OpenAPI
OpenAPI Version: 3.0.0
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
API for CAPIF security management.
OpenAPI Version: 3.0.0
Title: CAPIF_Security_API
Description: This API enables the API publishing function to communicate with the CAPIF core function to publish the service API information and manage the published service API information. This API also enables the API exposing function to communicate with the CAPIF core function to retrieve the security information of an API invoker.
Version: "1.0.0"
Description: 3GPP TS 29.222 V15.2.0 Common API Framework for 3GPP Northbound APIs
URL: http://www.3gpp.org/ftp/Specs/archive/29_series/29.222/
URL: '{apiRoot}/capif-security/v1'
Variables:
API Root:
Default: https://example.com
Description: apiRoot as defined in subclause 7.5 of 3GPP TS 29.222.
get:
Parameters:
- name: apiInvokerId
In: path
Description: Identifier of an individual API invoker
Required/Optional: true
Schema:
Type: string
- name: authenticationInfo
In: query
Description: When set to 'true', it indicates the CAPIF core function to send the authentication information of the API invoker. Set to false or omitted otherwise.
Schema:
Type: boolean
- name: authorizationInfo
In: query
Description: When set to 'true', it indicates the CAPIF core function to send the authorization information of the API invoker. Set to false or omitted otherwise.
Schema:
Type: boolean
Responses:
'200' The security related information of the API Invoker based on the request from the API exposing function.
Content:
Application/JSON:
Schema:
Reference: '#/components/schemas/ServiceSecurity'
'400': Reference 'TS29122_CommonData.yaml#/components/responses/400'
'401': Reference 'TS29122_CommonData.yaml#/components/responses/401'
'403': Reference 'TS29122_CommonData.yaml#/components/responses/403'
'404': Reference 'TS29122_CommonData.yaml#/components/responses/404'
'406': Reference 'TS29122_CommonData.yaml#/components/responses/406'
'414': Reference 'TS29122_CommonData.yaml#/components/responses/414'
'429': Reference 'TS29122_CommonData.yaml#/components/responses/429'
'500': Reference 'TS29122_CommonData.yaml#/components/responses/500'
'503': Reference 'TS29122_CommonData.yaml#/components/responses/503'
default: Reference 'TS29122_CommonData.yaml#/components/responses/default'
put:
Parameters:
- name: apiInvokerId
In: path
Description: Identifier of an individual API invoker
Required/Optional: true
Schema:
Type: string
Request Body:
Description: create a security context for an API invoker
Required/Optional: true
Content:
Application/JSON:
Schema:
Reference: '#/components/schemas/ServiceSecurity'
Callbacks:
notificationDestination:
'{request.body#/notificationDestination}':
Method: Post
Request Body:
Required/Optional: true
Content:
Application/JSON:
Schema:
Reference: '#/components/schemas/SecurityNotification'
Responses:
'204' No Content (successful notification)
'400': Reference 'TS29122_CommonData.yaml#/components/responses/400'
'401': Reference 'TS29122_CommonData.yaml#/components/responses/401'
'403': Reference 'TS29122_CommonData.yaml#/components/responses/403'
'404': Reference 'TS29122_CommonData.yaml#/components/responses/404'
'411': Reference 'TS29122_CommonData.yaml#/components/responses/411'
'413': Reference 'TS29122_CommonData.yaml#/components/responses/413'
'415': Reference 'TS29122_CommonData.yaml#/components/responses/415'
'429': Reference 'TS29122_CommonData.yaml#/components/responses/429'
'500': Reference 'TS29122_CommonData.yaml#/components/responses/500'
'503': Reference 'TS29122_CommonData.yaml#/components/responses/503'
default: Reference 'TS29122_CommonData.yaml#/components/responses/default'
Responses:
'201' Successful created.
