+' Security Service
+package "Security Service" #Pink {
+ struct AccessTokenReq {
+ string grant_type (required)
+ string client_id (required)
+ string client_secret
+ string scope
+ }
+ struct AccessTokenRsp {
+ string access_token (required)
+ string token_type (required)
+ DurationSec expires_in (required)
+ string scope
+ }
+ struct ServiceSecurity {
+ []SecurityInformation securityInfo (required)
+ SupportedFeatures supportedFeatures
+ }
+ struct SecurityInformation {
+ string aefId
+ string apiId
+ string authenticationInfo
+ string authorizationInfo
+ InterfaceDescription interfaceDetails
+ []SecurityMethod prefSecurityMethods
+ []SecurityMethod selSecurityMethods
+ }
+ ServiceSecurity::securityInfo "1" o-- "1..N" SecurityInformation
+ SecurityInformation::interfaceDetails "0..1" o-- "0..N" InterfaceDescription
+ SecurityInformation::prefSecurityMethods "1" o-- "1..N" SecurityMethod
+ SecurityInformation::selSecurityMethods "0..1" o-- "0..N" SecurityMethod
+}
+SecurityInformation::aefId .. APIProviderFunctionDetails::apiProvFuncId
+SecurityInformation::apiId .. ServiceAPIDescription::apiId
+note "AccessTokenReq::client_id and\n AccessTokenReq::client_secret\n must match registered invoker" as accessInvokerRel
+AccessTokenReq::client_id .. accessInvokerRel
+accessInvokerRel .. APIInvokerEnrolmentDetails::apiInvokerId
+note "Function provided in\n AccessTokenReq:scope\n must be registered for a provider" as accessProviderRel
+AccessTokenReq::scope .. accessProviderRel
+accessProviderRel .. APIProviderFunctionDetails::apiProvFuncId
+note "API provided in\n AccessTokenReq:scope\n must be published" as accessPublishRel
+AccessTokenReq::scope .. accessPublishRel
+accessPublishRel .. AefProfile::aefId
+
+' Event Service
+package "Event Service" #Orange {
+ struct EventSubscription {
+ []CAPIFEvent events (required)
+ Uri notificationDestination (required)
+ ReportingInformation eventReq
+ []CAPIFEventFilter eventFilters
+ SupportedFeatures supportedFeatures
+ }
+ struct CAPIFEventFilter {
+ []string aefIds
+ []string apiIds
+ []string apiInvokerIds
+ }
+ enum CAPIFEvent {
+ SERVICE_API_AVAILABLE
+ SERVICE_API_UNAVAILABLE
+ SERVICE_API_UPDATE
+ API_INVOKER_ONBOARDED
+ API_INVOKER_OFFBOARDED
+ SERVICE_API_INVOCATION_SUCCESS
+ SERVICE_API_INVOCATION_FAILURE
+ ACCESS_CONTROL_POLICY_UPDATE
+ ACCESS_CONTROL_POLICY_UNAVAILABLE
+ API_INVOKER_AUTHORIZATION_REVOKED
+ API_INVOKER_UPDATED
+ API_TOPOLOGY_HIDING_CREATED
+ API_TOPOLOGY_HIDING_REVOKED
+ }
+ struct ReportingInformation {
+ DurationSec grpRepTime
+ bool immRep
+ Uinteger maxReportNbr
+ NotificationFlag notifFlag
+ NotificationMethod notifMethod
+ PartitioningCriteria partitionCriteria
+ DurationSec repPeriod
+ SamplingRation sampRatio
+ }
+ struct EventNotification {
+ CAPIFEventDetail eventDetail
+ CAPIFEvent events (required)
+ string subscriptionId (required)
+ }
+ struct CAPIFEventDetail {
+ AccessControlPolicyListExt accCtrlPolList
+ []string apiIds
+ []string apiInvokerIds
+ []ServiceAPIDescription serviceAPIDescriptions
+ }
+ struct AccessControlPolicyListExt {
+ AccessControlPolicyList accessControlPolicyList
+ string apiId
+ }
+ note right of EventNotification::subscriptionId
+ subscriptionId generated
+ by CAPIF Core when
+ subscription was created
+ end note
+}
+EventSubscription::eventFilters "0..N" o-- "0..N" CAPIFEventFilter
+EventSubscription::events "1" o-- "1..N" CAPIFEvent
+EventSubscription::eventReq "0..N" o-- "0..N" ReportingInformation
+CAPIFEventDetail::serviceAPIDescriptions "0..N" o-- "0..N" ServiceAPIDescription
+CAPIFEventFilter::aefIds .. APIProviderFunctionDetails::apiProvFuncId
+CAPIFEventFilter::apiIds .. ServiceAPIDescription::apiId
+CAPIFEventFilter::apiInvokerIds .. APIInvokerEnrolmentDetails::apiInvokerId
+EventNotification::eventDetail "0..1" o-- "0..N" CAPIFEventDetail
