Merge branch 'OCF-Doc4-upgrade-documentation-with-new-tests' into 'develop'

Ocf doc4 upgrade documentation with new tests See merge request ocf/documentation!8

Merge branch 'OCF-Doc4-upgrade-documentation-with-new-tests' into 'develop'
0e5bd0a4 · Jorge Moratinos · a76fd14e · ec55e4d6 · 0e5bd0a4 · a76fd14e
Commit 0e5bd0a4 authored 1 year ago by Jorge Moratinos
--- a/doc/architecture.md
+++ b/doc/architecture.md
+<img src="../images/logos/OpenCAPIF.png" alt="drawing" width="200"/>
+
+# Architecture
+
+
--- a/doc/images/logo_osl.png
+++ b/doc/images/logo_osl.png
--- a/doc/images/logo_osl_square.png
+++ b/doc/images/logo_osl_square.png
--- a/doc/images/logo_osl_square_non_transp.png
+++ b/doc/images/logo_osl_square_non_transp.png
--- a/doc/images/openslice_logo.png
+++ b/doc/images/openslice_logo.png
--- a/doc/images/openslice_logo_old.png
+++ b/doc/images/openslice_logo_old.png
--- a/doc/index.md
+++ b/doc/index.md
 <img src="images/logos/OpenCAPIF.png" alt="drawing" width="200"/>

-# Release X.X.X-rc

-This release includes next changes:
-
-**New register flow to ensure:**
-
-  - isolation between CCF and Register services.
-  - Improve security, with split resposability between administrator operations and common user.
-
-**Improved Testing with Robot in order to cover:**
-
-  - New Register flows.
-  - Allow different URLs for register, ccf and vault services.
-
-**Improved security on DB:**
-
-  - Credentials requested to access mongo databases.
-  - Credentials requested also by mongo-express.
-
-**Scripts upgraded:**
-
-  - docker compose version 2 used on them.
-  - New cleaning script developed.
-
-**Cleanup of capif repository:**
-
-  - Documentation is now on splitted repository [OCF Documentation Repository]
-  - Test plan was moved to [OCF Documentation Repository]
-  - Obsolote data is removed.
-
-
-# Release 0.0
-
-The APIs included in Release 0.0 are:
-
- JWT Authentication APIs
- CAPIF Invoker Management API
- CAPIF Publish API
- CAPIF Discover API
- CAPIF Security API
- CAPIF Events API
- CAPIF Provider Management API
-
-This Release also includes a Robot Test Suite for all those services and a Postman Test Suite for simple testing.
-
-## What is OpenCAPIF?
+# What is OpenCAPIF?

 OpenCAPIF is an open source implementation of the CAPIF Core Function APIs plus the logic and additional services required to fulfill the 3GPP requirements and deliver the expected functionality.

@@ -81,7 +37,7 @@ The following diagram shows how API Invokers and API Providers interact with the
 If you want to know more about OpenCAPIF check [The story behind openCAPIF](https://ocf.etsi.org/news/20240110_the_story_behind_opencapif/)


-## Repository structure
+# Repository structure

 You can check the code at [OpenCAPIF Repository]

@@ -101,21 +57,21 @@ CAPIF_API_Services
 * **tools**: Auxiliary tools. Robot Framework related code and OpenAPI scripts.
 * **test**: Tests developed using Robot Framework.

-## CAPIF_API_Services
+# CAPIF_API_Services

 This repository has the python-flask Mockup servers created with openapi-generator related with CAPIF APIS defined here:
 [Open API Descriptions of 3GPP 5G APIs]


-## How to test CAPIF APIs
+# How to test CAPIF APIs

 The above APIs can be tested either with POSTMAN tool or running the developed tests with Robot Framework.

-## Test Plan Documentation
+# Test Plan Documentation

 Complete documentation of tests is available here: [Test Plan Directory]

-## Robot Framework
+# Robot Framework

 In order to ensure that modifications over CAPIF services still fulfills the required functionality, the Robot Framework Test Suite must be successfully run.

@@ -123,15 +79,15 @@ The Robot Test Suite covers the requirements described in the test plan at [Test

 Please check the [Testing with Robot Framework] Section

-## Using PostMan
+# Using PostMan

 You can also test the CAPIF flow using the Postman tool. To do this, we have created a collection with some examples of CAPIF requests with everything necessary to carry them out.

 For more information on how to test the APIs with POSTMAN, go to this [POSTMAN Section].

