openapi: 3.0.0
info:
  title: AEF_Security_API
  description: This API allows an API invoker to check if the security information required by the API exposing function is available, by initiating authentication. This API also allows CAPIF core function to revoke access to service APIs.
  version: "1.0.0"
externalDocs:
  description: 3GPP TS 29.222 V15.2.0 Common API Framework for 3GPP Northbound APIs
  url: http://www.3gpp.org/ftp/Specs/archive/29_series/29.222/
servers:
  - url: '{apiRoot}/aef-security/v1'
    variables:
      apiRoot:
        default: https://example.com
        description: apiRoot as defined in subclause 7.5 of 3GPP TS 29.222.
paths:
  /check-authentication:
    post:
      summary: Check authentication.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CheckAuthenticationReq'
      responses:
        '200':
          description: The request was successful.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CheckAuthenticationRsp'
        '400':
          $ref: 'TS29122_CommonData.yaml#/components/responses/400'
        '401':
          $ref: 'TS29122_CommonData.yaml#/components/responses/401'
        '403':
          $ref: 'TS29122_CommonData.yaml#/components/responses/403'
        '404':
          $ref: 'TS29122_CommonData.yaml#/components/responses/404'
        '411':
          $ref: 'TS29122_CommonData.yaml#/components/responses/411'
        '413':
          $ref: 'TS29122_CommonData.yaml#/components/responses/413'
        '415':
          $ref: 'TS29122_CommonData.yaml#/components/responses/415'
        '429':
          $ref: 'TS29122_CommonData.yaml#/components/responses/429'
        '500':
          $ref: 'TS29122_CommonData.yaml#/components/responses/500'
        '503':
          $ref: 'TS29122_CommonData.yaml#/components/responses/503'
        default:
          $ref: 'TS29122_CommonData.yaml#/components/responses/default'

  /revoke-authorization:
    post:
      summary: Revoke authorization.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/RevokeAuthorizationReq'
      responses:
        '200':
          description: The request was successful.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RevokeAuthorizationRsp'
        '400':
          $ref: 'TS29122_CommonData.yaml#/components/responses/400'
        '401':
          $ref: 'TS29122_CommonData.yaml#/components/responses/401'
        '403':
          $ref: 'TS29122_CommonData.yaml#/components/responses/403'
        '404':
          $ref: 'TS29122_CommonData.yaml#/components/responses/404'
        '411':
          $ref: 'TS29122_CommonData.yaml#/components/responses/411'
        '413':
          $ref: 'TS29122_CommonData.yaml#/components/responses/413'
        '415':
          $ref: 'TS29122_CommonData.yaml#/components/responses/415'
        '429':
          $ref: 'TS29122_CommonData.yaml#/components/responses/429'
        '500':
          $ref: 'TS29122_CommonData.yaml#/components/responses/500'
        '503':
          $ref: 'TS29122_CommonData.yaml#/components/responses/503'
        default:
         $ref: 'TS29122_CommonData.yaml#/components/responses/default'

components:
  schemas:
    CheckAuthenticationReq:
      type: object
      properties:
        apiInvokerId:
          type: string
          description: API invoker ID assigned by the CAPIF core function to the API invoker while on-boarding the API invoker.
        supportedFeatures:
          $ref: 'TS29571_CommonData.yaml#/components/schemas/SupportedFeatures'
      required:
        - apiInvokerId
        - supportedFeatures
    CheckAuthenticationRsp:
      type: object
      properties:
        supportedFeatures:
          $ref: 'TS29571_CommonData.yaml#/components/schemas/SupportedFeatures'
      required:
        - supportedFeatures
    RevokeAuthorizationReq:
      type: object
      properties:
        revokeInfo:
          $ref: 'TS29222_CAPIF_Security_API.yaml#/components/schemas/SecurityNotification'
        supportedFeatures:
          $ref: 'TS29571_CommonData.yaml#/components/schemas/SupportedFeatures'
      required:
        - revokeInfo
        - supportedFeatures
    RevokeAuthorizationRsp:
      type: object
      properties:
        supportedFeatures:
          $ref: 'TS29571_CommonData.yaml#/components/schemas/SupportedFeatures'
      required:
        - supportedFeatures