5 Services offered by the CAPIF Core Function
29.2223GPPCommon API Framework for 3GPP Northbound APIsRelease 18TS
5.1 Introduction of Services
The table 5.1-1 lists the CAPIF Core Function APIs below the service name. A service description clause for each API gives a general description of the related API.
Table 5.1-1: List of CAPIF Services
|
Service Name |
Service Operations |
Operation Semantics |
Consumer(s) |
|
CAPIF_Discover_Service_API |
Discover_Service_API |
Request/ Response |
API Invoker, CAPIF core function |
|
Event operations (NOTE) |
(NOTE) |
API Invoker |
|
|
CAPIF_Publish_Service_API |
Publish_Service_API |
Request/ Response |
API Publishing Function, CAPIF core function |
|
Unpublish_Service_API |
Request/ Response |
API Publishing Function, CAPIF core function |
|
|
Update_Service_API |
Request/ Response |
API Publishing Function, CAPIF core function |
|
|
Get_Service_API |
Request/ Response |
API Publishing Function, CAPIF core function |
|
|
CAPIF_Events_API |
Subscribe_Event |
Subscribe/Notify |
API Invoker, API Publishing Function, API Management Function, API Exposing Function |
|
Notify_Event |
Subscribe/Notify |
API Invoker, API Publishing Function, API Management Function, API Exposing Function |
|
|
Unsubscribe_Event |
Subscribe/Notify |
API Invoker, API Publishing Function, API Management Function, API Exposing Function |
|
|
CAPIF_API_Invoker_Management_API |
Onboard_API_Invoker |
Request/ Response |
API Invoker |
|
Offboard_API_Invoker |
Request/ Response |
API Invoker |
|
|
Notify_Onboarding_Completion |
Subscribe/Notify |
API Invoker |
|
|
Update_API_Invoker_Details |
Request/Response |
API Invoker |
|
|
Notify_Update_Completion |
Subscribe/Notify |
API Invoker |
|
|
CAPIF_Security_API |
Obtain_Security_Method |
Request/ Response |
API Invoker |
|
Obtain_Authorization |
Request/ Response |
API Invoker |
|
|
Obtain_API_Invoker_Info |
Request/ Response |
API exposing function |
|
|
Revoke_Authorization |
Request/ Response |
API exposing function |
|
|
CAPIF_Monitoring_API |
Event operations (NOTE) |
(NOTE) |
API Management Function |
|
CAPIF_Logging_API_Invocation_API |
Log_API_Invocation |
Request/ Response |
API exposing function |
|
CAPIF_Auditing_API |
Query_API_Invocation_Log |
Request/ Response |
API management function |
|
CAPIF_Access_Control_Policy_API |
Obtain_Access_Control_Policy |
Request/Response |
API Exposing Function |
|
CAPIF_API_Provider_Management_API |
Register_API_Provider |
Request/Response |
API Management Function |
|
Update_API_Provider |
Request/Response |
API Management Function |
|
|
Deregister_API_Provider |
Request/Response |
API Management Function |
|
|
CAPIF_Routing_Info_API |
Obtain_ Routing_Info |
Request/Response |
API exposing function |
|
NOTE: The service operations of CAPIF Events API are reused by the CAPIF_Discover_Service_API, CAPIF_Publish_Service_API and CAPIF_Monitoring_API for events related services. |
|||
Table 5.1-2 summarizes the corresponding APIs defined in this specification.
Table 5.1-2: API Descriptions
|
Service Name |
Clause |
Description |
OpenAPI Specification File |
apiName |
Annex |
|
CAPIF_Discover_Service_API |
8.1 |
CAPIF API discovery service |
TS29222_CAPIF_Discover_Service_API.yaml |
service-apis |
A.2 |
|
CAPIF_Publish_Service_API |
8.2 |
CAPIF API Publish Service |
TS29222_CAPIF_Publish_Service_API.yaml |
published-apis |
A.3 |
|
CAPIF_Events_API |
8.3 |
CAPIF event service |
TS29222_CAPIF_Events_API.yaml |
capif-events |
A.4 |
|
CAPIF_API_Invoker_Management_API |
8.4 |
CAPIF API Invoker Management Service |
TS29222_CAPIF_API_Invoker_Management_API.yaml |
api-invoker-management |
A.5 |
|
CAPIF_Security_API |
8.5 |
CAPIF Security Service |
TS29222_CAPIF_Security_API.yaml |
capif-security |
A.6 |
|
CAPIF_Access_Control_Policy_API |
8.6 |
CAPIF Access Control Policy API Service |
TS29222_CAPIF_Access_Control_Policy_API.yaml |
access-control-policy |
A.7 |
|
CAPIF_Logging_API_Invocation_API |
8.7 |
CAPIF Logging API Invocation Service |
TS29222_CAPIF_Logging_API_Invocation_API.yaml |
api-invocation-logs |
A.8 |
|
CAPIF_Auditing_API |
8.8 |
CAPIF Auditing API Service |
TS29222_CAPIF_Auditing_API.yaml |
logs |
A.9 |
|
CAPIF_API_Provider_Management_API |
8.9 |
CAPIF API Provider Management API Service |
TS29222_CAPIF_API_Provider_Management_API.yaml |
api-provider-management |
A.11 |
|
CAPIF_Routing_Info_API |
8.10 |
CAPIF Routing Information API Service |
TS29222_CAPIF_Routing_Info_API.yaml |
capif-routing-info |
A.12 |
5.2 CAPIF_Discover_Service_API
5.2.1 Service Description
5.2.1.1 Overview
The CAPIF discover service APIs, as defined in 3GPP TS 23.222 [2], allow API invokers via CAPIF-1/1e reference points to discover service API available at the CAPIF core function, and allow CAPIF core function via CAPIF-6 and CAPIF-6e reference points to discover service API available at other CAPIF core function.
5.2.2 Service Operations
5.2.2.1 Introduction
The service operation defined for CAPIF_Discover_Service_API is shown in table 5.2.2.1-1.
Table 5.2.2.1-1: Operations of the CAPIF_Discover_Service_API
|
Service operation name |
Description |
Initiated by |
|---|---|---|
|
Discover_Service_API |
This service operation is used by an API invoker to discover service API available at the CAPIF core function. This service operation is also used by CAPIF core function to discover service APIs available at other CAPIF core function. |
API invoker, CAPIF core function |
5.2.2.2 Discover_Service_API
5.2.2.2.1 General
This service operation is used by:
– an API invoker to discover service API available at the CAPIF core function; or
– a CAPIF core function to discover service API available at other CAPIF core function in interconnection scenario.
