutModelForTask(taskId) : null;
-        var appMetadata = await _appMetadata.GetApplicationMetadata();
 
-        return new LayoutEvaluatorState(dataAccessor, layouts, _frontEndSettings, appMetadata, gatewayAction, language);
+        return Task.FromResult(
+            new LayoutEvaluatorState(dataAccessor, layouts, _frontEndSettings, gatewayAction, language)
+        );
     }
 }
diff --git a/src/Altinn.App.Core/Internal/Validation/IValidatorFactory.cs b/src/Altinn.App.Core/Internal/Validation/IValidatorFactory.cs
index 9498441e4..1b9480fb9 100644
--- a/src/Altinn.App.Core/Internal/Validation/IValidatorFactory.cs
+++ b/src/Altinn.App.Core/Internal/Validation/IValidatorFactory.cs
@@ -132,8 +132,7 @@ public IEnumerable<IValidator> GetValidators(string taskId)
         var dataTypes = _appMetadata.GetApplicationMetadata().Result.DataTypes;
 
         validators.AddRange(
-            GetDataElementValidators(taskId, dataTypes)
-                .Select(dev => new DataElementValidatorWrapper(dev, taskId, dataTypes))
+            GetDataElementValidators(taskId, dataTypes).Select(dev => new DataElementValidatorWrapper(dev, taskId))
         );
         validators.AddRange(
             GetFormDataValidators(taskId, dataTypes).Select(fdv => new FormDataValidatorWrapper(fdv, taskId))
@@ -143,9 +142,7 @@ public IEnumerable<IValidator> GetValidators(string taskId)
         foreach (var instanceValidator in _instanceValidators)
         {
             validators.Add(new LegacyIInstanceValidatorTaskValidator(_generalSettings, instanceValidator));
-            validators.Add(
-                new LegacyIInstanceValidatorFormDataValidator(_generalSettings, instanceValidator, _appMetadata)
-            );
+            validators.Add(new LegacyIInstanceValidatorFormDataValidator(_generalSettings, instanceValidator));
         }
 
         return validators;
diff --git a/test/Altinn.App.Api.Tests/Controllers/ActionsControllerTests.cs b/test/Altinn.App.Api.Tests/Controllers/ActionsControllerTests.cs
index 30771dc4d..c45192e09 100644
--- a/test/Altinn.App.Api.Tests/Controllers/ActionsControllerTests.cs
+++ b/test/Altinn.App.Api.Tests/Controllers/ActionsControllerTests.cs
@@ -580,9 +580,10 @@ public async Task<UserActionResult> HandleAction(UserActionContext context)
                 );
                 break;
             case "update":
-                var originalDataElement = context.DataMutator.FormDataElements.First(de => de.DataType == "Scheme");
-                var originalData = await context.DataMutator.GetFormData(originalDataElement);
-                var data = (Scheme)originalData;
+                var dataType =
+                    context.DataMutator.GetDataType("Scheme") ?? throw new Exception("DataType \"Scheme\" not found");
+                var originalDataElement = context.DataMutator.GetDataElementsForType(dataType).First();
+                var data = await context.DataMutator.GetFormData<Scheme>(originalDataElement);
 