-## Important urls:
+# Important urls:

-## Mongo CAPIF's DB Dashboard
+# Mongo CAPIF's DB Dashboard
 ```
 http://localhost:8082/ (if accessed from localhost) 

@@ -140,7 +96,7 @@ or
 http://<Mongo CAPIF Express Host IP>:8082/ (if accessed from another host)
 ```

-## Mongo Register's DB Dashboard
+# Mongo Register's DB Dashboard
 ```
 http://localhost:8083/ (if accessed from localhost) 

@@ -149,15 +105,12 @@ or
 http://<Mongo Register Express Host IP>:8083/ (if accessed from another host)
 ```

-## FAQ Documentation
+# FAQ Documentation

 Frequently asked questions can be found here: [FAQ Section]



-
-
-
 [Test Plan Directory]: ./testing/testplan/README.md  "Test Plan Directory"
 [Testing with Robot Framework]: ./testing/robotframework/README.md  "Testing with Robot Framework"
 [FAQ Section]: ./FAQ.md "FAQ Section"

--- a/doc/releasenotes.md
+++ b/doc/releasenotes.md
+# Release X.X.X-rc
+
+This release includes next changes:
+
+**New register flow to ensure:**
+
+  - isolation between CCF and Register services.
+  - Improve security, with split resposability between administrator operations and common user.
+
+**Improved Testing with Robot in order to cover:**
+
+  - New Register flows.
+  - Allow different URLs for register, ccf and vault services.
+
+**Improved security on DB:**
+
+  - Credentials requested to access mongo databases.
+  - Credentials requested also by mongo-express.
+
+**Scripts upgraded:**
+
+  - docker compose version 2 used on them.
+  - New cleaning script developed.
+
+**Cleanup of capif repository:**
+
+  - Documentation is now on splitted repository [OCF Documentation Repository]
+  - Test plan was moved to [OCF Documentation Repository]
+  - Obsolote data is removed.
+
+
+# Release 0.0
+
+The APIs included in Release 0.0 are:
+
+- JWT Authentication APIs
+- CAPIF Invoker Management API
+- CAPIF Publish API
+- CAPIF Discover API
+- CAPIF Security API
+- CAPIF Events API
+- CAPIF Provider Management API
+
+This Release also includes a Robot Test Suite for all those services and a Postman Test Suite for simple testing.
+
--- a/doc/testing/robotframework/README.md
+++ b/doc/testing/robotframework/README.md
@@ -15,18 +15,32 @@ To run any test locally you will need *docker* and *docker-compose* installed in
 ## Script Test Execution
 This script will build robot docker image if it's need and execute tests selected by "include" option. Just go to service folder, execute and follow steps.
 ```
-./runCapifTests.sh --include <TAG>
+./run_capif_tests.sh --include <TAG>
 ```
 Results will be stored at <REPOSITORY_FOLDER>/results

 Please check parameters (include) under *Test Execution* at [Manual Build And Test Execution](#manual-build-and-test-execution).

+### Mock Server
+Some tests on Test Plans require mockserver. That mock server must be deployed and reachable by Robot Framework and CCF under test.
+
+To run Mock Server locally you can just execute the next script:
+```
+cd services
+./run_mock_server.sh
+```
+
+If you want to launch only tests that not needed mockserver, just add "--exclude mockserver" parameter to robot execution:
+```
+./run_capif_tests.sh --include <TAG> --exclude mockserver
+```
+
 ## Manual Build And Test Execution

 * **Build Robot docker image**:
 ```
 cd tools/robot
-docker build . -t 5gnow-robot-test:latest
+docker build . -t capif-robot-test:latest
 ```

 * **Tests Execution**:
@@ -35,11 +49,34 @@ Execute all tests locally:
 ```
 <PATH_TO_REPOSITORY>=path in local machine to repository cloned.
 <PATH_RESULT_FOLDER>=path to a folder on local machine to store results of Robot Framework execution.
-<CAPIF_HOSTNAME>=Is the hostname set when run.sh is executed, by default it will be capifcore.
+<CAPIF_HOSTNAME>=Is the hostname set when run.sh is executed, by default it is capifcore.
 <CAPIF_HTTP_PORT>=This is the port to reach when robot framework want to reach CAPIF deployment using http, this should be set to port without TLS set on Nginx, 8080 by default.
+<CAPIF_HTTPS_PORT>=This is the port to be used when we want to use https connection, this should be set to port with TLS set on Nginx, 443 by default
+<CAPIF_REGISTER>=This is the hostname of register service deployed. By default it is register.
+<CAPIF_REGISTER_PORT>=This is the port to be used to reach register service deployed. By default it is 8084.
+<CAPIF_VAULT>=This is the hostname of vault service. By default it is vault.
+<CAPIF_VAULT_PORT>=This is the port to be used to reach vault service. By default it is 8200.
+<CAPIF_VAULT_TOKEN>=Vault token to be used on request through vault. By default it is "read-ca-token".
+<MOCK_SERVER_URL>=Setup Mock server url to be used in notifications at tests marked with mockserver tag. By default it is not set.

 To execute all tests run :
-docker run -ti --rm --network="host" -v <PATH_TO_REPOSITORY>/tests:/opt/robot-tests/tests -v <PATH_RESULT_FOLDER>:/opt/robot-tests/results 5gnow-robot-test:latest --variable CAPIF_HOSTNAME:capifcore --variable CAPIF_HTTP_PORT:8080 --include all
+docker run -ti --rm --network="host" \
+    --add-host host.docker.internal:host-gateway \
+    --add-host vault:host-gateway \
+    --add-host register:host-gateway \
+    --add-host mockserver:host-gateway \
+    -v <PATH_TO_REPOSITORY>/tests:/opt/robot-tests/tests \
+    -v <PATH_RESULT_FOLDER>:/opt/robot-tests/results capif-robot-test:latest  \
+    --variable CAPIF_HOSTNAME:$CAPIF_HOSTNAME \
+    --variable CAPIF_HTTP_PORT:$CAPIF_HTTP_PORT \
+    --variable CAPIF_HTTPS_PORT:$CAPIF_HTTPS_PORT \
+    --variable CAPIF_REGISTER:$CAPIF_REGISTER \
+    --variable CAPIF_REGISTER_PORT:$CAPIF_REGISTER_PORT \
+    --variable CAPIF_VAULT:$CAPIF_VAULT \
+    --variable CAPIF_VAULT_PORT:$CAPIF_VAULT_PORT \
+    --variable CAPIF_VAULT_TOKEN:$CAPIF_VAULT_TOKEN \
+    --variable MOCK_SERVER_URL:$MOCK_SERVER_URL \
+    --include all
 ```