5.2.2.2.2 Consumer discovering service API using Discover_Service_API service operation
To discover service APIs available at the CAPIF core function, the consumer (e.g. API invoker) shall send an HTTP GET message with the API invoker Identifier or CAPIF core function Identifier and query parameters to the CAPIF core function as specified in clause 8.1.2.2.3.1.
Upon receiving the above described HTTP GET message, the CAPIF core function shall:
1. verify the identity of the consumer (e.g. API invoker) and check if the consumer is authorized to discover the service APIs;
2. if the consumer is authorized to discover the service APIs, the CAPIF core function shall:
a. search the CAPIF core function (API registry) for APIs matching the query criteria;
b. apply the discovery policy, if any, on the search results and filter the search results to obtain the list of service API description or the information of the CAPIF core function which is required to be contacted further for discovering the service APIs;
c. return the filtered search results or the information of the CAPIF core function in the response message. The shareableInformation for each of serviceAPIDescription is not provided in the filtered search results.
NOTE 1: The {apiRoot} part of the URI structure (defined in clause 5.2.4 of 3GPP TS 29.122 [14]) for the discovered APIs can be constructed by the API invoker based on either the "domainName" attribute (which contains all the required information, e.g. FQDN or IP address, port, a deployment specific string in the form of a sequence of path segments) or the "interfaceDescriptions" attribute of the AefProfile data type.
5.3 CAPIF_Publish_Service_API
5.3.1 Service Description
5.3.1.1 Overview
The CAPIF publish service APIs, as defined in 3GPP TS 23.222 [2], allow API publishing function via CAPIF-4 and CAPIF-4e reference points to publish and manage published service APIs at the CAPIF core function, and allow CAPIF core function via CAPIF-6 and CAPIF-6e reference points to publish and manage published service APIs at other CAPIF core function.
NOTE: Functions from 3rd party API provider domain can also access this API with sufficient permissions.
5.3.2 Service Operations
5.3.2.1 Introduction
The service operations defined for the CAPIF_Publish_Service API are shown in table 5.3.2.1-1.
Table 5.3.2.1-1: Operations of the CAPIF_Publish_Service_API
|
Service operation name |
Description |
Initiated by |
|---|---|---|
|
Publish_Service_API |
This service operation is used by an API publishing function to publish service APIs on the CAPIF core function. This service operation is also used by CAPIF core function to publish service APIs on other CAPIF core function. |
API publishing function, CAPIF core function |
|
Unpublish_Service_API |
This service operation is used by an API publishing function to un-publish service APIs from the CAPIF core function. This service operation is also used by CAPIF core function to un-publish service APIs on other CAPIF core function. |
API publishing function, CAPIF core function |
|
Get_Service_API |
This service operation is used by an API publishing function to retrieve service APIs from the CAPIF core function. This service operation is also used by CAPIF core function to retrieve service APIs on other CAPIF core function. |
API publishing function, CAPIF core function |
|
Update_Service_API |
This service operation is used by an API publishing function to update published service APIs on the CAPIF core function. This service operation is also used by CAPIF core function to update published service APIs on other CAPIF core function. |
API publishing function, CAPIF core function |
5.3.2.2 Publish_Service_API
5.3.2.2.1 General
This service operation is used by:
– an API publishing function to publish service APIs on the CAPIF core function: or
– a CAPIF core function to publish service APIs on other CAPIF core function in interconnection scenario.
5.3.2.2.2 API publishing function publishing service APIs on CAPIF core function using Publish_Service_API service operation
To publish service APIs at the CAPIF core function, the API publishing function shall send an HTTP POST message to the CAPIF core function. The body of the HTTP POST message shall include API Information as specified in clause 8.2.2.2.3.1.
Upon receiving the above described HTTP POST message, the CAPIF core function shall:
1. verify the identity of the API publishing function and check if the API publishing function is authorized to publish service APIs;
2. if the API publishing function is authorized to publish service APIs, the CAPIF core function shall:
a. verify the API Information present in the HTTP POST message and add the service APIs in the CAPIF core function (API registry);
b. If topology hiding is enabled as per policy, the CAPIF core function shall
i. determine the service APIs which require topology hiding as per policy;
ii. determine the API exposing function(s) responsible for the topology hiding for each service API which requires topology hiding;
iii. create a API topology hiding information for each service API which requires topology hiding by extracting the API identification information and the API exposing function(s) information from the service API information added to the CAPIF core function (API registry);
iv. replace the API exposing function(s) information in the service API information added to the CAPIF core function (API registry) with the corresponding API exposing function(s) information responsible for the topology hiding for service API;
v. send a notification message with the API topology hiding information to the API exposing function(s) which is responsible for the topology hiding for a service API and that has subscribed to the API_TOPOLOGY_HIDING_CREATED event;
vi. store the API topology hiding information in the CAPIF core function;
c. create a new resource using the service API information in the CAPIF core function (API registry) as specified in clause 8.2.2.1;
d. send a notification message with the updated service API, to all API Invokers that subscribed to the Service API Update event; and
e. return the CAPIF Resource URI in the response message.
5.3.2.2.3 CAPIF core function publishing service APIs on other CAPIF core function using Publish_Service_API service operation
To publish service APIs at other CAPIF core function, the CAPIF core function shall send an HTTP POST message to the peer CAPIF core function. The body of the HTTP POST message shall include API Information as specified in clause 8.2.2.2.3.1. For service API publishing on CAPIF-6 reference point, The CAPIF core function shall also include the published API path "pubApiPath" as specified in clause 8.2.4.2.2. The "pubApiPath" includes a list of CAPIF core function Identifiers within the same CAPIF provider domain, such list includes own CAPIF core function identifier and received CAPIF core function identifier(s) from other CAPIF core function.
If the CAPIF core function knows the peer CAPIF core function identifier, it shall not send the HTTP POST message to the peer CAPIF core function if the peer CAPIF core function identifier is included in the published API path.
Upon receiving the above described HTTP POST message, the CAPIF core function shall:
1. verify the identity of the requesting CAPIF core function in the URI and check if the CAPIF core function is authorized to publish service APIs;
2. if the requesting CAPIF core function is authorized to publish service APIs, the CAPIF core function shall check if own CAPIF core function identifier is within the published API path (if received). If it is not within the path, the CAPIF core function shall add its own identifier in the path; otherwise reject the HTTP POST request.
3. Then the CAPIF core function shall:
a. verify the rest API Information present in the HTTP POST message and add the service APIs in the CAPIF core function (API registry);
b. create a new resource as specified in clause 8.2.2.1;
c. send a notification message with the updated service API, to all API Invokers that subscribed to the Service API Update event; and
d. return the CAPIF Resource URI in the response message.
