JWT Authentication Server
Stateless: The JWT is a self-contained token which has authentication information, expire time information, and other user-defined claims digitally signed. This means that there is no session to manage.
Portable: A single token can be used with multiple backends.
No cookies required: So it's very mobile-friendly.
Good performance: It reduces the network round trip time.
HTTP/2 with TLS 1.3 encryption
Faster and more secure than TLS 1.2
Shorter process by requiring only one round trip (or back-and-forth communication) instead of two.
Speeds up encrypted connections even more with features such as TLS false start and Zero Round Trip Time.
Results in significant performance gains while also providing security benefits
API Invokers & API Providers management
Maintain identity information for authentication.
Mutual authentication with a central entity.
Provides and manage the authorization needed to access service APIs.
Policy Control & Realtime charging
Control which Invoker can consume which API.
Limit Invokers traffic rate per API family.
Balance the traffic load accross providers.
Charge API subscriptions, API calls and JWTs.
Built-in logging and auditing service
Central logging and auditing service to ease troubleshooting
Persistent data store
Maintains data persistent and make it available from many access point.
Allow CAPIF Core Function stateless operation at scale.
◼ 3GPP TS 23.222 - Common API Framework for 3GPP Northbound APIs
◼ 3GPP TS 23.122 - Security Aspects of Common API Framework for 3GPP Northbound APIs
◼ 3GPP TS 23.682 - Architecture enhancements to facilitate communications with packet data networks and applications
◼ 3GPP TS 23.501 - System Architecture for the 5G System; Stage 2
◼ 3GPP TS 23.502 - Procedures for the 5G System; Stage 2
◼ 3GPP TS 32.240 - Telecommunication management; Charging management; Charging architecture and principles
◼ OMA-ER_Autho4API-V1_0-20141209-A - Authorization Framework for Network APIs
◼ OMA-TS-REST_NetAPI_Common-V1_0-20180116-A - Common definitions for RESTful Network APIs
◼ OMA-TS-NGSI_Registration_and_Discovery-V1_0-20120529-A - NGSI Registration and Discovery