Content:
Application/JSON:
Schema:
Reference: '#/components/schemas/ServiceSecurity'
Headers:
Location:
Description: 'Contains the URI of the newly created resource, according to the structure: {apiRoot}/capif-security/v1/trustedInvokers/{apiInvokerId}'
Required/Optional: true
Schema:
Type: string
'400': Reference 'TS29122_CommonData.yaml#/components/responses/400'
'401': Reference 'TS29122_CommonData.yaml#/components/responses/401'
'403': Reference 'TS29122_CommonData.yaml#/components/responses/403'
'411': Reference 'TS29122_CommonData.yaml#/components/responses/411'
'413': Reference 'TS29122_CommonData.yaml#/components/responses/413'
'414': Reference 'TS29122_CommonData.yaml#/components/responses/414'
'415': Reference 'TS29122_CommonData.yaml#/components/responses/415'
'429': Reference 'TS29122_CommonData.yaml#/components/responses/429'
'500': Reference 'TS29122_CommonData.yaml#/components/responses/500'
'503': Reference 'TS29122_CommonData.yaml#/components/responses/503'
default: Reference 'TS29122_CommonData.yaml#/components/responses/default'
delete:
Parameters:
- name: apiInvokerId
In: path
Description: Identifier of an individual API invoker
Required/Optional: true
Schema:
Type: string
Responses:
'204' No Content (Successful deletion of the existing subscription)
'400': Reference 'TS29122_CommonData.yaml#/components/responses/400'
'401': Reference 'TS29122_CommonData.yaml#/components/responses/401'
'403': Reference 'TS29122_CommonData.yaml#/components/responses/403'
'404': Reference 'TS29122_CommonData.yaml#/components/responses/404'
'429': Reference 'TS29122_CommonData.yaml#/components/responses/429'
'500': Reference 'TS29122_CommonData.yaml#/components/responses/500'
'503': Reference 'TS29122_CommonData.yaml#/components/responses/503'
default: Reference 'TS29122_CommonData.yaml#/components/responses/default'
Method: Post
Parameters:
- name: apiInvokerId
In: path
Description: Identifier of an individual API invoker
Required/Optional: true
Schema:
Type: string
Request Body:
Description: Update the security context (e.g. re-negotiate the security methods).
Required/Optional: true
Content:
Application/JSON:
Schema:
Reference: '#/components/schemas/ServiceSecurity'
Responses:
'200' Successful updated.
Content:
Application/JSON:
Schema:
Reference: '#/components/schemas/ServiceSecurity'
'400': Reference 'TS29122_CommonData.yaml#/components/responses/400'
'401': Reference 'TS29122_CommonData.yaml#/components/responses/401'
'403': Reference 'TS29122_CommonData.yaml#/components/responses/403'
'404': Reference 'TS29122_CommonData.yaml#/components/responses/404'
'411': Reference 'TS29122_CommonData.yaml#/components/responses/411'
'413': Reference 'TS29122_CommonData.yaml#/components/responses/413'
'415': Reference 'TS29122_CommonData.yaml#/components/responses/415'
'429': Reference 'TS29122_CommonData.yaml#/components/responses/429'
'500': Reference 'TS29122_CommonData.yaml#/components/responses/500'
'503': Reference 'TS29122_CommonData.yaml#/components/responses/503'
default: Reference 'TS29122_CommonData.yaml#/components/responses/default'
Method: Post
Parameters:
- name: apiInvokerId
In: path
Description: Identifier of an individual API invoker
Required/Optional: true
Schema:
Type: string
Request Body:
Description: Revoke the authorization of the API invoker for APIs.
Required/Optional: true
Content:
Application/JSON:
Schema:
Reference: '#/components/schemas/SecurityNotification'
Responses:
'204' Successful revoked.
