Tech-invite  3GPPspecsRELsGlossariesSIP
Info21222324252627282931323334353637384‑5x

full Contents for  TS 23.222  Word version:   17.0.0

Top   Up   Prev   Next
0…   4…   5   6…   6.3…   7…   8…   8.5…   8.9…   8.13…   8.17…   8.21…   8.25…   9…   10…   11…   A   B…   B.2   B.3   C…   D…

 

8  Procedures and information flowsWord-p. 36
8.1  Onboarding the API invoker to the CAPIF
8.1.1  General
The procedure in this subclause corresponds to the architectural requirements for onboarding the API invoker to the CAPIF. The CAPIF enables a one time onboarding process that enrolls the API invoker as a recognized user of the CAPIF, which may be triggered by the API invoker via CAPIF‑1 or CAPIF‑1e, or may be based on provisioning.
8.1.2  Information flows
8.1.2.1  Onboard API invoker request
Table 8.1.2.1-1 describes the information flow onboard API invoker request from the API invoker to the CAPIF core function.
Information element
Status
Description

Onboarding information
M
The information of the API invoker including enrolment details, required for onboarding
APIs for enrollment
O
List of APIs being enrolled for.

8.1.2.2  Onboard API invoker response
Table 8.1.2.2-1 describes the information flow onboard API invoker response from the CAPIF core function to the API invoker.
Information element
Status
Description

Onboarding status
M
The result of onboarding request i.e., success indication is included if the API invoker is granted permission otherwise failure.
Enrolled information
O (see NOTE 1)
Information from the provisioned API invoker profile which may include information to allow the API invoker to be authenticated and to obtain authorization for service APIs
Service API information
O (see NOTE 2)
The service API information includes the service API name, service API type, communication type, description, Serving Area Information (optional), interface details (e.g. IP address, port number, URI), protocols, version numbers, and data format.
Reason
O (see NOTE 3)
This element indicates the reason when onboarding status is failure.

NOTE 1:
Information element shall be present when onboarding status is successful.
NOTE 2:
Information element may be present when onboarding status is successful.
NOTE 3:
Information element shall be present when onboarding status is failure.

Up
8.1.3  Procedure
Figure 8.1.3-1 illustrates the procedure for onboarding the API invoker to the CAPIF. The security aspects of this procedure are specified in subclause 6.1 of TS 33.122.
Pre-conditions:
  1. The API invoker is not a recognized user of the CAPIF.
  2. The API invoker has visibility to APIs information (e.g., API catalogue or dashboard - central place for the API provider to manage which APIs are displayed, giving API invokers the ability to enroll for).
Up
  1. For enrollment of the API invoker to be a recognized user of the CAPIF, the API invoker triggers onboard API invoker request towards the CAPIF core function, providing the information as required for the API management.
  2. The CAPIF core function begins the onboarding process by verifying whether all the necessary information has been provided to onboard the API invoker, and further initiates a grant process. Successful onboarding results in provisioning API invoker profile which includes identity for the API invoker. The authorization information and the list of APIs and the types of APIs that the API invoker can access subsequent to successful onboarding may also be created.
  3. NOTE 1:
    Completion of onboarding process can require explicit grant by the CAPIF administrator or the API management, which is left out-of-scope of this solution. CAPIF can handle the grant process internally without the need of explicit grant by the CAPIF administrator.
    NOTE 2:
    The API invoker profile consists of at least the identity information for the API invoker, information required for the authentication and authorization by the CAPIF and the CAPIF identity information.
  4. If the API invoker has triggered the onboard API invoker request and is granted permission, the onboard API invoker response provides success indication including information from the provisioned API invoker profile which may include information to allow the API invoker to be authenticated and to obtain authorization for service APIs.
  5. As a result of successful onboarding process, the CAPIF core function is able to authenticate and authorize the API invoker.
Up
8.2  Offboarding the API invoker from the CAPIFWord-p. 37
8.2.1  General
This subclause defines the procedure for offboarding the API invoker from the CAPIF. The offboarding process makes the API invoker no longer a recognized user of the CAPIF. The procedure is triggered by the API invoker over CAPIF‑1 or CAPIF‑1e.
8.2.2  Information flows
This subclause describes the information flows for the API invoker offboarding.
8.2.2.1  Offboard API invoker requestWord-p. 38
Table 8.2.2.1-1 describes the information flow offboard API invoker request from the API invoker to the CAPIF core function.
Information element
Status
Description

API invoker identity information
M
Identity information of the API invoker requesting offboarding
Reason
O
Indicate the reason of offboarding

8.2.2.2  Offboard API invoker response
Table 8.2.2.2-1 describes the information flow offboard API invoker response from the CAPIF core function to the API invoker.
Information element
Status
Description