                 data.TestCustomButtonReadOnlyInput = "Her kommer det data fra backend";
                 break;
@@ -606,7 +607,7 @@ await _dataClient.GetFormData(
                 result.AddUpdatedDataModel(dataGuid.ToString(), obsoleteData);
                 return result;
             case "delete":
-                var elementToDelete = context.DataMutator.FormDataElements.First(de => de.DataType == "Scheme");
+                var elementToDelete = context.DataMutator.GetDataElementsForType("Scheme").First();
                 context.DataMutator.RemoveDataElement(elementToDelete);
                 break;
             case "getClientActions":
diff --git a/test/Altinn.App.Api.Tests/Controllers/DataController_PostTests.cs b/test/Altinn.App.Api.Tests/Controllers/DataController_PostTests.cs
index e01e6b86f..68a85ab30 100644
--- a/test/Altinn.App.Api.Tests/Controllers/DataController_PostTests.cs
+++ b/test/Altinn.App.Api.Tests/Controllers/DataController_PostTests.cs
@@ -69,9 +69,10 @@ public async Task PostFormElement_DataProcessorsModifiesOtherElement_ReturnsChan
             "Task_1",
             async (instanceDataMutator, changes, language) =>
             {
-                var originalDataElement = instanceDataMutator
-                    .DataElements.Should()
-                    .ContainSingle(d => d.Id == _formElementId)
+                var (_, originalDataElement) = instanceDataMutator
+                    .GetDataElements()
+                    .Should()
+                    .ContainSingle(d => d.dataElement.Id == _formElementId)
                     .Which;
                 var postedSkjema = changes
                     .FormDataChanges.Should()
@@ -208,7 +209,7 @@ public async Task PostBinaryElement_DataWriteProcessorAddsAndRemovesElements()
                 var data = changes.BinaryDataChanges.Should().ContainSingle().Which;
                 data.CurrentBinaryData.ToArray().Should().BeEquivalentTo(binaryData);
                 instanceDataMutator.AddBinaryDataElement("specificFileType", "application/pdf", "test.pdf", binaryData);
-                var toDelete = instanceDataMutator.DataElements.Should().ContainSingle().Which;
+                var toDelete = instanceDataMutator.Instance.Data.Should().ContainSingle().Which;
                 toDelete.DataType.Should().Be("default");
                 instanceDataMutator.RemoveDataElement(toDelete);
                 await Task.CompletedTask;
diff --git a/test/Altinn.App.Api.Tests/Controllers/ProcessControllerTests.RunProcessNext_FailingValidator_ReturnsValidationErrors.verified.txt b/test/Altinn.App.Api.Tests/Controllers/ProcessControllerTests.RunProcessNext_FailingValidator_ReturnsValidationErrors.verified.txt
index 59102fb39..baa654b72 100644
--- a/test/Altinn.App.Api.Tests/Controllers/ProcessControllerTests.RunProcessNext_FailingValidator_ReturnsValidationErrors.verified.txt
+++ b/test/Altinn.App.Api.Tests/Controllers/ProcessControllerTests.RunProcessNext_FailingValidator_ReturnsValidationErrors.verified.txt
@@ -4,6 +4,18 @@
       ActivityName: ApplicationMetadata.Service.GetLayoutModel,
       IdFormat: W3C
     },
+    {
+      ActivityName: ApplicationMetadata.Service.GetLayoutModel,
+      IdFormat: W3C
+    },
+    {
+      ActivityName: ApplicationMetadata.Service.GetLayoutSet,
+      IdFormat: W3C
+    },
+    {
+      ActivityName: ApplicationMetadata.Service.GetLayoutSet,
+      IdFormat: W3C
+    },
     {
       ActivityName: ApplicationMetadata.Service.GetLayoutSet,
       IdFormat: W3C
@@ -28,20 +40,28 @@
       ActivityName: ApplicationMetadata.Service.GetLayoutSets,
       IdFormat: W3C
     },
+    {
+      ActivityName: ApplicationMetadata.Service.GetLayoutSets,
+      IdFormat: W3C
+    },
+    {
+      ActivityName: ApplicationMetadata.Service.GetLayoutSets,
+      IdFormat: W3C
+    },
     {
       ActivityName: ApplicationMetadata.Service.GetLayoutSetsForTask,
       IdFormat: W3C
     },
     {
-      ActivityName: ApplicationMetadata.Service.GetLayoutSettingsForSet,
+      ActivityName: ApplicationMetadata.Service.GetLayoutSetsForTask,
       IdFormat: W3C
     },
     {
-      ActivityName: ApplicationMetadata.Service.GetValidationConfiguration,
+      ActivityName: ApplicationMetadata.Service.GetLayoutSettingsForSet,
       IdFormat: W3C
     },
     {
-      ActivityName: ApplicationMetadata.Service.GetValidationConfiguration,
+      ActivityName: ApplicationMetadata.Service.GetLayoutSettingsForSet,
       IdFormat: W3C
     },
     {
@@ -153,6 +173,21 @@
       ],
       IdFormat: W3C
     },
+    {
+      ActivityName: Validation.RunValidator,
+      Tags: [
+        {
+          validation.issue_count: 0
+        },
+        {
+          validator.source: Expression
+        },
+        {
+          validator.type: ExpressionValidator
+        }
+      ],
+      IdFormat: W3C
+    },
     {
       ActivityName: Validation.RunValidator,
       Tags: [
diff --git a/test/Altinn.App.Api.Tests/Controllers/ProcessControllerTests.RunProcessNext_PdfFails_DataIsUnlocked.verified.txt b/test/Altinn.App.Api.Tests/Controllers/ProcessControllerTests.RunProcessNext_PdfFails_DataIsUnlocked.verified.txt
index 27cd52551..3471d54fa 100644
--- a/test/Altinn.App.Api.Tests/Controllers/ProcessControllerTests.RunProcessNext_PdfFails_DataIsUnlocked.verified.txt
+++ b/test/Altinn.App.Api.Tests/Controllers/ProcessControllerTests.RunProcessNext_PdfFails_DataIsUnlocked.verified.txt
@@ -4,6 +4,18 @@
       ActivityName: ApplicationMetadata.Service.GetLayoutModel,
       IdFormat: W3C
     },
+    {
+      ActivityName: ApplicationMetadata.Service.GetLayoutModel,
+      IdFormat: W3C
+    },
+    {
+      ActivityName: ApplicationMetadata.Service.GetLayoutSet,
+      IdFormat: W3C
+    },
+    {
+      ActivityName: ApplicationMetadata.Service.GetLayoutSet,
+      IdFormat: W3C
+    },
     {
       ActivityName: ApplicationMetadata.Service.GetLayoutSet,
       IdFormat: W3C
@@ -28,28 +40,36 @@
       ActivityName: ApplicationMetadata.Service.GetLayoutSets,
       IdFormat: W3C
     },
+    {
+      ActivityName: ApplicationMetadata.Service.GetLayoutSets,
+      IdFormat: W3C
+    },
+    {
+      ActivityName: ApplicationMetadata.Service.GetLayoutSets,
+      IdFormat: W3C
+    },
     {
       ActivityName: ApplicationMetadata.Service.GetLayoutSetsForTask,
       IdFormat: W3C
     },
     {
-      ActivityName: ApplicationMetadata.Service.GetLayoutSettingsForSet,
+      ActivityName: ApplicationMetadata.Service.GetLayoutSetsForTask,
       IdFormat: W3C
     },
     {
-      ActivityName: ApplicationMetadata.Service.GetTexts,
+      ActivityName: ApplicationMetadata.Service.GetLayoutSettingsForSet,
       IdFormat: W3C
     },
     {
-      ActivityName: ApplicationMetadata.Service.GetTexts,
+      ActivityName: ApplicationMetadata.Service.GetLayoutSettingsForSet,
       IdFormat: W3C
     },
     {
-      ActivityName: ApplicationMetadata.Service.GetValidationConfiguration,
+      ActivityName: ApplicationMetadata.Service.GetTexts,
       IdFormat: W3C
     },
     {
-      ActivityName: ApplicationMetadata.Service.GetValidationConfiguration,
+      ActivityName: ApplicationMetadata.Service.GetTexts,
       IdFormat: W3C
     },
     {
@@ -283,6 +303,21 @@
       ],
       IdFormat: W3C
     },
+    {
+      ActivityName: Validation.RunValidator,
+      Tags: [
+        {
+          validation.issue_count: 0
+        },
+        {
+          validator.source: Expression
+        },
+        {
+          validator.type: ExpressionValidator
+        }
+      ],
+      IdFormat: W3C
+    },
     {
       ActivityName: Validation.RunValidator,
       Tags: [
diff --git a/test/Altinn.App.Api.Tests/Data/apps/tdd/contributer-restriction/models/default.validation.json b/test/Altinn.App.Api.Tests/Data/apps/tdd/contributer-restriction/models/default.validation.json
new file mode 100644
index 000000000..73f38c259
--- /dev/null
+++ b/test/Altinn.App.Api.Tests/Data/apps/tdd/contributer-restriction/models/default.validation.json
@@ -0,0 +1,18 @@
+{
+    "$schema": "https://altinncdn.no/toolkits/altinn-app-frontend/4/schemas/json/validation/validation.schema.v1.json",
+    "validations": {
+        "melding.name": [
+            {
+                "condition": [
+                    "equals",
+                    [
+                        "dataModel",
+                        "melding.name"
+                    ],
+                    "Model"
+                ],
+                "message": "The file must be of type Model"
+            }
+        ]
+    }
+}
diff --git a/test/Altinn.App.Core.Tests/Features/Validators/Default/ExpressionValidatorTests.cs b/test/Altinn.App.Core.Tests/Features/Validators/Default/ExpressionValidatorTests.cs
index 50d82dd02..8c533664b 100644
--- a/test/Altinn.App.Core.Tests/Features/Validators/Default/ExpressionValidatorTests.cs
+++ b/test/Altinn.App.Core.Tests/Features/Validators/Default/ExpressionValidatorTests.cs
@@ -79,14 +79,14 @@ private async Task RunExpressionValidationTest(string fileName, string folder)
 
         var layout = new LayoutSetComponent(testCase.Layouts.Values.ToList(), "layout", dataType);
         var componentModel = new LayoutModel([layout], null);
-        var evaluatorState = new LayoutEvaluatorState(dataModel, componentModel, _frontendSettings.Value, appMedatada);
+        var evaluatorState = new LayoutEvaluatorState(dataModel, componentModel, _frontendSettings.Value);
         _layoutInitializer
             .Setup(init =>
                 init.Init(It.IsAny<IInstanceDataAccessor>(), "Task_1", It.IsAny<string?>(), It.IsAny<string?>())
             )
             .ReturnsAsync(evaluatorState);
 
