PAGE STATUS: UNDER CONSTRUCTION
STATUS: Project Approved (next step is Architecture Approval)
AAF (Application Authorization Framework):
1 High Level Component Definition and Architectural Relationships
AAF (Application Authentication Framework) provides the services for authentication, authorization and certificate management for the ONAP components. It provides the services to the ONAP components to manage the lifecycle of authentication and authorization elements such as Permissions, Roles and Credentials. It supports:
- Manage authentication and authorization elements such as: Perminssions, Roles, Credentials
- Access to organizational entities
- Manage the lifecycle of passwords and certificates
- Access to external credential authoriites (e.g. CA)
- Autogenerate ONAP certificates
2. API definitions
AAF provides the following interfaces:
Interface Name | Interface Definition | Interface Capabilities | Version | Status | Consumed Models |
---|---|---|---|---|---|
AAFE-1 | Application Authorization Framework Management Interface | A user interface for:
| |||
AAFE-2 | Application Authorization Framework Authentication and Authorization Interface | An interface for the ONAP components to:
|
Note: xxxI interface is a Component internal interface. xxxxE interface is a component external interface
AAF Consumes no Interfaces:
Interface Name | Purpose Reason For Use |
---|---|
AAFE-3: AAF External Credential Interface | An interface to retrieve and authenticate using credentials from a credential supplier external to ONAP. |
The current API documents can be found at:
AAFE-1 (to be added)
- AAFE2 (to be added)
- AAFE3 (to be added)
3. Component Description:
Link to read the docs
4. known system limitations: (IN PROGRESS)
Runtime: None
5. Used Models: (N/A)
6. System Deployment Architecture:
FFS
7. New Capabilities in this Release
8. References
- AAF Overview & User Guide: https://onap.readthedocs.io/en/latest/submodules/aaf/authz.git/docs/index.html