5.3.2.3 Unpublish_Service_API
5.3.2.3.1 General
This service operation is used by:
– an API publishing function to un-publish service APIs from the CAPIF core function; or
– a CAPIF core function to un-publish service APIs on other CAPIF core function in interconnection scenario.
5.3.2.3.2 Consumer un-publishing service APIs from CAPIF core function using Unpublish_Service_API service operation
To un-publish service APIs from the CAPIF core function, the consumer (e.g. API publishing function) shall send an HTTP DELETE message using the CAPIF Resource URI received during the publish operation to the CAPIF core function as specified in clause 8.2.2.3.3.3.
Upon receiving the above described HTTP DELETE message, the CAPIF core function shall
1. verify the identity of the consumer (e.g. API publishing function) and check if the consumer is authorized to un-publish service APIs;
2. if the consumer is authorized to un-publish service APIs, the CAPIF core function shall:
a. delete the resource pointed by the CAPIF Resource URI;
b. delete the relevant service APIs from the CAPIF core function (API registry);
c. If topology hiding is enabled as per policy, the CAPIF core function shall
i. determine the API topology hiding information associated with the service API and delete the corresponding API topology hiding information in the CAPIF core function;
ii. send a notification message with the deleted API topology hiding information to the corresponding API exposing function(s) which were responsible for the topology hiding of the service API and that subscribed to the API_TOPOLOGY_HIDING_REVOKED event; and
d. send a notification message with the deleted service API, to all API Invokers that subscribed to the Service API Update event.
5.3.2.4 Get_Service_API
5.3.2.4.1 General
This service operation is used by:
– an API publishing function to retrieve service APIs from the CAPIF core function; or
– a CAPIF core function to retrieve service APIs from other CAPIF core function in interconnection scenario.
5.3.2.4.2 Consumer retrieving service APIs from CAPIF core function using Get_Service_API service operation
To retrieve information about the published service APIs from the CAPIF core function, the consumer (e.g. API publishing function) shall send an HTTP GET message to the CAPIF core function. For retrieving the entire list of service APIs, the HTTP GET message shall be sent to the collection of service APIs resource representation URI as specified in clause 8.2.2.2.3.2. For retrieving a specific service API, the HTTP GET message shall be sent to that service API’s resource representation URI as described in clause 8.2.2.3.3.1.
Upon receiving the above described HTTP GET message, the CAPIF core function shall
1. verify the identity of the consumer (e.g. API publishing function) and check if the consumer is authorized to retrieve information about the published service APIs;
2. if the consumer is authorized to retrieve information about the published service APIs, the CAPIF core function shall:
a. respond with the requested API Information.
5.3.2.5 Update_Service_API
5.3.2.5.1 General
This service operation is used by:
– an API publishing function to update published service APIs on the CAPIF core function; or
– a CAPIF core function to update published service APIs on other CAPIF core function in interconnection scenario.
5.3.2.5.2 Consumer updating published service APIs on CAPIF core function using Update_Service_API service operation
To update information of published service APIs, the consumer (e.g. API publishing function) shall send an HTTP PUT message to that service API’s resource representation URI in the CAPIF core function. The body of the HTTP PUT message shall include updated API Information as specified in clause 8.2.2.3.3.2; otherwise, if the "PatchUpdate" feature defined in clause 8.2.6 is supported, the consumer (e.g. API publishing function) may send an HTTP PATCH request message to the concerned service API resource URI in the CAPIF core function. The body of the HTTP PATCH request message shall include the requested modifications as specified in clause 8.2.2.3.3.4.
Upon receiving the above described HTTP PUT or PATCH request message, the CAPIF core function shall
1. verify the identity of the consumer (e.g. API publishing function) and check if the consumer is authorized to update information of published service APIs;
2. if the consumer is authorized to update information of published service APIs, the CAPIF core function shall:
a. verify the API Information present in the HTTP PUT or PATCH request message and replace/modify the service APIs in the CAPIF core function (API registry);
b. If topology hiding is enabled as per policy, the CAPIF core function shall
i. if the service API being updated has a corresponding API topology hiding information in the CAPIF core function, then update the API topology hiding information with any updated API exposing function(s) information from the service API information replaced at the CAPIF core function (API registry);
ii. replace/modify the API exposing function(s) information in the service API information added to the CAPIF core function (API registry) with the corresponding API exposing function(s) information responsible for the topology hiding for service API;
iii. send a notification message with the API topology hiding information to the API exposing function(s) which is responsible for the topology hiding for a service API and that has subscribed to the API_TOPOLOGY_HIDING_CREATED event;
iv. update the API topology hiding information in the CAPIF core function;
c. replace/modify the existing resource accordingly using the updated service API information in the CAPIF core function (API registry); and
d. send a notification message with the updated service API, to all API Invokers that subscribed to the Service API Update event.
5.4 CAPIF_Events_API
5.4.1 Service Description
5.4.1.1 Overview
The CAPIF events APIs, as defined in 3GPP TS 23.222 [2], allow an API invoker via CAPIF-1/1e reference points, API exposure function via CAPIF-3/3e reference points, API publishing function via CAPIF-4/4e reference points and API management function via CAPIF-5/5e reference points to subscribe to and unsubscribe from CAPIF events and to receive notifications from CAPIF core function.
NOTE: The functional elements listed above are referred to as Subscriber in the service operations described in the clauses below.
5.4.2 Service Operations
5.4.2.1 Introduction
The service operations defined for the CAPIF_Events_API are shown in table 5.4.2.1-1.
Table 5.4.2.1-1: Operations of the CAPIF_Events_API
|
Service operation name |
Description |
Initiated by |
|---|---|---|
|
Subscribe_Event |
This service operation is used by a Subscriber to subscribe to CAPIF events. |
Subscriber |
|
Unsubscribe_Event |
This service operation is used by a Subscriber to unsubscribe from CAPIF events |
Subscriber |
|
Notify_Event |
This service operation is used by CAPIF core function to send a notification to a Subscriber |
CAPIF core function |
5.4.2.2 Subscribe_Event
5.4.2.2.1 General
This service operation is used by a Subscriber to subscribe to CAPIF events.
5.4.2.2.2 Subscribing to CAPIF events using Subscribe_Event service operation
To subscribe to CAPIF events, the Subscriber shall send an HTTP POST message to the CAPIF core function. The body of the HTTP POST message shall include Subscriber’s Identifier, Event Type and a Notification Destination URI as specified in clause 8.3.2.2.3.1.
