Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Replace telco and operator by more general terms #201

Merged
merged 9 commits into from
Nov 11, 2024
Merged

Replace telco and operator by more general terms #201

Changes from 1 commit
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
c8e5fde
Replace telco and operator by more general terms
AxelNennker Sep 11, 2024
a215097
Camara -> CAMARA
AxelNennker Oct 1, 2024
371fe84
"CAMARA clients" --> "CAMARA API consumers"
AxelNennker Oct 1, 2024
69a2227
AZ -> authorization server
AxelNennker Oct 1, 2024
af5f8fa
client -> API consumer
AxelNennker Oct 1, 2024
3ddcc1a
OP's token endpoint -> token endpoint
AxelNennker Oct 1, 2024
7940cfc
RS -> API implementation
AxelNennker Oct 1, 2024
5f1b433
introduce abreviation CSRF
AxelNennker Oct 1, 2024
1d504a8
CAMARA standard APIs -> CAMARA APIs
AxelNennker Oct 1, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions documentation/CAMARA-Security-Interoperability.md
View file
Open in desktop
AxelNennker marked this conversation as resolved.
Show resolved Hide resolved
AxelNennker marked this conversation as resolved.
Show resolved Hide resolved
AxelNennker marked this conversation as resolved.
Show resolved Hide resolved
AxelNennker marked this conversation as resolved.
Show resolved Hide resolved
AxelNennker marked this conversation as resolved.
Show resolved Hide resolved
AxelNennker marked this conversation as resolved.
Show resolved Hide resolved
AxelNennker marked this conversation as resolved.
Show resolved Hide resolved
AxelNennker marked this conversation as resolved.
Show resolved Hide resolved
AxelNennker marked this conversation as resolved.
Show resolved Hide resolved
Original file line number Diff line number Diff line change
Expand Up @@ -44,12 +44,12 @@ The CAMARA document sharpens the following for interoperability and security:

* Client Authentication. Specifications for client authentication within CAMARA.
AxelNennker marked this conversation as resolved.
Show resolved Hide resolved

By encapsulating these elements within this document, it aims to provide a comprehensive guide for developers and operators, ensuring consistent implementation and adherence to standardized security measures across the CAMARA ecosystem. The defined OIDC profile not only facilitates the integration process, but also serves as a basic framework for developers wishing to leverage the CAMARA APIs while maintaining security and interoperability.
By encapsulating these elements within this document, it aims to provide a comprehensive guide for API consumers and API providers, ensuring consistent implementation and adherence to standardized security measures across the CAMARA ecosystem. The defined OIDC profile not only facilitates the integration process, but also serves as a basic framework for developers wishing to leverage the CAMARA APIs while maintaining security and interoperability.


## Audience

The target audience for this document is the service/technical departments of operators exposing network functions via standard CAMARA APIs and the applications or client systems that consume CAMARA standard APIs to make use of the operator's network capabilities.
The target audience for this document is the service/technical departments of API providers exposing network functions via standard CAMARA APIs and the applications or client systems that consume CAMARA standard APIs to make use of the operator's network capabilities.
AxelNennker marked this conversation as resolved.
Show resolved Hide resolved


## Conventions
Expand Down Expand Up @@ -155,7 +155,7 @@ Considering [OAuth2 Refresh Token Protection](https://datatracker.ietf.org/doc/h

## Client Credentials Flow

The [OAuth 2.0 Client Credentials](https://datatracker.ietf.org/doc/html/rfc6749#section-4.4) grant type is used to obtain a 2-legged Access Token that does not represent a user. The grant-type can only be used if agreed between the API Client and the Telco Operator exposing the API, taking into account the declared purpose for accessing the API (cf. [CAMARA API Specification - Authorization and authentication common guidelines](CAMARA-API-access-and-user-consent.md#camara-api-specification---authorization-and-authentication-common-guidelines)).
The [OAuth 2.0 Client Credentials](https://datatracker.ietf.org/doc/html/rfc6749#section-4.4) grant type is used to obtain a 2-legged Access Token that does not represent a user. The grant-type can only be used if agreed between the API consumer and the API provider exposing the API, taking into account the declared purpose for accessing the API (cf. [CAMARA API Specification - Authorization and authentication common guidelines](CAMARA-API-access-and-user-consent.md#camara-api-specification---authorization-and-authentication-common-guidelines)).

## Handling of acr_values

Expand Down