6.1.9 Security

29.5033GPP5G SystemRelease 18Stage 3TSUnified Data Management Services

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

As indicated in 3GPP TS 33.501 [6] and 3GPP TS 29.500 [4], the access to the Nudm_SDM API may be authorized by means of the OAuth2 protocol (see IETF RFC 6749 [18]), based on local configuration, using the "Client Credentials" authorization grant, where the NRF (see 3GPP TS 29.510 [19]) plays the role of the authorization server.

If OAuth2 is used, an NF Service Consumer, prior to consuming services offered by the Nudm_SDM API, shall obtain a "token" from the authorization server, by invoking the Access Token Request service, as described in 3GPP TS 29.510 [19], clause 5.4.2.2.

NOTE: When multiple NRFs are deployed in a network, the NRF used as authorization server is the same NRF that the NF Service Consumer used for discovering the Nudm_SDM service.

The Nudm_SDM API defines a single scope "nudm-sdm" for OAuth2 authorization (as specified in 3GPP TS 33.501 [6]) for the entire API, and it does not define any additional scopes at resource or operation level.