-        var dataAccessor = new InstanceDataAccessorFake(instance) { { dataElement, dataModel } };
+        var dataAccessor = new InstanceDataAccessorFake(instance, appMedatada) { { dataElement, dataModel } };
 
         var validationIssues = await _validator.ValidateFormData(
             dataElement,
diff --git a/test/Altinn.App.Core.Tests/Features/Validators/Default/LegacyIValidationFormDataTests.cs b/test/Altinn.App.Core.Tests/Features/Validators/Default/LegacyIValidationFormDataTests.cs
index 579f91a9f..e7a78d08d 100644
--- a/test/Altinn.App.Core.Tests/Features/Validators/Default/LegacyIValidationFormDataTests.cs
+++ b/test/Altinn.App.Core.Tests/Features/Validators/Default/LegacyIValidationFormDataTests.cs
@@ -19,7 +19,6 @@ public class LegacyIValidationFormDataTests
 {
     private readonly LegacyIInstanceValidatorFormDataValidator _validator;
     private readonly Mock<IInstanceValidator> _instanceValidator = new(MockBehavior.Strict);
-    private readonly Mock<IAppMetadata> _appMetadata = new(MockBehavior.Strict);
     private readonly InstanceDataAccessorFake _instanceDataAccessor;
 
     private readonly ApplicationMetadata _applicationMetadata = new ApplicationMetadata("ttd/test")
@@ -45,10 +44,8 @@ public LegacyIValidationFormDataTests()
         var generalSettings = new GeneralSettings();
         _validator = new LegacyIInstanceValidatorFormDataValidator(
             Microsoft.Extensions.Options.Options.Create(generalSettings),
-            _instanceValidator.Object,
-            _appMetadata.Object
+            _instanceValidator.Object
         );
-        _appMetadata.Setup(am => am.GetApplicationMetadata()).ReturnsAsync(_applicationMetadata);
 
         _dataElement = new DataElement() { DataType = "test", Id = _dataId.ToString() };
         _instance = new Instance()
diff --git a/test/Altinn.App.Core.Tests/Features/Validators/LegacyValidationServiceTests/ValidationServiceOldTests.cs b/test/Altinn.App.Core.Tests/Features/Validators/LegacyValidationServiceTests/ValidationServiceOldTests.cs
index f25de56c1..db0cdc62f 100644
--- a/test/Altinn.App.Core.Tests/Features/Validators/LegacyValidationServiceTests/ValidationServiceOldTests.cs
+++ b/test/Altinn.App.Core.Tests/Features/Validators/LegacyValidationServiceTests/ValidationServiceOldTests.cs
@@ -23,7 +23,6 @@ namespace Altinn.App.Core.Tests.Features.Validators.LegacyValidationServiceTests
 public class ValidationServiceOldTests
 {
     private readonly Mock<ILogger<ValidationService>> _loggerMock = new();
-    private readonly Mock<IHttpContextAccessor> _httpContextAccessorMock = new();
     private readonly Mock<IDataClient> _dataClientMock = new(MockBehavior.Strict);
     private readonly Mock<IAppModel> _appModelMock = new(MockBehavior.Strict);
     private readonly Mock<IAppMetadata> _appMetadataMock = new(MockBehavior.Strict);
@@ -74,7 +73,7 @@ public async Task FileScanEnabled_VirusFound_ValidationShouldFail()
         var instance = new Instance() { Data = [dataElement] };
         var dataAccessor = new Mock<IInstanceDataAccessor>(MockBehavior.Strict);
         dataAccessor.SetupGet(da => da.Instance).Returns(instance);
-        dataAccessor.SetupGet(da => da.DataElements).Returns(instance.Data);
+        dataAccessor.Setup(da => da.GetDataType(dataType.Id)).Returns(dataType);
 
         List<ValidationIssueWithSource> validationIssues = await validationService.ValidateInstanceAtTask(
             dataAccessor.Object,
@@ -105,7 +104,7 @@ public async Task FileScanEnabled_PendingScanNotEnabled_ValidationShouldNotFail(
 
         var dataAccessorMock = new Mock<IInstanceDataAccessor>(MockBehavior.Strict);
         dataAccessorMock.SetupGet(da => da.Instance).Returns(instance);
-        dataAccessorMock.SetupGet(da => da.DataElements).Returns(instance.Data);
+        dataAccessorMock.Setup(da => da.GetDataType(dataType.Id)).Returns(dataType);
 
         List<ValidationIssueWithSource> validationIssues = await validationService.ValidateInstanceAtTask(
             dataAccessorMock.Object,
@@ -136,7 +135,7 @@ public async Task FileScanEnabled_PendingScanEnabled_ValidationShouldNotFail()
         var instance = new Instance() { Data = [dataElement] };
         var dataAccessorMock = new Mock<IInstanceDataAccessor>(MockBehavior.Strict);
         dataAccessorMock.SetupGet(da => da.Instance).Returns(instance);
-        dataAccessorMock.SetupGet(da => da.DataElements).Returns(instance.Data);
+        dataAccessorMock.Setup(da => da.GetDataType(dataType.Id)).Returns(dataType);
 
         List<ValidationIssueWithSource> validationIssues = await validationService.ValidateInstanceAtTask(
             dataAccessorMock.Object,
@@ -187,18 +186,13 @@ public async Task ValidateAndUpdateProcess_set_canComplete_validationstatus_and_
         const string taskId = "Task_1";
 
         // Mock setup
-        var appMetadata = new ApplicationMetadata("ttd/test-app")
+        var dataType = new DataType
         {
-            DataTypes = new List<DataType>
-            {
-                new DataType
-                {
-                    Id = "data",
-                    TaskId = taskId,
-                    MaxCount = 0,
-                },
-            },
+            Id = "data",
+            TaskId = taskId,
+            MaxCount = 0,
         };
+        var appMetadata = new ApplicationMetadata("ttd/test-app") { DataTypes = [dataType] };
         _appMetadataMock.Setup(a => a.GetApplicationMetadata()).ReturnsAsync(appMetadata);
 
         await using var serviceProvider = _serviceCollection.BuildServiceProvider();
@@ -215,7 +209,7 @@ public async Task ValidateAndUpdateProcess_set_canComplete_validationstatus_and_
         };
         var dataAccessorMock = new Mock<IInstanceDataAccessor>(MockBehavior.Strict);
         dataAccessorMock.SetupGet(da => da.Instance).Returns(instance);
-        dataAccessorMock.SetupGet(da => da.DataElements).Returns(instance.Data);
+        dataAccessorMock.Setup(da => da.GetDataType(dataType.Id)).Returns(dataType);
 
         var issues = await validationService.ValidateInstanceAtTask(dataAccessorMock.Object, taskId, null, null, null);
         issues.Should().BeEmpty();
@@ -230,18 +224,13 @@ public async Task ValidateAndUpdateProcess_set_canComplete_false_validationstatu
         const string taskId = "Task_1";
 