Result
M
Indicates the success or failure of the offboarding operation

8.2.3  Procedure
Figure 8.2.3-1 illustrates the procedure for offboarding the API invoker from the CAPIF, triggered by the API invoker. The security aspects of this procedure are specified in subclause 6.8 of TS 33.122.
Pre-conditions:
  1. The API invoker has been onboarded as a recognized user of the CAPIF.
Up
  1. The API invoker triggers offboard API invoker request to the CAPIF core function, providing the information as required for the API management.
  2. The CAPIF core function cancels the enrollment of the API invoker from CAPIF. The API invoker ceases to be a recognized user of the CAPIF. All the authorizations corresponding to the API invoker are revoked from CAPIF. Optionally, the information of the API invoker may be retained at the CAPIF core function as per the operator policy.
  3. NOTE:
    Completion of offboarding process can require explicit notification to the CAPIF administrator or the API management, which is left out-of-scope of this solution. CAPIF can handle the de-provisioning process internally without the need of explicit grant by the CAPIF administrator.
  4. The CAPIF core function returns the offboard API invoker response providing successful offboarding indication.
Up
8.3  Publish service APIsWord-p. 39
8.3.1  General
The CAPIF supports publishing service APIs by the API provider. The API publishing function can be within PLMN trust domain or within 3rd party trust domain.
8.3.2  Information flows
8.3.2.1  Service API publish request
Table 8.3.2.1-1 describes the information flow service API publish request from the API publishing function to the CAPIF core function.
Information element
Status
Description

API publisher information
M
The information of the API publisher may include identity, authentication and authorization information
Service API information
M
The service API information includes the service API name, service API type, communication type, description, Serving Area Information (optional), interface details (e.g. IP address, port number, URI), protocols, version numbers, and data format.
Shareable information
O (see NOTE)
Indicates whether the service API or the service API category can be published to other CCFs. And if sharing, a list of CAPIF provider domain information where the service API or the service API category can be published is contained.

NOTE:
If the shareable information is not present, the service API is not allowed to be shared.

Up
8.3.2.2  Service API publish response
Table 8.3.2.2-1 describes the information flow service API publish response from the CAPIF core function to the API publishing function.
Information element
Status
Description

Result
M
Indicates the success or failure of publishing the service API information
Service API published information reference
O (see NOTE)
The information which can be used for referencing the information (set) about the published service API by the API publishing function.

NOTE:
This information element is included when the Result indicates success.

8.3.3  Procedure
Figure 8.3.3-1 illustrates the procedure for publishing the service APIs. The service API publish mechanism is supported by the CAPIF core function.
Pre-conditions:
  1. Authorization details of the APF are available with the CAPIF core function.
  2. API invokers may have subscribed with the CAPIF core function to obtain new service API information.
Up
  1. The API publishing function sends a service API publish request to the CAPIF core function, with the details of the service API. If the service API is to be shared to other CAPIF core functions, the shareable information and the CAPIF provider domain information are included.
  2. Upon receiving the service API publish request, the CAPIF core function checks whether the API publishing function is authorized to publish service APIs. If the check is successful, the service API information provided by the API publishing function is stored at the CAPIF core function (API registry).
  3. The CAPIF core function provides a service API publish response to the API publishing function indicating success or failure result and triggers notifications to subscribed API invokers as described in subclause 8.8.4.
Up
8.4  Unpublish service APIsWord-p. 40
8.4.1  General
The CAPIF supports unpublishing service APIs by the API provider. Once the service API information is unpublished, it is no more available to be discovered by API invokers. The API publishing function can be within PLMN trust domain or within 3rd party trust domain.
8.4.2  Information flows
8.4.2.1  Service API unpublish request
Table 8.4.2.1-1 describes the information flow service API unpublish request from the API publishing function to the CAPIF core function.
Information element
Status
Description

API publisher information
M
The information of the API publisher may include identity, authentication and authorization information
Service API published information reference
M
The information provided by the CAPIF core function which can be for referencing the information (set) about the published service API by the API publishing function.

8.4.2.2  Service API unpublish responseWord-p. 41
Table 8.4.2.2-1 describes the information flow service API unpublish response from the CAPIF core function to the API publishing function.
Information element
Status
Description

Result
M
Indicates the success or failure of unpublishing the service API information

8.4.3  Procedure
Figure 8.4.3-1 illustrates the procedure for unpublishing the service APIs. The service API unpublish mechanism is supported by the CAPIF core function.
Pre-conditions:
  1. Authorization details of the APF are available with the CAPIF core function.
  2. API invokers may have subscribed with the CAPIF core function to obtain notification regarding service API unpublish.
Up
  1. The API publishing function sends a service API unpublish request to the CAPIF core function, with service API published information reference provided by the CAPIF core function when the service API was published.
  2. Upon receiving the service API unpublish request, the CAPIF core function checks whether the API publishing function is authorized to unpublish service APIs. If the check is successful, the service API information provided by the API publishing function is removed at the CAPIF core function (API registry).
  3. The CAPIF core function provides a service API unpublish response to the API publishing function and triggers notifications to subscribed API invokers as described in subclause 8.8.4.
Up

Up   Top   ToC