Abstract
The present document defines the access tokens and related metadata for RESTful protocols and data model for ETSI NFV management and orchestration (MANO) interfaces. It defines also the process for the token verification by the API Producer.
For this aim, the present document:
- Analyses the security threat arising from the misuse of the access token and defines the security requirements associated to access token.
- Analyses existing specifications related to access token for API access and their compliancy with the requirements defined.
- Defines the token request and generation profile, the token format and associated metadata considering the result of existing access token specifications analysis.
- Defines the token verification procedures for the API Producer.
General Information
Publication date: 01 January 2020
Working groups: https://www.etsi.org/committee/1427-nfv
ICT rolling plan topic: Cloud computing
SDO: ETSI
Latest publishied version: https://www.etsi.org/deliver/etsi_gs/NFV-SEC/001_099/022/02.07.01_60/gs_NFV-SEC022v020701p.pdf