         // Mock setup
-        var appMetadata = new ApplicationMetadata("ttd/test-app")
+        var dataType = new DataType
         {
-            DataTypes = new List<DataType>
-            {
-                new DataType
-                {
-                    Id = "data",
-                    TaskId = taskId,
-                    MaxCount = 1,
-                },
-            },
+            Id = "data",
+            TaskId = taskId,
+            MaxCount = 1,
         };
+        var appMetadata = new ApplicationMetadata("ttd/test-app") { DataTypes = [dataType] };
         _appMetadataMock.Setup(a => a.GetApplicationMetadata()).ReturnsAsync(appMetadata);
 
         await using var serviceProvider = _serviceCollection.BuildServiceProvider();
@@ -269,7 +258,7 @@ public async Task ValidateAndUpdateProcess_set_canComplete_false_validationstatu
         };
         var dataAccessorMock = new Mock<IInstanceDataAccessor>(MockBehavior.Strict);
         dataAccessorMock.SetupGet(da => da.Instance).Returns(instance);
-        dataAccessorMock.SetupGet(da => da.DataElements).Returns(instance.Data);
+        dataAccessorMock.Setup(da => da.GetDataType(dataType.Id)).Returns(dataType);
 
         var issues = await validationService.ValidateInstanceAtTask(dataAccessorMock.Object, taskId, null, null, null);
         issues.Should().HaveCount(1);
diff --git a/test/Altinn.App.Core.Tests/LayoutExpressions/CommonTests/TestBackendExclusiveFunctions.cs b/test/Altinn.App.Core.Tests/LayoutExpressions/CommonTests/TestBackendExclusiveFunctions.cs
index 3ca5c4ed4..324a2f940 100644
--- a/test/Altinn.App.Core.Tests/LayoutExpressions/CommonTests/TestBackendExclusiveFunctions.cs
+++ b/test/Altinn.App.Core.Tests/LayoutExpressions/CommonTests/TestBackendExclusiveFunctions.cs
@@ -65,7 +65,6 @@ private async Task RunTestCase(string testName, string folder)
         _output.WriteLine(test.RawJson);
         _output.WriteLine(test.FullPath);
         var dataType = new DataType() { Id = "default" };
-        var appMetadata = new ApplicationMetadata("org/app") { DataTypes = [dataType] };
         var layout = new LayoutSetComponent(test.Layouts!.Values.ToList(), "layout", dataType);
         var componentModel = new LayoutModel([layout], null);
         var state = new LayoutEvaluatorState(
@@ -75,7 +74,6 @@ private async Task RunTestCase(string testName, string folder)
             ),
             componentModel,
             test.FrontEndSettings ?? new(),
-            appMetadata,
             test.GatewayAction,
             test.ProfileSettings?.Language
         );
diff --git a/test/Altinn.App.Core.Tests/LayoutExpressions/CommonTests/TestContextList.cs b/test/Altinn.App.Core.Tests/LayoutExpressions/CommonTests/TestContextList.cs
index a0179e8c7..fdc53fc78 100644
--- a/test/Altinn.App.Core.Tests/LayoutExpressions/CommonTests/TestContextList.cs
+++ b/test/Altinn.App.Core.Tests/LayoutExpressions/CommonTests/TestContextList.cs
@@ -71,7 +71,6 @@ private async Task RunTestCase(string filename, string folder)
 
         var instance = new Instance() { Data = [] };
         var dataType = new DataType() { Id = "default" };
-        var appMetadata = new ApplicationMetadata("org/app") { DataTypes = [dataType] };
         var layout = new LayoutSetComponent(test.Layouts.Values.ToList(), "layout", dataType);
         var componentModel = new LayoutModel([layout], null);
         var state = new LayoutEvaluatorState(
@@ -80,8 +79,7 @@ private async Task RunTestCase(string filename, string folder)
                 test.DataModel ?? JsonDocument.Parse("{}").RootElement
             ),
             componentModel,
-            new(),
-            appMetadata
+            new()
         );
 
         test.ParsingException.Should().BeNull("Loading of test failed");
diff --git a/test/Altinn.App.Core.Tests/LayoutExpressions/CommonTests/TestFunctions.cs b/test/Altinn.App.Core.Tests/LayoutExpressions/CommonTests/TestFunctions.cs
index 562560d4c..325684e49 100644
--- a/test/Altinn.App.Core.Tests/LayoutExpressions/CommonTests/TestFunctions.cs
+++ b/test/Altinn.App.Core.Tests/LayoutExpressions/CommonTests/TestFunctions.cs
@@ -194,8 +194,6 @@ private async Task RunTestCase(string testName, string folder)
             dataAccessor = DynamicClassBuilder.DataAccessorFromJsonDocument(test.Instance, test.DataModels);
         }
 
-        var appMedatada = new ApplicationMetadata("org/app") { DataTypes = dataTypes };
-
         LayoutModel? componentModel = null;
         if (test.Layouts is not null)
         {
@@ -206,7 +204,6 @@ private async Task RunTestCase(string testName, string folder)
             dataAccessor,
             componentModel,
             test.FrontEndSettings ?? new FrontEndSettings(),
-            appMedatada,
             test.GatewayAction,
             test.ProfileSettings?.Language
         );
diff --git a/test/Altinn.App.Core.Tests/LayoutExpressions/CommonTests/TestInvalid.cs b/test/Altinn.App.Core.Tests/LayoutExpressions/CommonTests/TestInvalid.cs
index 1f4c66565..7a7f99c38 100644
--- a/test/Altinn.App.Core.Tests/LayoutExpressions/CommonTests/TestInvalid.cs
+++ b/test/Altinn.App.Core.Tests/LayoutExpressions/CommonTests/TestInvalid.cs
@@ -50,8 +50,7 @@ public async Task Simple_Theory(string testName, string folder)
                     test.DataModel ?? JsonDocument.Parse("{}").RootElement
                 ),
                 componentModel,
-                test.FrontEndSettings ?? new(),
-                new ApplicationMetadata("org/app") { DataTypes = [dataType] }
+                test.FrontEndSettings ?? new()
             );
             await ExpressionEvaluator.EvaluateExpression(
                 state,
diff --git a/test/Altinn.App.Core.Tests/LayoutExpressions/FullTests/LayoutTestUtils.cs b/test/Altinn.App.Core.Tests/LayoutExpressions/FullTests/LayoutTestUtils.cs
index 6728cfcb9..61656a496 100644
--- a/test/Altinn.App.Core.Tests/LayoutExpressions/FullTests/LayoutTestUtils.cs
+++ b/test/Altinn.App.Core.Tests/LayoutExpressions/FullTests/LayoutTestUtils.cs
@@ -25,22 +25,8 @@ public static class LayoutTestUtils
     private static readonly Guid _instanceGuid = Guid.Parse("12345678-1234-1234-1234-123456789012");
     private static readonly Guid _dataGuid = Guid.Parse("12345678-1234-1234-1234-123456789013");
     private const string DataTypeId = "default";
-    private const string ClassRef = "NoClass";
     private const string TaskId = "Task_1";
 
