Scheduled maintenance on Saturday, 27 September 2025, from 07:00 AM to 4:00 PM GMT (09:00 AM to 6:00 PM CEST) - some services may be unavailable -

Skip to content
v3.0.0-release
Jorge Moratinos's avatar
Jorge Moratinos
@jorge.moratinossalcines
06afccf2 · Merge branch 'staging' into 'main' ·
Release: OpenCAPIF Release 3.0.0 
## **Release 3.0.0**

### **New Features**

#### **Added Event Filters**

- New filters for Event service subscriptions.
    - You can now specify from which API, AEF, or Invoker you want to receive the event notifications.
    - These filters are specified in the ***eventFilters*** of the subscription if the ***Enhanced Event Report*** feature of the ***Supported Features*** is activated.
- More detailed information about event filters can be found in [Event Filter section](./event-filter/event-filter.md).

#### **Added Event Reporting Information**

- New Reporting Information for event subscriptions.
    - Now, you can specify the type of subscription you want: periodic, when an event is detected or one-time.
    - Fields have been added to allow setting a maximum number of notifications and the subscription expiration time.
    - You can now immediately get periodic notifications that have not been sent.
- More detailed information about the Reporting Information can be found in [Event Reporting Information section](./event-req/event-req.md)

### **Testing**

- New Event Filter test suite with 8 tests. [Event Filter test suite](./testing/testplan/event_filter/README.md)
- Removed supported Feature negotiation test because currently spec (v18.7.0) not support any feature.


### **Technical Debt Solved**

#### **Upgrade Gunicorn**

Migration of gunicorn from version 22 to 23, due to some vulnerabilities detected. All OpenCAPIF APIs (including "register" and "helper") were upgraded.

#### **Hardening on startup scripts for services interacting with Vault**

The startup scripts of the ***Invoker Management Service***, ***Provider Management Service***, and ***Security Service*** have been improved to ensure reliability when the Vault service takes longer to become ready. These new scripts check responses from the Vault to ensure the returned information is valid before starting each service.

This will also helps on the restart issue on k8s deployed OpenCAPIF.

#### Dynamic configurations
- Add new collection in CAPIF mongo with the init configuration.
- New endpoints in Helper to manage the CAPIF configuration.
- Add new collection in Register mongo with the init configuration.
- New endpoints in Register to manage the Register configuration.
- Documentation about Dynamic Configuration.
- Documentation about Helper and Register swaggers.

#### SupportedFeatures Negotiation

- Implemented in the API Provider Management the supported features negotiation for the suppFeat field during provider registration. The server now decodes the negotiated feature set based on client capabilities and system support.

- Code Review of Events API according to the supported features negotiation.

- Code Review of Discover API according to the supported features negotiation.
  
- Added supported features negotiation in the Audit API service. The server negotiates supportedFeatures in queries and returns the agreed value in the response.
  
- Added supported features negotiation in the Security service.

#### Security Method PKI

- Security API Service GET /trustedInvokers/{apiIncokerId} logic updated. Now it will check securityMethod selected and according to that, inserts on authenticationInfo and authorizedInfo attributes the needed information [PKI Flow](https://labs.etsi.org/rep/ocf/community/-/wikis/pki-flow)

#### Security Method PSK

- New PSK security method. Now, when selected as the security method, CAPIF PSK will create the key needed to consume APIs. For more information, see [PSK Flow](https://labs.etsi.org/rep/ocf/community/-/wikis/psk-flow).


#### Upgraded services version to 18.7.0

- OpenCAPIF services have been upgraded from version 18.4.0 to version 18.7.0 following 3GPP TS 29222.

#### Modify request from the Invoker Management service

- A new "PATCH" request has been added to the Invoker Management service, which allows you to modify some of the invoker's information without having to update everything.

### **Documentation**

#### Improvements over documentation
- New [Event Filter section](./event-filter/event-filter.md)
- New [Vendor Extensibility section](./vendor-ext/vendor-ext.md)
- New [API Status section](./api-status/api-status.md)
- New [Dynamic Configuration section](./configuration/configuration.md)
- New [Event Reporting Information section](./event-req/event-req.md)

#### Testplan
- New tests related with [Api Status Feature](./testing/testplan/api_status/README.md).
- New tests related with [Event Filter Feature](./testing/testplan/event_filter/README.md).
- New tests related with [Vendor Extensibility](./testing/testplan/vendor_extensibility/README.md)
- [Security Service Testplan](./testing/testplan/api_security_service/README.md) updated according to new features and Technical debts.
- New test on [Security Service Testplan](./testing/testplan/api_security_service/README.md) related with PKI security Method flow, GET request to security perform by AEF must returns CA_Root on authenticationInfo attribute at SecurityInfo.
- Removed supported Feature negotiation test of [API Access Control Policy](./testing/testplan/api_access_control_policy/README.md), because currently spec (v18.7.0) not support any feature.