PAGE STATUS: UNDER CONSTRUCTION

STATUS: Draft (seeking PTL approval)

AAF (Application Authorization Framework):

1 High Level Component Definition and Architectural Relationships 



AAF (Application Authentication Framework) provides the services for authentication, authorization and certificate management for the ONAP components.  It provides the services to the ONAP components to manage the lifecycle of authentication and authorization elements such as Permissions, Roles and Credentials.  It supports:

  • Manage authentication and authorization elements such as: Perminssions, Roles, Credentials
  • Access to organizational entities
  • Manage the lifecycle of passwords and certificates
  • Access to external credential authoriites (e.g. CA)
  • Autogenerate ONAP certificates

2. API definitions

AAF provides the following interfaces:

Interface NameInterface Definition Interface CapabilitiesVersionStatusConsumed Models
AAFE-1Application Authorization Framework Management Interface  A user interface for:
  • to be filled in



AAFE-2Application Authorization Framework Authentication and Authorization Interface

 An interface for the ONAP components to:

  • to be filled in.



Note:   xxxI interface is a Component internal interface.  xxxxE interface is a component external interface

AAF Consumes no Interfaces:

Interface NamePurpose Reason For Use
AAFE-3: AAF External Credential InterfaceAn interface to retrieve and authenticate using credentials from a credential supplier external to ONAP.

The current API documents can be found at:

  • AAFE-1 (to be added)

  • AAFE2 (to be added)
  • AAFE3 (to be added)

3. Component Description:

Link to read the docs



4. known system limitations: (IN PROGRESS)

Runtime: None


5. Used Models: (N/A)


6. System Deployment Architecture:

FFS


7. New Capabilities in this Release


8. References

  1.  AAF Overview & User Guide: https://onap.readthedocs.io/en/latest/submodules/aaf/authz.git/docs/index.html
  • No labels