-    private static readonly ApplicationMetadata _applicationMetadata = new(AppId)
-    {
-        DataTypes =
-        [
-            new DataType()
-            {
-                Id = DataTypeId,
-                TaskId = TaskId,
-                AppLogic = new() { ClassRef = ClassRef },
-            },
-        ],
-    };
-
     private static readonly Instance _instance = new()
     {
         Id = $"{InstanceOwnerPartyId}/{_instanceGuid}",
@@ -60,12 +46,27 @@ public static async Task<LayoutEvaluatorState> GetLayoutModelTools(object model,
     {
         var services = new ServiceCollection();
 
+        var modelType = model.GetType();
+        var modelTypeFullName = modelType.FullName!;
         var appMetadata = new Mock<IAppMetadata>(MockBehavior.Strict);
-
-        appMetadata.Setup(am => am.GetApplicationMetadata()).ReturnsAsync(_applicationMetadata);
+        var applicationMetadata = new ApplicationMetadata(AppId)
+        {
+            DataTypes =
+            [
+                new()
+                {
+                    Id = DataTypeId,
+                    TaskId = TaskId,
+                    AppLogic = new() { ClassRef = modelTypeFullName },
+                    AllowedContentTypes = ["application/json"],
+                    MaxCount = 1,
+                },
+            ],
+        };
+
+        appMetadata.Setup(am => am.GetApplicationMetadata()).ReturnsAsync(applicationMetadata);
         var appModel = new Mock<IAppModel>(MockBehavior.Strict);
-        var modelType = model.GetType();
-        appModel.Setup(am => am.GetModelType(ClassRef)).Returns(modelType);
+        appModel.Setup(am => am.GetModelType(modelTypeFullName)).Returns(modelType);
 
         var resources = new Mock<IAppResources>();
         var pages = new List<PageComponent>();
@@ -96,7 +97,7 @@ public static async Task<LayoutEvaluatorState> GetLayoutModelTools(object model,
         using var scope = serviceProvider.CreateScope();
         var initializer = scope.ServiceProvider.GetRequiredService<ILayoutEvaluatorStateInitializer>();
 
-        var dataAccessor = new InstanceDataAccessorFake(_instance) { { _dataElement, model } };
+        var dataAccessor = new InstanceDataAccessorFake(_instance, applicationMetadata) { { _dataElement, model } };
 
         return await initializer.Init(dataAccessor, TaskId);
     }
diff --git a/test/Altinn.App.Core.Tests/LayoutExpressions/TestUtilities/DynamicClassBuilder.cs b/test/Altinn.App.Core.Tests/LayoutExpressions/TestUtilities/DynamicClassBuilder.cs
index 964c0d517..e9867db44 100644
--- a/test/Altinn.App.Core.Tests/LayoutExpressions/TestUtilities/DynamicClassBuilder.cs
+++ b/test/Altinn.App.Core.Tests/LayoutExpressions/TestUtilities/DynamicClassBuilder.cs
@@ -141,7 +141,7 @@ public static IInstanceDataAccessor DataAccessorFromJsonDocument(
     )
     {
         object data = DataObjectFromJsonDocument(doc);
-        var dataAccessor = new InstanceDataAccessorFake(instance) { { dataElement, data } };
+        var dataAccessor = new InstanceDataAccessorFake(instance, applicationMetadata: null) { { dataElement, data } };
         return dataAccessor;
     }
 
@@ -150,7 +150,7 @@ public static IInstanceDataAccessor DataAccessorFromJsonDocument(
         List<DataModelAndElement> dataModels
     )
     {
-        var dataAccessor = new InstanceDataAccessorFake(instance);
+        var dataAccessor = new InstanceDataAccessorFake(instance, applicationMetadata: null);
         foreach (var pair in dataModels)
         {
             dataAccessor.Add(pair.DataElement, DataObjectFromJsonDocument(pair.Data));
diff --git a/test/Altinn.App.Core.Tests/LayoutExpressions/TestUtilities/InstanceDataAccessorFake.cs b/test/Altinn.App.Core.Tests/LayoutExpressions/TestUtilities/InstanceDataAccessorFake.cs
index b0b7b0384..2b750244f 100644
--- a/test/Altinn.App.Core.Tests/LayoutExpressions/TestUtilities/InstanceDataAccessorFake.cs
+++ b/test/Altinn.App.Core.Tests/LayoutExpressions/TestUtilities/InstanceDataAccessorFake.cs
@@ -7,18 +7,18 @@ namespace Altinn.App.Core.Tests.LayoutExpressions.TestUtilities;
 
 public class InstanceDataAccessorFake : IInstanceDataAccessor, IEnumerable<KeyValuePair<DataElement?, object>>
 {
-    private readonly ApplicationMetadata? _applicationMetadata;
+    private readonly ApplicationMetadata _applicationMetadata;
     private readonly string? _defaultTaskId;
     private readonly string _defaultDataType;
 
     public InstanceDataAccessorFake(
         Instance instance,
-        ApplicationMetadata? applicationMetadata = null,
+        ApplicationMetadata? applicationMetadata,
         string defaultTaskId = "Task_1",
         string defaultDataType = "default"
     )
     {
-        _applicationMetadata = applicationMetadata;
+        _applicationMetadata = applicationMetadata ?? new ApplicationMetadata("app/org") { DataTypes = [] };
         _defaultTaskId = defaultTaskId;
         _defaultDataType = defaultDataType;
         Instance = instance;
@@ -26,7 +26,6 @@ public InstanceDataAccessorFake(
     }
 
     private readonly Dictionary<DataElementIdentifier, object> _dataById = new();
-    private readonly Dictionary<string, object> _dataByType = new();
     private readonly List<KeyValuePair<DataElement, object>> _data = new();
 
     public void Add(DataElement? dataElement, object data, int maxCount = 1)
@@ -40,39 +39,28 @@ public void Add(DataElement? dataElement, object data, int maxCount = 1)
         }
 