+EventNotification::events "1" o-- "1" CAPIFEvent
+CAPIFEventDetail::apiIds .. ServiceAPIDescription::apiId
+CAPIFEventDetail::apiInvokerIds .. APIInvokerEnrolmentDetails::apiInvokerId
+CAPIFEventDetail::accCtrlPolList "0..N" o-- "0..N" AccessControlPolicyListExt
+AccessControlPolicyListExt::apiId .. ServiceAPIDescription::apiId
+
+' Access Control Policy
+package "Access Control Policy" #LightCyan {
+ struct AccessControlPolicyList {
+ []ApiInvokerPolicy apiInvokerPolicies
+ }
+ struct ApiInvokerPolicy {
+ []TimeRangeList allowedInvocationTimeRangeList
+ int allowedInvocationsPerSecond
+ int allowedTotalInvocations
+ string apiInvokerId (required)
+ }
+ struct TimeRangeList {
+ DateTime startTime
+ DateTime stopTime
+ }
+}
+AccessControlPolicyList::apiInvokerPolicies "0..N" o-- "0..N" ApiInvokerPolicy
+ApiInvokerPolicy::allowedInvocationTimeRangeList "0..N" o-- "0..N" TimeRangeList
+AccessControlPolicyListExt::accessControlPolicyList "0..N" o-- "0..N" AccessControlPolicyList
+ApiInvokerPolicy::apiInvokerId .. APIInvokerEnrolmentDetails::apiInvokerId
+
+' Logging Service
+package "Logging Service" #Silver {
+ struct InvocationLog {
+ string aefId (required)
+ string apiInvokerId (required)
+ []Log logs (required)
+ SupportedFeatures supportedFeatures
+ }
+ struct Log {
+ string apiId (required)
+ string apiName (required)
+ string apiVersion (required)
+ InterfaceDescription destInterface
+ string fwdInterface
+ interface inputParameters
+ DurationMs invocationLatency
+ DateTime invocationTime
+ Operation operation
+ interface outputParameters
+ Protocol protocol (required)
+ string resourceName (required)
+ string result (required)
+ InterfaceDescription srcInterface
+ Uri uri
+ }
+}
+InvocationLog::logs "1" o-- "1..N" Log
+InvocationLog::aefId .. APIProviderFunctionDetails::apiProvFuncId
+InvocationLog::apiInvokerId .. APIInvokerEnrolmentDetails::apiInvokerId
+Log::apiId .. ServiceAPIDescription::apiId
+Log::destInterface "0..1" o-- "0..N" InterfaceDescription
+Log::srcInterface "0..1" o-- "0..N" InterfaceDescription
+Log::protocol "0..1" o-- "0..N" Protocol
+Log::operation "0..1" o-- "0..N" Operation
+
+' Auditing Service
+package "Auditing Servive" #PaleVioletRed {
+ struct GetApiInvocationLogsParams {
+ string aefId
+ string apiInvokerId
+ DateTime timeRangeStart
+ DateTime timeRangeEnd
+ string apiId
+ string apiName
+ string apiVersion
+ Protocol protocol
+ Operation operation
+ string result
+ string resourceName
+ InterfaceDescription srcInterface
+ }
+}
+GetApiInvocationLogsParams::aefId .. APIProviderFunctionDetails::apiProvFuncId
+GetApiInvocationLogsParams::apiInvokerId .. APIInvokerEnrolmentDetails::apiInvokerId
+GetApiInvocationLogsParams::apiId .. ServiceAPIDescription::apiId
+GetApiInvocationLogsParams::protocol "0..1" o-- "0..1" Protocol
+GetApiInvocationLogsParams::operation "0..1" o-- "0..1" Operation
+GetApiInvocationLogsParams::srcInterface "0..1" o-- "0..1" InterfaceDescription
+note "A call with\n GetApiInvocationLogsParams\n returns an InvocationLog" as auditLogRel
+GetApiInvocationLogsParams .. auditLogRel
+auditLogRel .. InvocationLog
+
+' Routing Service
+package "Routing Service" {
+ struct RoutingInfo {
+ []RoutingRule routingRules (required)
+ }
+ struct RoutingRule {
+ AefProfile aefProfile (required)
+ []Ipv4AddressRange ipv4AddrRanges
+ []Ipv6AddressRange ipv6AddrRanges
+ }
+ struct GetServiceApisServiceApiIdParams {
+ string aefId (required)
+ SupportedFeatures suppFeat
+ }
+ RoutingInfo::routingRules "1" o-- "1..N" RoutingRule
+ RoutingRule::aefProfile "1" o-- "1" AefProfile
+ GetServiceApisServiceApiIdParams::aefId .. APIProviderFunctionDetails::apiProvFuncId
+ note "A call with\n GetServiceApisServiceApiIdParams\n returns a RoutingInfo" as routingRel
+ GetServiceApisServiceApiIdParams .. routingRel
+ routingRel .. RoutingInfo
+}