For all events included in the HTTP POST message, if the Enhanced_event_report feature is supported, the Subscriber may include an event report requirement in the "eventReq" attribute including:
– event notification method (periodic, one time, on event detection) in the "notifMethod" attribute;
– maximum Number of Reports in the "maxReportNbr" attribute;
– monitoring duration in the "monDur" attribute;
– repetition period for periodic reporting in the "repPeriod" attribute; and/or
– immediate reporting indication in the "immRep" attribute.
If the Enhanced_event_report feature is supported, the Subscriber may also include an event filter in the "eventFilters" attribute. The "eventFilters" attribute shall include:
– if the event is SERVICE_API_AVAILABLE, SERVICE_API_UNAVAILABLE or SERVICE_API_UPDATE, the API IDs in the "apiIds" attribute;
– if the event is API_INVOKER_ONBOARDED or API_INVOKER_OFFBOARDED or API_INVOKER_UPDATED, the API invoker IDs in the "apiInvokerIds" attribute;
– if the event is ACCESS_CONTROL_POLICY_UPDATE, the API invoker IDs in the "apiInvokerIds" attribute and/or API identifications in the "apiIds" attribute; and/or
– if the event is SERVICE_API_INVOCATION_SUCCESS or SERVICE_API_INVOCATION_FAILURE, the API invoker IDs in the "apiInvokerIds" attribute, AEF identifiers in the "aefIds" attribute and/or API IDs in the "apiIds" attribute.
Upon receiving the above described HTTP POST message, the CAPIF core function shall:
1. verify the identity of the Subscriber and check if the Subscriber is authorized to subscribe to the CAPIF events mentioned in the HTTP POST message;
2. if the Subscriber is authorized to subscribe to the CAPIF events, the CAPIF core function shall:
a. create a new resource as specified in clause 8.3.2.1; and
b. return the CAPIF Resource URI in the response message.
5.4.2.3 Unsubscribe_Event
5.4.2.3.1 General
This service operation is used by a Subscriber to un-subscribe from CAPIF events.
5.4.2.3.2 Unsubscribing from CAPIF events using Unsubscribe_Event service operation
To unsubscribe from CAPIF events, the Subscriber shall send an HTTP DELETE message to the resource representing the event in the CAPIF core function as specified in clause 8.3.2.3.3.1.
Upon receiving the HTTP DELETE message, the CAPIF core function shall:
1. verify the identity of the Unsubscribing functional entity and check if the Unsubscribing functional entity is authorized to Unsubscribe from the CAPIF event associated with the CAPIF Resource URI; and
2. if the Unsubscribing functional entity is authorized to unsubscribe from the CAPIF events, the CAPIF core function shall delete the resource pointed by the CAPIF Resource URI.
5.4.2.4 Notify_Event
5.4.2.4.1 General
This service operation is used by CAPIF core function to send a notification to a Subscriber.
5.4.2.4.2 Notifying CAPIF events using Notify_Event service operation
To notify CAPIF events, the CAPIF core function shall send an HTTP POST message using the Notification Destination URI received in the subscription request. The body of the HTTP POST message shall include an Event Notification and CAPIF Resource URI.
If the Enhanced_event_report feature is supported, the CAPIF core function may include an event detail in the "eventDetail" attribute. The "eventDetail" attribute shall include:
– if the event is SERVICE_API_AVAILABLE or SERVICE_API_UNAVAILABLE, the API IDs in the "apiIds" attribute;
– if the event is SERVICE_API_UPDATE, the API descriptions in the "serviceAPIDescriptions" attribute;
– if the event is API_INVOKER_ONBOARDED or API_INVOKER_OFFBOARDED or API_INVOKER_UPDATED, the API invoker IDs in the "apiInvokerIds" attribute;
– if the event is ACCESS_CONTROL_POLICY_UPDATE, the access control policy information in the "accCtrlPolList" attribute;
– if the event is SERVICE_API_INVOCATION_SUCCESS or SERVICE_API_INVOCATION_FAILURE, the API invocation logs in the "invocationLogs" attribute; or
– if the event is API_TOPOLOGY_HIDING_CREATED or API_TOPOLOGY_HIDING_REVOKED, the API topology hiding information in the "apiTopoHide" attribute.
Upon receiving the HTTP POST message, the Subscriber shall process the Event Notification.
5.5 CAPIF_API_Invoker_Management_API
5.5.1 Service Description
5.5.1.1 Overview
The CAPIF API invoker management APIs, as defined in 3GPP TS 23.222 [2], allow API invokers via CAPIF-1/1e reference points to on-board and off-board itself as a recognized user of the CAPIF or update the API invoker’s details on the CAPIF core function.
5.5.2 Service Operations
5.5.2.1 Introduction
The service operations defined for the CAPIF API Invoker Management API are shown in table 5.5.2.1-1.
Table 5.5.2.1-1: Operations of the CAPIF_API_Invoker_Management_API
|
Service operation name |
Description |
Initiated by |
|---|---|---|
|
Onboard_API_Invoker |
This service operation is used by an API invoker to on-board itself as a recognized user of CAPIF |
API invoker |
|
Offboard_API_Invoker |
This service operation is used by an API invoker to off-board itself as a recognized user of CAPIF |
API invoker |
|
Notify_Onboarding_Completion |
This service operation is used by CAPIF core function to send an on-boarding notification to the API invoker. |
CAPIF core function |
|
Update_API_Invoker_Details |
This service operation is used by an API invoker to update API invoker’s details in the CAPIF core function. |
API Invoker |
|
Notify_Update_Completion |
This service operation is used by CAPIF core function to send an update notification to the API invoker |
CAPIF core function |
5.5.2.2 Onboard_API_Invoker
5.5.2.2.1 General
This service operation is used by an API invoker to on-board itself as a recognized user of CAPIF
5.5.2.2.2 API invoker on-boarding itself as a recognized user of CAPIF using Onboard_API_Invoker service operation
To on-board itself as a recognized user of the CAPIF, the API invoker shall send an HTTP POST message to the CAPIF core function. The body of the HTTP POST message shall include API invoker Enrolment Details, API List and a Notification Destination URI for on-boarding notification as specified in clause 8.4.2.2.3.1.
Upon receiving the above described HTTP POST message, the CAPIF core function shall check if it can determine authorization of the request and on-board the API invoker automatically. If the CAPIF core function:
1. can determine authorization of the request and on-board the API invoker automatically, the CAPIF core function:
a. shall process the API invoker Enrolment Details and the API List received in the HTTP POST message and determine if the request sent by the API invoker is authorized or not;
b. if the API invoker’s request is authorized, the CAPIF core function shall:
i. create the API invoker Profile consisting of an API invoker Identifier, Authentication Information, Authorization Information and CAPIF Identity Information;
ii. verify the API List present in the HTTP POST message and create a API List of APIs the API invoker is allowed to access;
iii. create a new resource as defined in clause 8.4.2.1;
iv. return the API invoker Profile, API List of APIs the API invoker is allowed to access and the CAPIF Resource URI in the response message.