         _dataById.Add(dataElement, data);
-        if (_applicationMetadata is not null)
+        var dataType = _applicationMetadata.DataTypes.Find(d => d.Id == dataElement.DataType);
+        if (dataType is null)
         {
-            var dataType = _applicationMetadata.DataTypes.Find(d => d.Id == dataElement.DataType);
-            if (dataType is null)
-            {
-                // Create a new dataType if it doesn't exist in the application metadata yet
-                dataType = new DataType()
-                {
-                    Id = dataElement.DataType,
-                    TaskId = _defaultTaskId,
-                    AppLogic = new() { ClassRef = data.GetType().FullName },
-                    MaxCount = maxCount,
-                };
-                _applicationMetadata.DataTypes.Add(dataType);
-            }
-
-            if (dataType.AppLogic is not null)
+            // Create a new dataType if it doesn't exist in the application metadata yet
+            dataType = new DataType()
             {
-                if (dataType.AppLogic.ClassRef != data.GetType().FullName)
-                    throw new InvalidOperationException(
-                        $"Data object registered for {dataElement.DataType} is not of type {dataType.AppLogic.ClassRef ?? "NULL"} as specified in applicationmetadata"
-                    );
-                if (dataType.MaxCount == 1)
-                {
-                    _dataByType[dataType.Id] = data;
-                }
-            }
+                Id = dataElement.DataType,
+                TaskId = _defaultTaskId,
+                AppLogic = new() { ClassRef = data.GetType().FullName },
+                MaxCount = maxCount,
+            };
+            _applicationMetadata.DataTypes.Add(dataType);
         }
-        else
+
+        if (dataType.AppLogic is not null)
         {
-            // We don't have application metadata, so just add the first element we see
-            _dataByType.TryAdd(dataElement.DataType, data);
+            if (dataType.AppLogic.ClassRef != data.GetType().FullName)
+                throw new InvalidOperationException(
+                    $"Data object registered for {dataElement.DataType} is not of type {dataType.AppLogic.ClassRef ?? "NULL"} as specified in applicationmetadata, but was {data.GetType().FullName}"
+                );
         }
+
         _data.Add(KeyValuePair.Create(dataElement, data));
     }
 
@@ -96,17 +84,16 @@ public DataElement GetDataElement(DataElementIdentifier dataElementIdentifier)
             );
     }
 
-    public DataType GetDataType(DataElementIdentifier dataElementIdentifier)
+    public DataType? GetDataType(string dataTypeId)
     {
         if (_applicationMetadata is null)
         {
             throw new InvalidOperationException("Application metadata not set for InstanceDataAccessorFake");
         }
-        var dataElement = GetDataElement(dataElementIdentifier);
-        var dataType = _applicationMetadata.DataTypes.Find(d => d.Id == dataElement.DataType);
+        var dataType = _applicationMetadata.DataTypes.Find(d => d.Id == dataTypeId);
         if (dataType is null)
         {
-            throw new InvalidOperationException($"Data type {dataElement.DataType} not found in applicationmetadata");
+            throw new InvalidOperationException($"Data type {dataTypeId} not found in applicationmetadata");
         }
 
         return dataType;

From 23221918d90961b2199e996f6e649203911b73b7 Mon Sep 17 00:00:00 2001
From: Ivar Nesje <ivarne@users.noreply.github.com>
Date: Fri, 22 Nov 2024 12:22:11 +0100
Subject: [PATCH 4/5] Fix issues exposed by dotnet 9 sdk (#920)

* Add direct reference to new versions of JWTCookieAuthentication's insecure depencencies
* Activate security scan of transitive depencecies on net8
* Warn on IDE0052: Remove unread private member
* Warn on CA1859: Use concrete types when possible for improved performance (but not in test)
* Fix related code
---
 .editorconfig                                        |  6 ++++++
 Directory.Build.props                                |  3 ++-
 src/Altinn.App.Api/Controllers/ActionsController.cs  |  2 +-
 src/Altinn.App.Api/Controllers/PdfController.cs      |  4 ----
 src/Altinn.App.Api/Controllers/ProfileController.cs  |  4 +---
 src/Altinn.App.Core/Altinn.App.Core.csproj           |  7 +++++++
 .../Maskinporten/Models/MaskinportenSettings.cs      |  2 +-
 .../Internal/Language/ApplicationLanguage.cs         | 11 +----------
 .../Controllers/PdfControllerTests.cs                | 12 ------------
 test/Directory.Build.props                           |  3 ++-
 10 files changed, 21 insertions(+), 33 deletions(-)

diff --git a/.editorconfig b/.editorconfig
index 11b6f6d7c..783c31927 100644
--- a/.editorconfig
+++ b/.editorconfig
@@ -116,6 +116,9 @@ dotnet_diagnostic.IDE0005.severity = warning
 
 dotnet_diagnostic.CA1825.severity = warning
 
+# IDE0052: Remove unread private member
+dotnet_diagnostic.IDE0052.severity = warning
+
 # CA1848: Use the LoggerMessage delegates
 dotnet_diagnostic.CA1848.severity = none
 
@@ -131,6 +134,9 @@ dotnet_diagnostic.CA1822.severity = warning
 # IDE0080: Remove unnecessary suppression operator
 dotnet_diagnostic.IDE0080.severity = error
 
+# CA1859: Use concrete types when possible for improved performance
+dotnet_diagnostic.CA1859.severity = warning
+
 # CA1716: Rename namespace "" so that it no longer conflicts with the reserved language keyword 'Interface'
 # TODO: fixing this would be breaking
 dotnet_diagnostic.CA1716.severity = suggestion
diff --git a/Directory.Build.props b/Directory.Build.props
index df4269238..aade32923 100644
--- a/Directory.Build.props
+++ b/Directory.Build.props
@@ -9,7 +9,8 @@
     <EnableNETAnalyzers>true</EnableNETAnalyzers>
     <AnalysisMode>Minimum</AnalysisMode>
     <Features>strict</Features>
-    <!-- <CodeAnalysisTreatWarningsAsErrors>false</CodeAnalysisTreatWarningsAsErrors> -->
+    <NuGetAudit>true</NuGetAudit>
+    <NuGetAuditMode>all</NuGetAuditMode>
   </PropertyGroup>
 
