The procedure in this subclause corresponds to the architectural requirements for auditing service API invocation. This procedure can be used for auditing of other CAPIF interactions i.e. service API invocation events, API invoker onboarding events and API invoker interactions with the CAPIF (e.g. authentication, authorization, discover service APIs) as well. The API management function can be within PLMN trust domain or within 3rd party trust domain.
184.108.40.206 Query service API log request
Table 220.127.116.11-1 describes the information flow query service API log request from the API management function to the CAPIF core function.
18.104.22.168 Query service API log response
Identity information of the entity querying service API log request
List of query filters such as invoker's ID and IP address, service API name and version, input parameters, and invocation result
Table 22.214.171.124-1 describes the information flow query service API log response from the CAPIF core function to the API management function.
Indicates the success or failure of query service API log request
API invocation log information
O (see NOTE)
API invocation log information such as API invoker's ID, IP address, service API name, version, invoked operation, input parameters, invocation result, time stamp information
Information element shall be present when result indicates success.
Figure 8.22.3-1 illustrates the procedure for auditing service API invocation.
Service API invocation logs are available at the CAPIF core function.
Authorization details of the AMF are available with the CAPIF core function.
For auditing service API invocations, the API management function triggers query service API log request to the CAPIF core function.
Upon receiving the query service API log request, the CAPIF core function accesses the necessary service API log information for auditing purposes.
The CAPIF core function returns the log information to the API management function in the query service API log response.
The API management function detecting abuse of the service API invocation and actions, subsequent to query service API log response, are out-of-scope of this specification.