2. cannot determine authorization of the request to on-board the API invoker automatically, the CAPIF core function:
a. shall acknowledge the receipt of the on-boarding request to the API invoker.
b. shall request the CAPIF administrator to validate the on-boarding request or the API management to validate the on-boarding request by sharing the API invoker Enrolment Details and the API List received in the HTTP POST message;
c. on receiving confirmation of successful validation of the on-boarding request from the CAPIF administrator or the API management, the CAPIF core function shall:
i. create the API invoker Profile consisting of an API invoker Identifier, Authentication Information, Authorization Information and CAPIF Identity Information;
ii. create a new resource as defined in clause 8.4.3;
iii. deliver the API invoker Profile, API List of APIs the API invoker is allowed to access and the CAPIF Resource URI to the API invoker in a notification.
NOTE 1: How the CAPIF core function determines that the CAPIF core function can process the request and on-board the API invoker automatically is out-of-scope of this specification.
NOTE 2: How the CAPIF core function determines that the API invoker’s request to on-board is authorized is specified in 3GPP TS 33.122 [16].
NOTE 3: Interactions between the CAPIF core function and the CAPIF administrator or the API management is out-of-scope of this specification.
NOTE 4: The onboarding credential received by the API invoker from the service provider as specified in 3GPP TS 33.122 [16] is included in the Authorization header field of the HTTP request message as described in IETF RFC 7235 [9].
NOTE 5: After the onboarding operation is completed the API Invoker no longer needs to maintain the Notification Destination URI and may delete it.
5.5.2.3 Offboard_API_Invoker
5.5.2.3.1 General
This service operation is used by an API invoker to stop being as a recognized user of CAPIF
5.5.2.3.2 API invoker off-boarding itself as a recognized user of CAPIF using Offboard_API_Invoker service operation
To off-board itself as a recognized user of the CAPIF, the API invoker shall send an HTTP DELETE message to its resource representation in the CAPIF core function as specified in clause 8.4.2.3.3.1.
Upon receiving the HTTP DELETE message, the CAPIF core function shall:
1. determine if the request sent by the API invoker is authorized or not;
2. if the API invoker’s request is authorized, the CAPIF core function shall:
a. delete the resource representation pointed by the CAPIF Resource Identifier; and
b. delete the related API invoker profile.
5.5.2.4 Notify_Onboarding_Completion
5.5.2.4.1 General
This service operation is used by the CAPIF core function to send a notification about the completion of the Onboarding operation to the API Invoker.
5.5.2.4.2 Notifying Onboarding completion using Notify_Onboarding_Completion service operation
When the CAPIF core function cannot immediately authorize the API invoker that issued an Onboarding request (see clause 5.5.2.2.2) it will send a response acknowledging the request and begin processing it. After completion, the CAPIF core function shall send an HTTP POST message using the Notification Destination URI received in the Onboarding request. The body of the HTTP POST message shall include the API Invoker Profile, API List of the APIs the API invoker is allowed to access and the CAPIF Resource URI.
Upon receiving the HTTP POST message, the API invoker shall process the message in the same manner it would have processed an immediate response to the Onboarding request, and respond to the HTTP POST message with an acknowledgement and no body.
5.5.2.5 Update_API_Invoker_Details
5.5.2.5.1 General
This service operation is used by an API invoker to update the API invoker’s profile details on the CAPIF core function.
5.5.2.5.2 API invoker updating its details on CAPIF using Update_API_Invoker_Details service operation
To update the API invoker’s profile details on the CAPIF core function, the API invoker shall send a HTTP PUT message to the CAPIF core function to its resource representation, requesting to replace all properties in the existing resource, addressed by the URI received in the response to the request that has created the API invoker profile resource. The properties "apiInvokerId" and "onboardingInformation" shall remain unchanged from the previously provided values. The body of the HTTP PUT message shall include the APIInvokerEnrolmentDetails data structure with API invoker identity information, API invoker details that need to be updated and a Notification Destination URI for update notification as specified in clause 8.4.2.3.3.2. API invoker details may include API invoker information and API List. Otherwise, if the "PatchUpdate" feature defined in clause 8.4.6 is supported, the consumer (e.g. API invoker function) may send an HTTP PATCH request message to the concerned service API resource URI in the CAPIF core function to modify the API invoker’s profile. The body of the HTTP PATCH request message shall include the APIInvokerEnrolmentDetailsPatch data structure.
Upon receiving the above described HTTP PUT or PATCH request message:
1. if the CAPIF core function decides to update the API list of the API invoker without validation by CAPIF administrator, then the CAPIF core function:
a. shall determine if the request in the HTTP PUT or PATCH request message by the API invoker is authorized or not.
b. verify that the "apiInvokerId" and "onboardingInformation" properties are same as in API invoker resource on CAPIF core function.
c. if the API invoker’s request is authorized and the properties "apiInvokerId" and "onboardingInformation" match, the CAPIF core function shall:
i. if the request contains an API list:
– create a list of APIs the API invoker is allowed to access; and
– update the resource identified by the CAPIF Resource URI of the API invoker’s HTTP PUT or PATCH request with the updated information in the request and the API list created in step A;
ii. if the request does not contain an API list, update the resource identified by the CAPIF Resource URI of the API invoker’s HTTP PUT or PATCH request with the updated information in the request; and
iii. return the updated API invoker details;
2. otherwise, the CAPIF core function:
a. shall acknowledge the receipt of the update API invoker details request to the API invoker.
b. verify that the "apiInvokerId" and "onboardingInformation" properties are same as in API invoker resource on CAPIF core function;
c. if the properties "apiInvokerId" and "onboardingInformation" match, then shall request the CAPIF administrator to validate the request or the API management to validate the request by sharing the API invoker identity information and the updated information received in the HTTP PUT message or PATCH request;
d. on receiving confirmation of successful validation of the request from the CAPIF administrator or the API management, the CAPIF core function shall:
i. update the resource identified by the CAPIF Resource URI of the API invoker’s HTTP PUT or PATCH request, with validated information; and
ii. return the updated API invoker details.
NOTE 1: How the CAPIF core function determines that the CAPIF core function can process the request and update the API list of the API invoker automatically is out-of-scope of this specification.
NOTE 2: Interactions between the CAPIF core function and the CAPIF administrator or the API management is out-of-scope of this specification.