   <ItemGroup>
diff --git a/src/Altinn.App.Api/Controllers/ActionsController.cs b/src/Altinn.App.Api/Controllers/ActionsController.cs
index ed4a04400..7b542a4d9 100644
--- a/src/Altinn.App.Api/Controllers/ActionsController.cs
+++ b/src/Altinn.App.Api/Controllers/ActionsController.cs
@@ -238,7 +238,7 @@ private async Task<Dictionary<
         string,
         Dictionary<string, List<ValidationIssueWithSource>>
     >?> GetIncrementalValidations(
-        IInstanceDataAccessor dataAccessor,
+        InstanceDataUnitOfWork dataAccessor,
         DataElementChanges changes,
         List<string>? ignoredValidators,
         string? language
diff --git a/src/Altinn.App.Api/Controllers/PdfController.cs b/src/Altinn.App.Api/Controllers/PdfController.cs
index 04061d093..4176a7b0f 100644
--- a/src/Altinn.App.Api/Controllers/PdfController.cs
+++ b/src/Altinn.App.Api/Controllers/PdfController.cs
@@ -30,7 +30,6 @@ public class PdfController : ControllerBase
     private readonly IAppResources _resources;
     private readonly IAppModel _appModel;
     private readonly IDataClient _dataClient;
-    private readonly IWebHostEnvironment _env;
     private readonly IPdfService _pdfService;
 
     /// <summary>
@@ -41,7 +40,6 @@ public class PdfController : ControllerBase
     /// <param name="resources">The app resource service</param>
     /// <param name="appModel">The app model service</param>
     /// <param name="dataClient">The data client</param>
-    /// <param name="env">The environment</param>
     /// <param name="pdfService">The PDF service</param>
     public PdfController(
         IInstanceClient instanceClient,
@@ -50,7 +48,6 @@ public PdfController(
         IAppResources resources,
         IAppModel appModel,
         IDataClient dataClient,
-        IWebHostEnvironment env,
         IPdfService pdfService
     )
     {
@@ -59,7 +56,6 @@ IPdfService pdfService
         _resources = resources;
         _appModel = appModel;
         _dataClient = dataClient;
-        _env = env;
         _pdfService = pdfService;
     }
 
diff --git a/src/Altinn.App.Api/Controllers/ProfileController.cs b/src/Altinn.App.Api/Controllers/ProfileController.cs
index 8be647500..900e8c2e7 100644
--- a/src/Altinn.App.Api/Controllers/ProfileController.cs
+++ b/src/Altinn.App.Api/Controllers/ProfileController.cs
@@ -14,15 +14,13 @@ namespace Altinn.App.Api.Controllers;
 public class ProfileController : Controller
 {
     private readonly IProfileClient _profileClient;
-    private readonly ILogger _logger;
 
     /// <summary>
     /// Initializes a new instance of the <see cref="ProfileController"/> class
     /// </summary>
-    public ProfileController(IProfileClient profileClient, ILogger<ProfileController> logger)
+    public ProfileController(IProfileClient profileClient)
     {
         _profileClient = profileClient;
-        _logger = logger;
     }
 
     /// <summary>
diff --git a/src/Altinn.App.Core/Altinn.App.Core.csproj b/src/Altinn.App.Core/Altinn.App.Core.csproj
index 816034dd0..81fc57d1b 100644
--- a/src/Altinn.App.Core/Altinn.App.Core.csproj
+++ b/src/Altinn.App.Core/Altinn.App.Core.csproj
@@ -18,6 +18,13 @@
     <PackageReference Include="Altinn.Platform.Storage.Interface" Version="4.0.3" />
     <PackageReference Include="JsonPatch.Net" Version="3.1.1" />
     <PackageReference Include="JWTCookieAuthentication" Version="3.0.1" />
+    <!-- The follwoing are depencencies for JWTCookieAuthentication, but we need newer versions-->
+    <PackageReference Include="Microsoft.IdentityModel.Protocols.OpenIdConnect" Version="8.2.1"
+    />
+    <PackageReference Include="Microsoft.Rest.ClientRuntime" Version="2.3.24" />
+    <PackageReference Include="Microsoft.Rest.ClientRuntime.Azure" Version="3.3.19" />
+    <PackageReference Include="System.Text.RegularExpressions" Version="4.3.1" />
+    <!-- End JWTCookieAuthentication deps -->
     <PackageReference Include="Microsoft.ApplicationInsights.AspNetCore" Version="2.22.0" />
     <PackageReference Include="Microsoft.Extensions.Caching.Hybrid" Version="[9.0.0-preview.9.24556.5]" NoWarn="NU5104" />
     <PackageReference Include="Microsoft.FeatureManagement.AspNetCore" Version="3.5.0" />
diff --git a/src/Altinn.App.Core/Features/Maskinporten/Models/MaskinportenSettings.cs b/src/Altinn.App.Core/Features/Maskinporten/Models/MaskinportenSettings.cs
index eb0d57ddd..421d1de3f 100644
--- a/src/Altinn.App.Core/Features/Maskinporten/Models/MaskinportenSettings.cs
+++ b/src/Altinn.App.Core/Features/Maskinporten/Models/MaskinportenSettings.cs
@@ -229,7 +229,7 @@ public readonly record struct ValidationResult
         /// <summary>
         /// Shorthand: Is the object in a valid state?
         /// </summary>
-        public bool IsValid() => InvalidProperties.IsNullOrEmpty();
+        public bool IsValid() => InvalidProperties is null || !InvalidProperties.Any();
 
         /// <summary>
         /// Helpful summary of the result
diff --git a/src/Altinn.App.Core/Internal/Language/ApplicationLanguage.cs b/src/Altinn.App.Core/Internal/Language/ApplicationLanguage.cs
index 4fa514b90..a73a6cfa7 100644
--- a/src/Altinn.App.Core/Internal/Language/ApplicationLanguage.cs
+++ b/src/Altinn.App.Core/Internal/Language/ApplicationLanguage.cs
@@ -1,8 +1,6 @@
 using System.Text.Json;
 using Altinn.App.Core.Configuration;
 using Altinn.App.Core.Features;
-using Altinn.App.Core.Implementation;
-using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 
 namespace Altinn.App.Core.Internal.Language;
@@ -18,23 +16,16 @@ public class ApplicationLanguage : IApplicationLanguage
     };
 
     private readonly AppSettings _settings;
-    private readonly ILogger _logger;
     private readonly Telemetry? _telemetry;
 