'400': Reference 'TS29122_CommonData.yaml#/components/responses/400'
'401': Reference 'TS29122_CommonData.yaml#/components/responses/401'
'403': Reference 'TS29122_CommonData.yaml#/components/responses/403'
'404': Reference 'TS29122_CommonData.yaml#/components/responses/404'
'411': Reference 'TS29122_CommonData.yaml#/components/responses/411'
'413': Reference 'TS29122_CommonData.yaml#/components/responses/413'
'415': Reference 'TS29122_CommonData.yaml#/components/responses/415'
'429': Reference 'TS29122_CommonData.yaml#/components/responses/429'
'500': Reference 'TS29122_CommonData.yaml#/components/responses/500'
'503': Reference 'TS29122_CommonData.yaml#/components/responses/503'
default: Reference 'TS29122_CommonData.yaml#/components/responses/default'
Method: Post
Parameters:
- name: securityId
In: path
Description: Identifier of an individual security instance
Required/Optional: true
Schema:
Type: string
Request Body:
Required/Optional: true
Content:
application/x-www-form-urlencoded:
Schema:
Reference: '#/components/schemas/AccessTokenReq'
Responses:
'200' Successful Access Token Request
Content:
Application/JSON:
Schema:
Reference: '#/components/schemas/AccessTokenRsp'
'400' Error in the Access Token Request
Content:
Application/JSON:
Schema:
Reference: '#/components/schemas/AccessTokenErr'
Type: object
Properties:
securityInfo:
Type: array
Items:
Reference: '#/components/schemas/SecurityInformation'
Minimum: 1
notificationDestination:
Reference: 'TS29122_CommonData.yaml#/components/schemas/Uri'
requestTestNotification:
Type: boolean
Description: Set to true by API invoker to request the CAPIF core function to send a test notification as defined in in subclause 7.6. Set to false or omitted otherwise.
websockNotifConfig:
Reference: 'TS29122_CommonData.yaml#/components/schemas/WebsockNotifConfig'
supportedFeatures:
Reference: 'TS29571_CommonData.yaml#/components/schemas/SupportedFeatures'
Required:
- securityInfo
- securityNotificationDestination
Type: object
Properties:
interfaceDetails:
Reference: 'TS29222_CAPIF_Publish_Service_API.yaml#/components/schemas/InterfaceDescription'
aefId:
Type: string
Description: Identifier of the API exposing function
prefSecurityMethods:
Type: array
Items:
Reference: 'TS29222_CAPIF_Publish_Service_API.yaml#/components/schemas/SecurityMethod'
minItems: 1
Description: Security methods preferred by the API invoker for the API interface.
selSecurityMethod:
Reference: 'TS29222_CAPIF_Publish_Service_API.yaml#/components/schemas/SecurityMethod'
authenticationInfo:
Type: string
Description: Authentication related information
authorizationInfo:
Type: string
Description: Authorization related information
Required:
- prefSecurityMethods
oneOf:
- required: [interfaceDetails]
- required: [aefId]
Type: object
Properties:
apiInvokerId:
Type: string
Description: String identifying the API invoker assigned by the CAPIF core function
aefId:
Type: string
Description: String identifying the AEF.
apiIds:
Type: array
Items:
Type: string
minItems: 1
Description: Identifier of the service API
cause:
Reference: '#/components/schemas/Cause'
Required:
- apiInvokerId
- apiIds
- cause
format: x-www-form-urlencoded
Properties:
grant_type:
Type: string
enum:
- client_credentials
client_id:
Type: string
client_secret:
Type: string
scope:
Type: string
Required:
- grant_type
- client_id
Type: object
Properties:
access_token:
Type: string
Description: JWS Compact Serialized representation of JWS signed JSON object (AccessTokenClaims)
token_type:
Type: string
enum:
- Bearer
expires_in:
Reference: 'TS29122_CommonData.yaml#/components/schemas/DurationSec'
scope:
Type: string
Required:
- access_token
- token_type
- expires_in
Type: object
Properties:
iss:
Type: string
scope:
Type: string
exp:
Reference: 'TS29122_CommonData.yaml#/components/schemas/DurationSec'
Required:
- iss
- scope
- exp
Type: object
Properties:
error:
Type: string
enum:
- invalid_request
- invalid_client
- invalid_grant
- unauthorized_client
- unsupported_grant_type
- invalid_scope
error_description:
Type: string
error_uri:
Type: string
Required:
- error
anyOf:
- type: string
This string provides forward-compatibility with future
extensions to the enumeration but is not used to encode
content defined in the present version of this API.
Possible values are
- OVERLIMIT_USAGE: The revocation of the authorization of the API invoker is due to the overlimit usage of the service API
- UNEXPECTED_REASON: The revocation of the authorization of the API invoker is due to unexpected reason.