NOTE 3: After the operation is completed the API Invoker no longer needs to maintain the Notification Destination URI and may delete it.
5.5.2.6 Notify_Update_Completion
5.5.2.6.1 General
This service operation is used by the CAPIF core function to send a notification about the completion of the update of API invoker’s details.
5.5.2.6.2 Notifying API invoker update completion using Notify_Update_Completion service operation
When the CAPIF core function cannot immediately grant the update request (see clause 5.5.2.5.2) it will send a response acknowledging the request and begin processing it. After completion, the CAPIF core function shall send an HTTP POST message using the Notification Destination URI received in the update details request. The body of the HTTP POST message shall include the updated API Invoker details.
Upon receiving the HTTP POST message, the API invoker shall process the message in the same manner it would have processed an immediate response to the update the details of the API invoker request, and respond to the HTTP POST message with HTTP response 204 No content.
5.6 CAPIF_Security_API
5.6.1 Service Description
5.6.1.1 Overview
The CAPIF security APIs, as defined in 3GPP TS 23.222 [2], allow:
– API invokers via CAPIF-1/1e reference points to (re-)negotiate the service security method and obtain authorization for invoking service APIs; and
– API exposing function via CAPIF-3/3e reference points to obtain authentication information of the API invoker for authentication of the API invoker and revoke the authorization for service APIs.
5.6.2 Service Operations
5.6.2.1 Introduction
The service operations defined for CAPIF_Security_API are shown in table 5.6.2.1-1.
Table 5.6.2.1-1: Operations of the CAPIF_Security_API
|
Service operation name |
Description |
Initiated by |
|---|---|---|
|
Obtain_Security_Method |
This service operation is used by an API invoker to negotiate and obtain information about service API security method for itself with CAPIF core function. This information is used by API invoker for service API invocations. |
API invoker |
|
Obtain_Authorization |
This service operation is used by an API invoker to obtain authorization to access service APIs. |
API invoker |
|
Obtain_API_Invoker_Info |
This service operation is used by an API exposing function to obtain the authentication or authorization information related to an API invoker. |
API exposing function |
|
Revoke_Authorization |
This service operation is used by an API exposing function to invalidate the authorization of an API invoker. |
API exposing function |
Security information is generated when requested by an API invoker, and is stored in the CAPIF Core function. The information can be accessed via a resource representation URI using the API invoker ID as described in clause 8.5.2.3. The URI is provided to the API invoker in the HTTP response to the creation request (via the Obtain_Security_Method service operation name).
Refer to clause 9.1.2a.2 for details about verifying that the API Exposing function has the ability to authorize API invokers prior to invoking service APIs.
5.6.2.2 Obtain_Security_Method
5.6.2.2.1 General
This service operation is used by an API invoker to negotiate and obtain service API security method from the CAPIF core function. The information received by API invoker shall be used for authentication with the API exposing function.
5.6.2.2.2 Request service API security method from CAPIF using Obtain_Security_Method service operation
To negotiate and obtain service API security method information from the CAPIF core function, the API invoker shall send an HTTP PUT message to the CAPIF core function. The body of the HTTP PUT message shall include Security Method Request and a Notification Destination URI for security related notifications. The Security Method Request from the API invoker contains the unique interface details of the service APIs and may contain a preferred method for each unique service API interface as specified in clause 8.5.2.3.3.3.
Upon receiving the above described HTTP PUT message, the CAPIF core function shall:
1. determine the security method for each service API interface as specified in 3GPP TS 33.122 [16];
2. store the Notification Destination URI for security related notification;
3. create a new resource as defined in clause 8.5.2.1; and
4. return the security method information and the CAPIF Resource URI in the response message.
5.6.2.3 Obtain_Authorization
5.6.2.3.1 General
This service operation is used by an API invoker to negotiate and obtain authorization information from the CAPIF core function. The information received by API invoker shall be used for authorization to invoke service APIs exposed by the API exposing function.
5.6.2.3.2 Obtain authorization using Obtain_Authorization service operation
To obtain authorization information from the CAPIF core function to invoke service APIs, the API invoker shall perform the functions of the resource owner, client and redirection endpoints as described in clause 6.5.2.3 of 3GPP TS 33.122 [16].
The API invoker shall send a POST request to the "Token Endpoint", as described in IETF RFC 6749 [23], clause 3.2. The "Token Endpoint" URI shall be:
{apiRoot}/capif-security/v1/securities/{securityId}/token
where {securityId} is the API invoker identifier and represents the "Individual trusted API invoker" resource created during obtain security method, as described in clause 5.6.2.2.
The body of the HTTP POST request shall indicate that the required OAuth2 grant must be of type "client_credentials". The "scope" parameter (if present) shall include a list of AEF identifiers and its associated API names the API invoker is trying to access (i.e., the API invoker expected scope).
The API invoker may use HTTP Basic authentication towards this endpoint, using the API invoker identifier as "username" and the onboarding secret as "password". Such username and password may be included in the header or body of the HTTP POST request.
On success, "200 OK" shall be returned. The payload body of the POST response shall contain the requested access token, the token type and the expiration time for the token. The access token shall be a JSON Web Token (JWT) as specified in IETF RFC 7519 [24]. The access token returned by the CAPIF core function shall include the claims encoded as a JSON object as specified in clause 8.5.4.2.8 and then digitally signed using JWS as specified in IETF RFC 7515 [25] and in Annex C.1 of 3GPP TS 33.122 [16].
The digitally signed access token shall be converted to the JWS Compact Serialization encoding as a string as specified in clause 7.1 of IETF RFC 7515 [25].
If the access token request fails at the CAPIF core function, the CAPIF core function shall return "400 Bad Request" status code, including a JSON object in the response payload, that includes details about the specific error that occurred.
5.6.2.4 Obtain_API_Invoker_Info
5.6.2.4.1 General
This service operation is used by an API exposing function to obtain the security information of API Invokers to be able to authenticate them and authorize each service API invocation by them.
5.6.2.4.2 Obtain API invoker’s security information using Obtain_API_Invoker_Info service operation
To obtain authentication or authorization information from the CAPIF core function to authenticate or authorize an API invoker, the API exposing function shall send an HTTP GET message to that API invoker’s resource representation URI in the CAPIF core function with an indication to request authentication and/or authorization information, as specified in clause 8.5.2.3.3.1.
Upon receiving the above described HTTP GET message, the CAPIF core function shall:
1. determine the security information of API invoker for all the service API interfaces of the API exposing function; and
2. return the security information in the response message.
NOTE: Functions from 3rd party API provider domain can also access this service operation with sufficient permissions.
