openapi: 3.0.0
info:
version: 1.0.0
title: AUSF API
description: OpenAPI specification for AUSF
servers:
- url: '{apiRoot}/nausf-auth/v1'
variables:
apiRoot:
default: https://example.com
description: apiRoot as defined in subclause subclause 4.4 of 3GPP TS 29.501.
security:
- {}
- oAuth2ClientCredentials:
- nausf-auth
paths:
/ue-authentications:
post:
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AuthenticationInfo'
required: true
responses:
'201':
description: UEAuthenticationCtx
content:
application/3gppHal+json:
schema:
$ref: '#/components/schemas/UEAuthenticationCtx'
headers:
Location:
description: 'Contains the URI of the newly created resource according to the structure: {apiRoot}/nausf-auth/v1/ue-authentications/{authCtxId}'
required: true
schema:
type: string
'400':
description: Bad Request from the AMF
content:
application/problem+json:
schema:
$ref: 'TS29571_CommonData.yaml#/components/schemas/ProblemDetails'
'403':
description: Fordidden due to serving network not authorized
content:
application/problem+json:
schema:
$ref: 'TS29571_CommonData.yaml#/components/schemas/ProblemDetails'
'500':
description: Internal Server Error
content:
application/problem+json:
schema:
$ref: 'TS29571_CommonData.yaml#/components/schemas/ProblemDetails'
/ue-authentications/{authCtxId}/5g-aka-confirmation:
put:
parameters:
- name: authCtxId
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ConfirmationData'
responses:
'200':
description: Request processed (EAP success or Failure)
content:
application/json:
schema:
$ref: '#/components/schemas/ConfirmationDataResponse'
'400':
description: Bad Request
content:
application/problem+json:
schema:
$ref: 'TS29571_CommonData.yaml#/components/schemas/ProblemDetails'
'500':
description: Internal Server Error
content:
application/problem+json:
schema:
$ref: 'TS29571_CommonData.yaml#/components/schemas/ProblemDetails'
/ue-authentications/{authCtxId}/eap-session:
post:
operationId: EapAuthMethod
parameters:
- name: authCtxId
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/EapSession'
responses:
'200':
description: Use to handle or close the EAP session
content:
application/json:
schema:
$ref: '#/components/schemas/EapSession'
application/3gppHal+json:
schema:
type: object
properties:
eapPayload:
$ref: '#/components/schemas/EapPayload'
_links:
type: object
description: 'URI : /{eapSessionUri}'
additionalProperties:
$ref: 'TS29571_CommonData.yaml#/components/schemas/LinksValueSchema'
minProperties: 1
required:
- eapPayload
- _links
'400':
description: Bad Request
content:
application/problem+json:
schema:
$ref: 'TS29571_CommonData.yaml#/components/schemas/ProblemDetails'
'500':
description: Internal Server Error
content:
application/problem+json:
schema:
$ref: 'TS29571_CommonData.yaml#/components/schemas/ProblemDetails'
components:
securitySchemes:
oAuth2ClientCredentials:
type: oauth2
flows:
clientCredentials:
tokenUrl: '{nrfApiRoot}/oauth2/token'
scopes:
nausf-auth: Access to Nausf_UEAuthentication API
schemas:
AuthenticationInfo:
type: object
properties:
supiOrSuci:
$ref: 'TS29503_Nudm_UEAU.yaml#/components/schemas/SupiOrSuci'
servingNetworkName:
$ref: 'TS29503_Nudm_UEAU.yaml#/components/schemas/ServingNetworkName'
resynchronizationInfo:
$ref: 'TS29503_Nudm_UEAU.yaml#/components/schemas/ResynchronizationInfo'
traceData:
$ref: 'TS29571_CommonData.yaml#/components/schemas/TraceData'
required:
- supiOrSuci
- servingNetworkName
UEAuthenticationCtx:
type: object
properties:
authType:
$ref: '#/components/schemas/AuthType'
5gAuthData:
oneOf:
- $ref: '#/components/schemas/Av5gAka'
- $ref: '#/components/schemas/EapPayload'
_links:
type: object
additionalProperties:
$ref: 'TS29571_CommonData.yaml#/components/schemas/LinksValueSchema'
servingNetworkName:
$ref: 'TS29503_Nudm_UEAU.yaml#/components/schemas/ServingNetworkName'
required:
- authType
- 5gAuthData
- _links
Av5gAka:
type: object
required:
- rand
- hxresStar
- autn
properties:
rand:
$ref: 'TS29503_Nudm_UEAU.yaml#/components/schemas/Rand'
hxresStar:
$ref: '#/components/schemas/HxresStar'
autn:
$ref: 'TS29503_Nudm_UEAU.yaml#/components/schemas/Autn'
ConfirmationData:
type: object
required:
- resStar
properties:
resStar:
$ref: '#/components/schemas/ResStar'
ConfirmationDataResponse:
type: object
properties:
authResult:
$ref: '#/components/schemas/AuthResult'
supi:
$ref: 'TS29571_CommonData.yaml#/components/schemas/Supi'
kseaf:
$ref: '#/components/schemas/Kseaf'
required:
- authResult
EapSession:
type: object
properties:
eapPayload:
$ref: '#/components/schemas/EapPayload'
kSeaf:
$ref: '#/components/schemas/Kseaf'
_links:
type: object
additionalProperties:
$ref: 'TS29571_CommonData.yaml#/components/schemas/LinksValueSchema'
authResult:
$ref: '#/components/schemas/AuthResult'
supi:
$ref: 'TS29571_CommonData.yaml#/components/schemas/Supi'
required:
- eapPayload
AuthResult:
type: string
enum:
- AUTHENTICATION_SUCCESS
- AUTHENTICATION_FAILURE
- AUTHENTICATION_ONGOING
EapPayload:
type: string
format: base64
description: contains an EAP packet
Kseaf:
type: string
pattern: '[A-Fa-f0-9]{64}'
ResStar:
type: string
pattern: '[A-Fa-f0-9]{32}'
HxresStar:
type: string
pattern: "[A-Fa-f0-9]{32}"
AuthType:
anyOf:
- type: string
enum:
- 5G_AKA
- EAP_AKA_PRIME
- EAP_TLS
- type: string
externalDocs:
description: 3GPP TS 29.509 V15.2.0; 5G System; 3GPP TS Authentication Server services.
url: http://www.3gpp.org/ftp/Specs/archive/29_series/29.509