OpenAPI
OpenAPI Version: 3.0.0
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
The Authentication Server Function (AUSF) acts as NF Service Producer. It provides UE authentication service to the requester NF. The NF Service Consumer is the AMF.
For this service, the following service operations are defined
Authenticate
This service permits to authenticate the UE and to provide one or more master keys which are used by the AMF to derived subsequent keys.
Reference: 3GPP TS 33.501 v15.5.0
OpenAPI Version: 3.0.0
Version: 1.0.0
Title: AUSF API
Description: OpenAPI specification for AUSF
URL: '{apiRoot}/nausf-auth/v1'
Variables:
API Root:
Default: https://example.com
Description: apiRoot as defined in subclause subclause 4.4 of 3GPP TS 29.501.
- {}
- oAuth2ClientCredentials:
- nausf-auth
Method: Post
Request Body:
Content:
Application/JSON:
Schema:
Reference: '#/components/schemas/AuthenticationInfo'
Required/Optional: true
Responses:
'201':
Description: UEAuthenticationCtx
Content:
application/3gppHal+json:
Schema:
Reference: '#/components/schemas/UEAuthenticationCtx'
Headers:
Location:
description: 'Contains the URI of the newly created resource according to the structure: {apiRoot}/nausf-auth/v1/ue-authentications/{authCtxId}'
Required/Optional: true
Schema:
Type: string
'400':
Description: Bad Request from the AMF
Content:
application/problem+json:
Schema:
Reference: 'TS29571_CommonData.yaml#/components/schemas/ProblemDetails'
'403':
Description: Fordidden due to serving network not authorized
Content:
application/problem+json:
Schema:
Reference: 'TS29571_CommonData.yaml#/components/schemas/ProblemDetails'
'500':
Description: Internal Server Error
Content:
application/problem+json:
Schema:
Reference: 'TS29571_CommonData.yaml#/components/schemas/ProblemDetails'
put:
Parameters:
- Name: authCtxId
In: path
Required/Optional: true
Schema:
Type: string
Request Body:
Content:
Application/JSON:
Schema:
Reference: '#/components/schemas/ConfirmationData'
Responses:
'200':
Description: Request processed (EAP success or Failure)
Content:
Application/JSON:
Schema:
Reference: '#/components/schemas/ConfirmationDataResponse'
'400':
Description: Bad Request
Content:
application/problem+json:
Schema:
Reference: 'TS29571_CommonData.yaml#/components/schemas/ProblemDetails'
'500':
Description: Internal Server Error
Content:
application/problem+json:
Schema:
Reference: 'TS29571_CommonData.yaml#/components/schemas/ProblemDetails'
Method: Post
Operation ID: EapAuthMethod
Parameters:
- Name: authCtxId
In: path
Required/Optional: true
Schema:
Type: string
Request Body:
Content:
Application/JSON:
Schema:
Reference: '#/components/schemas/EapSession'
Responses:
'200':
Description: Use to handle or close the EAP session
Content:
Application/JSON:
Schema:
Reference: '#/components/schemas/EapSession'
application/3gppHal+json:
Schema:
Type: object
Properties:
eapPayload:
Reference: '#/components/schemas/EapPayload'
_links:
Type: object
description: 'URI : /{eapSessionUri}'
additionalProperties:
Reference: 'TS29571_CommonData.yaml#/components/schemas/LinksValueSchema'
minProperties: 1
Required/Optional:
- eapPayload
- _links
'400':
Description: Bad Request
Content:
application/problem+json:
Schema:
Reference: 'TS29571_CommonData.yaml#/components/schemas/ProblemDetails'
'500':
Description: Internal Server Error
Content:
application/problem+json:
Schema:
Reference: 'TS29571_CommonData.yaml#/components/schemas/ProblemDetails'
securitySchemes:
oAuth2ClientCredentials:
Type: oauth2
Flows:
clientCredentials:
tokenUrl: '{nrfApiRoot}/oauth2/token'
scopes:
nausf-auth: Access to Nausf_UEAuthentication API
schemas:
AuthenticationInfo:
Type: object
Properties:
supiOrSuci:
Reference: 'TS29503_Nudm_UEAU.yaml#/components/schemas/SupiOrSuci'
servingNetworkName:
Reference: 'TS29503_Nudm_UEAU.yaml#/components/schemas/ServingNetworkName'
resynchronizationInfo:
Reference: 'TS29503_Nudm_UEAU.yaml#/components/schemas/ResynchronizationInfo'
traceData:
Reference: 'TS29571_CommonData.yaml#/components/schemas/TraceData'
Required:
- supiOrSuci
- servingNetworkName
UEAuthenticationCtx:
Type: object
Properties:
authType:
Reference: '#/components/schemas/AuthType'
5gAuthData:
oneOf:
- $ref: '#/components/schemas/Av5gAka'
- $ref: '#/components/schemas/EapPayload'
_links:
Type: object
additionalProperties:
Reference: 'TS29571_CommonData.yaml#/components/schemas/LinksValueSchema'
servingNetworkName:
Reference: 'TS29503_Nudm_UEAU.yaml#/components/schemas/ServingNetworkName'
Required:
- authType
- 5gAuthData
- _links
Av5gAka:
Type: object
Required:
- rand
- hxresStar
- autn
Properties:
rand:
Reference: 'TS29503_Nudm_UEAU.yaml#/components/schemas/Rand'
hxresStar:
Reference: '#/components/schemas/HxresStar'
autn:
Reference: 'TS29503_Nudm_UEAU.yaml#/components/schemas/Autn'
ConfirmationData:
Type: object
Required:
- resStar
Properties:
resStar:
Reference: '#/components/schemas/ResStar'
ConfirmationDataResponse:
Type: object
Properties:
authResult:
Reference: '#/components/schemas/AuthResult'
supi:
Reference: 'TS29571_CommonData.yaml#/components/schemas/Supi'
kseaf:
Reference: '#/components/schemas/Kseaf'
Required:
- authResult
EapSession:
Type: object
Properties:
eapPayload:
Reference: '#/components/schemas/EapPayload'
kSeaf:
Reference: '#/components/schemas/Kseaf'
_links:
Type: object
additionalProperties:
Reference: 'TS29571_CommonData.yaml#/components/schemas/LinksValueSchema'
authResult:
Reference: '#/components/schemas/AuthResult'
supi:
Reference: 'TS29571_CommonData.yaml#/components/schemas/Supi'
Required:
- eapPayload
AuthResult:
Type: string
enum:
- AUTHENTICATION_SUCCESS
- AUTHENTICATION_FAILURE
- AUTHENTICATION_ONGOING
EapPayload:
Type: string
format: base64
Description: contains an EAP packet
Kseaf:
Type: string
Pattern: '[A-Fa-f0-9]{64}'
ResStar:
Type: string
Pattern: '[A-Fa-f0-9]{32}'
HxresStar:
Type: string
Pattern: "[A-Fa-f0-9]{32}"
AuthType:
anyOf:
- type: string
enum:
- 5G_AKA
- EAP_AKA_PRIME
- EAP_TLS
- type: string
Description: 3GPP TS 29.509 V15.2.0; 5G System; 3GPP TS Authentication Server services.
URL: http://www.3gpp.org/ftp/Specs/archive/29_series/29.509