5.6.2.5 Revoke_Authentication
5.6.2.5.1 General
This service operation is used by an API exposing function to invalidate the authorization of a specified API Invoker to invoke service APIs exposed by the calling API exposing function.
5.6.2.5.2 Invalidate authorization using Revoke_Authorization service operation
To invalidate authorization of an API invoker for all service APIs, the API exposing function shall send an HTTP DELETE message to that API invoker’s resource representation URI in the CAPIF core function using the API invoker ID as specified in clause 8.5.2.3.3.2.
Upon receiving the HTTP DELETE message, the CAPIF core function shall delete the resource representation and shall notify the API invoker of the authorization invalidation using the Notification Destination URI received in the Obtain_Security_Method message.
The CAPIF core function shall also invalidate the previously assigned access token when the authorization of all service APIs are revoked for the API invoker.
To invalidate authorization of an API invoker for some service APIs, the API exposing function shall send an HTTP POST message to that API invoker’s "delete" custom resource representation URI in the CAPIF core function with a list of the service APIs that should be revoked.
Upon receiving the HTTP POST message, the CAPIF core function shall revoke the authorization of the API invoker for the indicated service APIs (e.g. it may update the list of unauthorized APIs locally); and shall notify the API invoker of the authorization invalidation using the Notification Destination URI received in the Obtain_Security_Method message.
In both alternatives, the CAPIF core function shall acknowledge the HTTP request from the API exposing function.
NOTE: Functions from 3rd party API provider domain can also access this service operation with sufficient permissions.
5.7 CAPIF_Monitoring_API
The CAPIF monitoring API as defined in 3GPP TS 23.222 [2], allow the API management function via CAPIF-5/5e reference points to monitor service API invocations and receive such monitoring events from the CAPIF core function.
The CAPIF_Monitoring_API shall use the CAPIF_Events_API as described in clause 8.3 by setting the CAPIFEvent to one of the events as described in clause 8.3.4.3.3.
5.8 CAPIF_Logging_API_Invocation_API
5.8.1 Service Description
5.8.1.1 Overview
The Logging API invocations APIs, as defined in 3GPP TS 23.222 [2], allow API exposing functions via CAPIF-3/3e reference points to log the information related to service API invocations on the CAPIF core function.
NOTE: Functions from 3rd party API provider domain can also access this API with sufficient permissions.
5.8.2 Service Operations
5.8.2.1 Introduction
Table 5.8.2.1-1: Operations of the CAPIF_Logging_API_Invocation_API
|
Service operation name |
Description |
Initiated by |
|---|---|---|
|
Log_API_Invocation |
This service operation is used by an API exposing function to log API invocation information on CAPIF core function. |
API exposing function |
5.8.2.2 Log_API_Invocation_API
5.8.2.2.1 General
This service operation is used by an API exposing function to log API invocation information on CAPIF core function.
5.8.2.2.2 Logging service API invocations using Log_API_Invocation service operation
To log service API invocations at the CAPIF core function, the API exposing function shall send an HTTP POST message to the CAPIF core function. The body of the HTTP POST message shall include API exposing function identity information and API invocation log information as specified in clause 8.7.2.2.3.1.
Upon receiving the above described HTTP POST message, the CAPIF core function shall:
1. verify the identity of the API exposing function and check if the API exposing function is authorized to create service API invocation logs;
2. if the API exposing function is authorized to create service API invocation logs, the CAPIF core function shall:
a. process the API invocation log information received in the HTTP POST message and store the API invocation log information in the API repository;
b. create a new resource as defined in clause 8.7.2.1; and
c. return the CAPIF Resource Identifier in the response message.
5.9 CAPIF_Auditing_API
5.9.1 Service Description
5.9.1.1 Overview
The Auditing API, as defined in 3GPP TS 23.222 [2], allows API management functions via CAPIF-5/5e reference points to query the log information stored on the CAPIF core function.
NOTE: Functions from 3rd party API provider domain can also access this API with sufficient permissions.
5.9.2 Service Operations
5.9.2.1 Introduction
Table 5.9.2.1-1: Operations of the CAPIF_Auditing_API
|
Service operation name |
Description |
Initiated by |
|---|---|---|
|
Query_Invocation_Logs |
This service operation is used by an API management function to query API invocation information logs stored on CAPIF core function. |
API management function |
5.9.2.2 Query_Invocation_Logs_API
5.9.2.2.1 General
This service operation is used by an API management function to query API invocation information logs stored on CAPIF core function.
5.9.2.2.2 Query API invocation information logs using Query_Invocation_Logs service operation
To query service API invocation logs at the CAPIF core function, the API management function shall send an HTTP GET message with the API management function identity information and the log query to the CAPIF core function as specified in clause 8.8.2.2.3.1.
Upon receiving the above described HTTP GET message, the CAPIF core function shall:
1. verify the identity of the API management function and check if the API management function is authorized to query the service API invocation logs;
2. if the API management function is authorized to query the service API invocation logs, the CAPIF core function shall:
a. search the API invocation logs for logs matching the Log Query criteria; and
b. return the search results in the response message.
5.10 CAPIF_Access_Control_Policy_API
5.10.1 Service Description
5.10.1.1 Overview
The CAPIF access control policy APIs allow API exposing function via CAPIF-3/3e reference points to obtain the service API access policy from the CAPIF core function.
NOTE: Functions from 3rd party API provider domain can also access this API with sufficient permissions.
5.10.2 Service Operations
5.10.2.1 Introduction
Table 5.3.2.1-1: Operations of the CAPIF_Access_Control_Policy_API
|
Service operation name |
Description |
Initiated by |
|---|---|---|
|
Obtain_Access_Control_Policy |
This service operation is used by an API exposing function to obtain the access control policy from the CAPIF core function. |
API exposing function |
5.10.2.2 Obtain_Access_Control_Policy
5.10.2.2.1 General
This service operation is used by an API exposing function to obtain the access control policy from the CAPIF core function.
5.10.2.2.2 API exposing function obtaining access control policy from the CAPIF core function using Obtain_Access_Control_Policy service operation
To obtain the access control policy from the CAPIF core function, the API exposing function shall send an HTTP GET message to the CAPIF core function with the API exposing function Identifier and API identification. The GET message may include API invoker ID for retrieving access control policy of the requested API invoker as specified in clause 8.6.2.2.3.1.
Upon receiving the above described HTTP GET message, the CAPIF core function shall
1. verify the identity of the API exposing function and check if the API exposing function is authorized to obtain the access control policy corresponding to the API identification;
2. if the API exposing function is authorized to obtain the access control policy, the CAPIF core function shall respond with the access control policy information corresponding to the API identification and API invoker ID (if present) in the HTTP GET message.
