Common Operations
Register new user
In order to use OpenCAPIF we must add a new user. This new user can onboard/register any Invokers or Providers.
That new user must be created by administrator of Register Service and with the credentials shared by administrator, the new user can get the access_token by requesting it to Register service.
The steps to register a new user at Register Service are:
Admin create User
1) Login as Admin to get access_token:
- Send POST to https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/login
- Include basic Auth Header with Admin credentials
- Get access_token and refresh_token from response
2) Create User:
- Send POST to https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/createUser
- Include Admin access_token in Authorization Bearer Header
- Body user_registration_body
User Retrieve access token and other information
1) Retrieve access_token by User:
- Send GET to https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth
- Include basic Auth Header with User credentials
- Retrieve access_token and the urls needed for next requests from response body user_getauth_response_body_example
Onboard an Invoker
Steps to perform operation
Preconditions: The administrator must have previously registered the User.
- Create public and private key at invoker
-
Retrieve access_token by User:
- Send GET to https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth
- Include basic Auth Header with Admin user/password
- Retrieve access_token and the urls needed for next requests from response body user_getauth_response_body_example
-
Onboard Invoker:
- Send POST to https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers
- Reference Request Body: invoker onboarding body
- "onboardingInformation"->"apiInvokerPublicKey": must contain public key generated by Invoker.
- Send in Authorization Header the Bearer access_token obtained previously (Authorization:Bearer ${access_token})
Checks to ensure onboarding
-
Response to Get Auth:
- 200 OK
- access_token returned.
-
Response to Onboard request must accomplish:
- 201 Created
- Response Body must follow APIInvokerEnrolmentDetails data structure with:
- apiInvokerId
- onboardingInformation->apiInvokerCertificate must contain the public key signed.
- Response Header Location must be received with URI to new resource created, following this structure: {apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}
Example Flow
Register a Provider
Steps to Perform operation
- Create public and private key at provider for provider itself and each function (apf, aef and amf)
-
Retrieve access_token by User:
- Send GET to https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth
- Include basic Auth Header with Admin user/password
- Retrieve access_token and the urls needed for next requests from response body user_getauth_response_body_example
-
Register Provider:
- Send POST https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations
- body provider request body
- Send in Authorization Header the Bearer access_token obtained previously (Authorization:Bearer ${access_token})
- Store each cert in a file with according name.
Checks to ensure provider registration
-
Response to Register:
- 201 Created
-
Response to Get Auth:
- 200 OK
- access_token returned.
-
Register Provider at Provider Management:
- 201 Created response.
- body returned must accomplish APIProviderEnrolmentDetails data structure.
- For each apiProvFuncs, we must check:
- apiProvFuncId is set
- apiProvCert under regInfo is set properly
- Location Header must contain the new resource URL {apiRoot}/api-provider-management/v1/registrations/{registrationId}
Example Flow