CAPIF Core Function
The Common API Framework Core Function is an element defined by 3GPP to harmonize all aspects of northbound service APIs. It covers functionality related to on-board and off-board API invokers, APIs that need to be exposed for registration and release, API discovery by third-party entities, and authorization and authentication.
CAPIF functionality is considered a cornerstone in realizing 5G openness because it allows secure exposure of 5G core APIs to third-party domains and enables third parties to define and expose their own APIs. Slicce extends the use case of the Common API Framework by publishing and exposing northbound APIs for 3G and 4G networks.
Features & Benefits
JWT Authentication Server
Stateless: The JWT is a self-contained token which has authentication information, expire time information, and other user-defined claims digitally signed. This means that there is no session to manage.
Portable: A single token can be used with multiple backends.
No cookies required: So it's very mobile-friendly.
Good performance: It reduces the network round trip time.
HTTP/2 with TLS 1.3 encryption
Faster and more secure than TLS 1.2
Shorter process by requiring only one round trip (or back-and-forth communication) instead of two.
Speeds up encrypted connections even more with features such as TLS false start and Zero Round Trip Time.
Results in significant performance gains while also providing security benefits
API Invokers & API Providers management
Maintain identity information for authentication.
Mutual authentication with a central entity.
Provides and manage the authorization needed to access service APIs.
Policy Control & Realtime charging
Control which Invoker can consume which API.
Limit Invokers traffic rate per API family.
Balance the traffic load accross providers.
Charge API subscriptions, API calls and JWTs.
Built-in logging and auditing service
Central logging and auditing service to ease troubleshooting
Persistent data store
Maintains data persistent and make it available from many access point.
Allow CAPIF Core Function stateless operation at scale.
Technical specifications
◼ 3GPP TS 23.222 - Common API Framework for 3GPP Northbound APIs
◼ 3GPP TS 23.122 - Security Aspects of Common API Framework for 3GPP Northbound APIs
◼ 3GPP TS 23.682 - Architecture enhancements to facilitate communications with packet data networks and applications
◼ 3GPP TS 23.501 - System Architecture for the 5G System; Stage 2
◼ 3GPP TS 23.502 - Procedures for the 5G System; Stage 2
◼ 3GPP TS 32.240 - Telecommunication management; Charging management; Charging architecture and principles
◼ OMA-ER_Autho4API-V1_0-20141209-A - Authorization Framework for Network APIs
◼ OMA-TS-REST_NetAPI_Common-V1_0-20180116-A - Common definitions for RESTful Network APIs
◼ OMA-TS-NGSI_Registration_and_Discovery-V1_0-20120529-A - NGSI Registration and Discovery