5.10.3 Related Events
The CAPIF_Access_Control_Policy_API supports the subscription and notification of the status of access control information via the CAPIF_Events_API. The related events are specified in clause 8.3.4.3.3.
5.11 CAPIF_API_Provider_Management_API
5.11.1 Service Description
5.11.1.1 Overview
The CAPIF API provider management APIs, as defined in 3GPP TS 23.222 [2], allow API management functions via CAPIF-5 and CAPIF-5e reference points to register, deregister and update registration information of API provider domain functions (API Exposing Function, API Publishing Function, API management Function) as a recognized API provider domain of the CAPIF domain.
5.11.2 Service Operations
5.11.2.1 Introduction
The service operations defined for the CAPIF API Provider Management API are shown in table 5.11.2.1-1.
Table 5.11.2.1-1: Operations of the CAPIF_API_Provider_Management_API
|
Service operation name |
Description |
Initiated by |
|---|---|---|
|
Register_API_Provider |
This service operation is used by an API management function to register API provider domain functions as a recognized API provider domain of the CAPIF domain. |
API Management Function |
|
Update_API_Provider |
This service operation is used by an API management function to update the API provider domain functions details in the CAPIF domain. |
API Management Function |
|
Deregister_API_Provider |
This service operation is used by an API management function to deregister API provider domain functions as a recognized API provider domain of the CAPIF domain. |
API Management Function |
5.11.2.2 Register_API_Provider
5.11.2.2.1 General
This service operation is used by an API management function to register API provider domain functions as a recognized API provider of CAPIF domain.
5.11.2.2.2 API provider domain functions registering as a recognized API provider domain function of CAPIF using Register_API_Provider service operation
To register API provider domain as a recognized API provider of the CAPIF, the API management function shall send a HTTP POST message to the CAPIF core function. The body of the HTTP POST message shall include API provider Enrolment Details, consisting of details of all API provider domain functions and security information for CAPIF core function to validate the registration request.
Upon receiving the above described HTTP POST message, the CAPIF core function validates the security information and determine if the request sent by API management function is authorized or not. If the API management function is authorized, CAPIF core function shall:
a. create the API provider domain profile consisting of API provider domain ID, API provider domain functions profiles as per the request. CAPIF core function shall assign the identities for the API provider domain functions;
b. create a new resource as defined in clause 8.9.2.2.3.1; and
c. return the API provider domain profile, the CAPIF Resource URI in the response message and registration failure information specific to individual API provider domain functions.
5.11.2.3 Update_API_Provider
5.11.2.3.1 General
This service operation is used by an API management function to update API provider domain function details on the CAPIF domain.
5.11.2.3.2 API management function updating API provider domain function details on CAPIF using Update_API_Provider service operation
To update the API provider domain profile and its individual functions details on CAPIF domain, the API management function shall send a HTTP PUT message to its resource representation in the CAPIF core function as specified in clause 8.9.2.3.3.1, requesting to replace all properties in the existing resource, addressed by the URI received in the response to the request that has created the API provider domain profile resource. The property "apiProviderDomainId", shall remain unchanged from the previously provided values. The body of the HTTP PUT message shall include the APIProviderEnrolmentDetails data structure that need to be updated. If the "PatchUpdate" feature defined in clause 8.9.6 is supported for modification of the API provider domain profile, the consumer (e.g. API publishing function) may send an HTTP PATCH request message to the concerned service API resource URI in the CAPIF core function. The body of the HTTP PATCH request message shall include the APIProviderEnrolmentDetailsPatch data structure.
Upon receiving the described HTTP PUT or PATCH request message:
1. the CAPIF core function shall process the updates received in the HTTP PUT or PATCH request message and determine if the request sent by API management function is authorized or not;
2. verify that the "apiProviderDomainId" property is same as in the API provider domain resource on CAPIF Core Function.
3. if the API management function is authorized and the property "apiProviderDomainId" matches, then the CAPIF core function shall:
a. replace/modify the representation of the resource identified by the CAPIF Resource URI of the API management function’s HTTP PUT or PATCH request with updated information in the request;
b. update the individual API provider domain function profiles as per the request. CAPIF core function shall create new API provider domain function profiles along with assignment of identities, if the API provider domain functions profiles in the request do not exist in CAPIF; and
c. return a "200 OK" status code with the updated API provider domain information, or a "204 No Content" status code.
5.11.2.4 Deregister_API_Provider
5.11.2.4.1 General
This service operation is used by an API management function to deregister the API provider domain function as a recognized API provider of the CAPIF domain.
5.11.2.4.2 API provider domain functions deregistering as a recognized API provider domain function of CAPIF using Deregister_API_Provider service operation
To deregister API provider domain as a recognized API provider of the CAPIF domain, the API management function shall send an HTTP DELETE message to its resource representation in the CAPIF core function as specified in clause 8.9.2.3.3.2.
Upon receiving the HTTP DELETE message, the CAPIF core function shall:
1. determine if the request sent by the API management functions is authorized or not;
2. if the API management function’s request is authorized, the CAPIF core function shall:
a. delete the resource representation pointed by the CAPIF Resource Identifier; and
b. delete the related API provider domain profile.
5.12 CAPIF_Routing_Info_API
5.12.1 Service Description
5.12.1.1 Overview
The CAPIF routing info API allows an API exposing function via CAPIF-3/3e reference point to obtain the API routing information from the CAPIF core function.
NOTE: Functions from 3rd party API provider domain can also access this API routing information with sufficient permissions.
5.12.2 Service Operations
5.12.2.1 Introduction
Table 5.12.2.1-1: Operations of the CAPIF_Routing_Info_API
|
Service operation name |
Description |
Initiated by |
|---|---|---|
|
Obtain_Routing_Info |
This service operation is used by an API exposing function to obtain the API routing information from the CAPIF core function. |
API exposing function |
5.12.2.2 Obtain_Routing_Info
5.12.2.2.1 General
This service operation is used by an API exposing function to obtain the API routing information from the CAPIF core function.
5.12.2.2.2 API exposing function obtaining API routing information from the CAPIF core function using Obtain_Routing_Info service operation
To obtain the API routing information from the CAPIF core function, the API exposing function shall send an HTTP GET request message to the CAPIF core function with the API exposing function Identifier and API identification as specified in clause 8.10.2.2.3.1.
Upon receiving the above described HTTP GET message, the CAPIF core function shall
1. verify the identity of the API exposing function and check if the API exposing function is authorized to obtain the API routing information corresponding to the API identification;
2. if the API exposing function is authorized to obtain the API routing information, the CAPIF core function shall respond with the API routing information corresponding to the API identification in the HTTP GET response message.