     /// <summary>
     /// Initializes a new instance of the <see cref="ApplicationLanguage"/> class.
     /// </summary>
     /// <param name="settings">The app repository settings.</param>
-    /// <param name="logger">A logger from the built in logger factory.</param>
     /// <param name="telemetry">Telemetry for traces and metrics.</param>
-    public ApplicationLanguage(
-        IOptions<AppSettings> settings,
-        ILogger<AppResourcesSI> logger,
-        Telemetry? telemetry = null
-    )
+    public ApplicationLanguage(IOptions<AppSettings> settings, Telemetry? telemetry = null)
     {
         _settings = settings.Value;
-        _logger = logger;
         _telemetry = telemetry;
     }
 
diff --git a/test/Altinn.App.Api.Tests/Controllers/PdfControllerTests.cs b/test/Altinn.App.Api.Tests/Controllers/PdfControllerTests.cs
index 242477e4a..58670d1b6 100644
--- a/test/Altinn.App.Api.Tests/Controllers/PdfControllerTests.cs
+++ b/test/Altinn.App.Api.Tests/Controllers/PdfControllerTests.cs
@@ -66,9 +66,6 @@ public PdfControllerTests()
     [Fact]
     public async Task Request_In_Dev_Should_Generate()
     {
-        var env = new Mock<IWebHostEnvironment>();
-        env.Setup(a => a.EnvironmentName).Returns("Development");
-
         IOptions<GeneralSettings> generalSettingsOptions = Options.Create<GeneralSettings>(
             new() { HostName = "local.altinn.cloud" }
         );
@@ -106,7 +103,6 @@ public async Task Request_In_Dev_Should_Generate()
             _appResources.Object,
             _appModel.Object,
             _dataClient.Object,
-            env.Object,
             pdfService
         );
 
@@ -146,9 +142,6 @@ public async Task Request_In_Dev_Should_Generate()
     [Fact]
     public async Task Request_In_Dev_Should_Include_Frontend_Version()
     {
-        var env = new Mock<IWebHostEnvironment>();
-        env.Setup(a => a.EnvironmentName).Returns("Development");
-
         IOptions<GeneralSettings> generalSettingsOptions = Options.Create<GeneralSettings>(
             new() { HostName = "local.altinn.cloud" }
         );
@@ -186,7 +179,6 @@ public async Task Request_In_Dev_Should_Include_Frontend_Version()
             _appResources.Object,
             _appModel.Object,
             _dataClient.Object,
-            env.Object,
             pdfService
         );
 
@@ -228,9 +220,6 @@ public async Task Request_In_Dev_Should_Include_Frontend_Version()
     [Fact]
     public async Task Request_In_TT02_Should_Ignore_Frontend_Version()
     {
-        var env = new Mock<IWebHostEnvironment>();
-        env.Setup(a => a.EnvironmentName).Returns("Staging");
-
         IOptions<GeneralSettings> generalSettingsOptions = Options.Create<GeneralSettings>(
             new() { HostName = "org.apps.tt02.altinn.no" }
         );
@@ -268,7 +257,6 @@ public async Task Request_In_TT02_Should_Ignore_Frontend_Version()
             _appResources.Object,
             _appModel.Object,
             _dataClient.Object,
-            env.Object,
             pdfService
         );
 
diff --git a/test/Directory.Build.props b/test/Directory.Build.props
index 912572463..9d5ab2c2a 100644
--- a/test/Directory.Build.props
+++ b/test/Directory.Build.props
@@ -4,7 +4,7 @@
 
   <PropertyGroup>
     <AnalysisMode>Default</AnalysisMode>
-    <NoWarn>$(NoWarn);CS1591;CS0618;CS7022;CA1707;CA1822;CA1727;CA2201</NoWarn>
+    <NoWarn>$(NoWarn);CS1591;CS0618;CS7022;CA1707;CA1822;CA1727;CA2201;CA1859</NoWarn>
     <!--
         CS1591: Don't warn for missing XML doc
         CS0618: This is a test project, so we usually continue testing [Obsolete] apis
@@ -12,6 +12,7 @@
         CA1822: Mark members as static
         CA1727: Use PascalCase for named placeholders in the logging message template
         CA2201: Do not raise reserved exception types
+        CA1859: Use concrete types when possible for improved performance
     -->
   </PropertyGroup>
 

From 723992f221cc6dafea7d717c215416254bbf8f86 Mon Sep 17 00:00:00 2001
From: Ivar Nesje <ivarne@users.noreply.github.com>
Date: Fri, 22 Nov 2024 13:37:52 +0100
Subject: [PATCH 5/5] Second try on publishing github release notes to nuget
 (#922)

---
 .github/workflows/publish-release.yml |  3 +--
 src/Directory.Build.props             | 11 +++++++++--
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml
index 70366fcd2..4086593e6 100644
--- a/.github/workflows/publish-release.yml
+++ b/.github/workflows/publish-release.yml
@@ -42,8 +42,7 @@ jobs:
       - name: Pack
         run: |
           dotnet pack AppLibDotnet.sln --configuration Release --no-restore --no-build \
-            -p:Deterministic=true -p:BuildNumber=${{ github.run_number }} \
-            -p:PackageReleaseNotes="$(cat RELEASE_NOTES.md)"
+            -p:Deterministic=true -p:BuildNumber=${{ github.run_number }}
       - name: Versions
         run: |
           dotnet --version
diff --git a/src/Directory.Build.props b/src/Directory.Build.props
index 19c968229..07a6027ae 100644
--- a/src/Directory.Build.props
+++ b/src/Directory.Build.props
@@ -12,6 +12,15 @@
     <None Include="../../LICENSE" Pack="true" PackagePath="/" />
   </ItemGroup>
 
+  <Target Name="PreparePackageReleaseNotesFromFile" BeforeTargets="GenerateNuspec">
+    <ReadLinesFromFile File="../../RELEASE_NOTES.md">
+      <Output TaskParameter="Lines" ItemName="ReleaseNoteLines" />
+    </ReadLinesFromFile>
+    <PropertyGroup>
+      <PackageReleaseNotes>@(ReleaseNoteLines, '%0a')</PackageReleaseNotes>
+    </PropertyGroup>
+  </Target>
+
   <PropertyGroup>
     <AnalysisMode>Recommended</AnalysisMode>
     <ImplicitUsings>enable</ImplicitUsings>
@@ -23,13 +32,11 @@
     <MinVerTagPrefix>v</MinVerTagPrefix>
 
     <GenerateDocumentationFile>true</GenerateDocumentationFile>
-    <PackageReleaseNotes>https://github.com/Altinn/app-lib-dotnet/releases</PackageReleaseNotes>
     <Authors>Altinn Platform Contributors</Authors>
     <RepositoryType>git</RepositoryType>
     <RepositoryUrl>https://github.com/Altinn/app-lib-dotnet</RepositoryUrl>
     <PackageReadmeFile>README.md</PackageReadmeFile>
     <PackageLicenseFile>LICENSE</PackageLicenseFile>
-
     <PublishRepositoryUrl>true</PublishRepositoryUrl>
     <EmbedUntrackedSources>true</EmbedUntrackedSources>
     <IncludeSymbols>true</IncludeSymbols>