If authentication is required, the AMF requests it from the AUSF; if Tracing Requirements about the UE are available at the AMF, the AMF provides Tracing Requirements in its request to AUSF. Upon request from the AMF, the AUSF shall execute authentication of the UE. The authentication is performed as described in TS 33.501 . The AUSF selects a UDM as described in TS 23.501 , clause 6.3.8 and gets the authentication data from UDM.
Once the UE has been authenticated the AUSF provides relevant security related information to the AMF. In case the AMF provided a SUCI to AUSF, the AUSF shall return the SUPI to AMF only after the authentication is successful.
After successful authentication in new AMF, which is triggered by the integrity check failure in old AMF at step 5, the new AMF invokes step 4 above again and indicates that the UE is validated (i.e. through the reason parameter as specified in clause 22.214.171.124.2).