openapi: 3.0.0 info: version: 1.1.0.alpha-1 title: AUSF API description: | AUSF UE Authentication Service. © 2019, 3GPP Organizational Partners (ARIB, ATIS, CCSA, ETSI, TSDSI, TTA, TTC). All rights reserved. servers: - url: '{apiRoot}/nausf-auth/v1' variables: apiRoot: default: https://example.com description: apiRoot as defined in subclause subclause 4.4 of 3GPP TS 29.501. security: - {} - oAuth2ClientCredentials: - nausf-auth paths: /ue-authentications: post: requestBody: content: application/json: schema: $ref: '#/components/schemas/AuthenticationInfo' required: true responses: '201': description: UEAuthenticationCtx content: application/3gppHal+json: schema: $ref: '#/components/schemas/UEAuthenticationCtx' headers: Location: description: 'Contains the URI of the newly created resource according to the structure: {apiRoot}/nausf-auth/v1/ue-authentications/{authCtxId}' required: true schema: type: string '400': description: Bad Request from the AMF content: application/problem+json: schema: $ref: 'TS29571_CommonData.yaml#/components/schemas/ProblemDetails' '403': description: Forbidden due to serving network not authorized content: application/problem+json: schema: $ref: 'TS29571_CommonData.yaml#/components/schemas/ProblemDetails' '500': description: Internal Server Error content: application/problem+json: schema: $ref: 'TS29571_CommonData.yaml#/components/schemas/ProblemDetails' /ue-authentications/{authCtxId}/5g-aka-confirmation: put: parameters: - name: authCtxId in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/ConfirmationData' responses: '200': description: Request processed (EAP success or Failure) content: application/json: schema: $ref: '#/components/schemas/ConfirmationDataResponse' '400': description: Bad Request content: application/problem+json: schema: $ref: 'TS29571_CommonData.yaml#/components/schemas/ProblemDetails' '500': description: Internal Server Error content: application/problem+json: schema: $ref: 'TS29571_CommonData.yaml#/components/schemas/ProblemDetails' /ue-authentications/{authCtxId}/eap-session: post: operationId: EapAuthMethod parameters: - name: authCtxId in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/EapSession' responses: '200': description: Use to handle or close the EAP session content: application/json: schema: $ref: '#/components/schemas/EapSession' application/3gppHal+json: schema: type: object properties: eapPayload: $ref: '#/components/schemas/EapPayload' _links: type: object description: 'URI : /{eapSessionUri}' additionalProperties: $ref: 'TS29571_CommonData.yaml#/components/schemas/LinksValueSchema' minProperties: 1 required: - eapPayload - _links '400': description: Bad Request content: application/problem+json: schema: $ref: 'TS29571_CommonData.yaml#/components/schemas/ProblemDetails' '500': description: Internal Server Error content: application/problem+json: schema: $ref: 'TS29571_CommonData.yaml#/components/schemas/ProblemDetails' components: securitySchemes: oAuth2ClientCredentials: type: oauth2 flows: clientCredentials: tokenUrl: '{nrfApiRoot}/oauth2/token' scopes: nausf-auth: Access to Nausf_UEAuthentication API schemas: AuthenticationInfo: type: object properties: supiOrSuci: $ref: 'TS29503_Nudm_UEAU.yaml#/components/schemas/SupiOrSuci' servingNetworkName: $ref: 'TS29503_Nudm_UEAU.yaml#/components/schemas/ServingNetworkName' resynchronizationInfo: $ref: 'TS29503_Nudm_UEAU.yaml#/components/schemas/ResynchronizationInfo' pei: $ref: 'TS29571_CommonData.yaml#/components/schemas/Pei' traceData: $ref: 'TS29571_CommonData.yaml#/components/schemas/TraceData' udmGroupId: $ref: 'TS29571_CommonData.yaml#/components/schemas/NfGroupId' routingIndicator: type: string pattern: '^[0-9]{1,4}$' required: - supiOrSuci - servingNetworkName UEAuthenticationCtx: type: object properties: authType: $ref: '#/components/schemas/AuthType' 5gAuthData: oneOf: - $ref: '#/components/schemas/Av5gAka' - $ref: '#/components/schemas/EapPayload' _links: type: object additionalProperties: $ref: 'TS29571_CommonData.yaml#/components/schemas/LinksValueSchema' servingNetworkName: $ref: 'TS29503_Nudm_UEAU.yaml#/components/schemas/ServingNetworkName' required: - authType - 5gAuthData - _links Av5gAka: type: object required: - rand - hxresStar - autn properties: rand: $ref: 'TS29503_Nudm_UEAU.yaml#/components/schemas/Rand' hxresStar: $ref: '#/components/schemas/HxresStar' autn: $ref: 'TS29503_Nudm_UEAU.yaml#/components/schemas/Autn' ConfirmationData: type: object required: - resStar properties: resStar: $ref: '#/components/schemas/ResStar' ConfirmationDataResponse: type: object properties: authResult: $ref: '#/components/schemas/AuthResult' supi: $ref: 'TS29571_CommonData.yaml#/components/schemas/Supi' kseaf: $ref: '#/components/schemas/Kseaf' required: - authResult EapSession: type: object properties: eapPayload: $ref: '#/components/schemas/EapPayload' kSeaf: $ref: '#/components/schemas/Kseaf' _links: type: object additionalProperties: $ref: 'TS29571_CommonData.yaml#/components/schemas/LinksValueSchema' authResult: $ref: '#/components/schemas/AuthResult' supi: $ref: 'TS29571_CommonData.yaml#/components/schemas/Supi' required: - eapPayload AuthResult: type: string enum: - AUTHENTICATION_SUCCESS - AUTHENTICATION_FAILURE - AUTHENTICATION_ONGOING EapPayload: type: string format: base64 description: contains an EAP packet Kseaf: type: string pattern: '[A-Fa-f0-9]{64}' ResStar: type: string pattern: '[A-Fa-f0-9]{32}' nullable: true HxresStar: type: string pattern: "[A-Fa-f0-9]{32}" AuthType: anyOf: - type: string enum: - 5G_AKA - EAP_AKA_PRIME - EAP_TLS - type: string externalDocs: description: 3GPP TS 29.509 V15.3.0; 5G System; 3GPP TS Authentication Server services. url: http://www.3gpp.org/ftp/Specs/archive/29_series/29.509