 Execute specific tests locally:
@@ -57,7 +94,23 @@ To run more specific tests, for example, only one functionality:
  "capif_security_api

 And Run:
-docker run -ti --rm --network="host" -v <PATH_TO_REPOSITORY>/tests:/opt/robot-tests/tests -v <PATH_RESULT_FOLDER>:/opt/robot-tests/results 5gnow-robot-test:latest --variable CAPIF_HOSTNAME:capifcore --variable CAPIF_HTTP_PORT:8080 --include <TAG>
+docker run -ti --rm --network="host" \
+    --add-host host.docker.internal:host-gateway \
+    --add-host vault:host-gateway \
+    --add-host register:host-gateway \
+    --add-host mockserver:host-gateway \
+    -v <PATH_TO_REPOSITORY>/tests:/opt/robot-tests/tests \
+    -v <PATH_RESULT_FOLDER>:/opt/robot-tests/results capif-robot-test:latest  \
+    --variable CAPIF_HOSTNAME:$CAPIF_HOSTNAME \
+    --variable CAPIF_HTTP_PORT:$CAPIF_HTTP_PORT \
+    --variable CAPIF_HTTPS_PORT:$CAPIF_HTTPS_PORT \
+    --variable CAPIF_REGISTER:$CAPIF_REGISTER \
+    --variable CAPIF_REGISTER_PORT:$CAPIF_REGISTER_PORT \
+    --variable CAPIF_VAULT:$CAPIF_VAULT \
+    --variable CAPIF_VAULT_PORT:$CAPIF_VAULT_PORT \
+    --variable CAPIF_VAULT_TOKEN:$CAPIF_VAULT_TOKEN \
+    --variable MOCK_SERVER_URL:$MOCK_SERVER_URL \
+    --include <TAG>
 ```

 ## Test result review

--- a/doc/testing/testplan/README.md
+++ b/doc/testing/testplan/README.md
 # Test Plan Index
 List of Common API Services implemented:

+* [Common Operations](./common_operations/README.md)
 * [Api Invoker Management](./api_invoker_management/README.md)
 * [Api Provider Management](./api_provider_management/README.md)
 * [Api Publish Service](./api_publish_service/README.md)

--- a/doc/testing/testplan/api_access_control_policy/README.md
+++ b/doc/testing/testplan/api_access_control_policy/README.md
@@ -825,5 +825,5 @@ At this documentation you will have all information and related files and exampl
 [security notification body]: ./security_notification.json  "Security Notification Request"
 [access token req body]: ./access_token_req.json  "Access Token Request"
 [example]: ./access_token_req.json  "Access Token Request Example"
-[invoker onboarding]: ../common_operations/README.md#register-an-invoker "Invoker Onboarding"
+[invoker onboarding]: ../common_operations/README.md#onboard-an-invoker "Invoker Onboarding"
 [provider registration]: ../common_operations/README.md#register-a-provider "Provider Registration"
--- a/doc/testing/testplan/api_auditing_service/README.md
+++ b/doc/testing/testplan/api_auditing_service/README.md
@@ -242,6 +242,6 @@ At this documentation you will have all information and related files and exampl

 [log entry request body]: ../api_logging_service/invocation_log.json "Log Request Body"

-[invoker onboarding]: ../common_operations/README.md#register-an-invoker "Invoker Onboarding"
+[invoker onboarding]: ../common_operations/README.md#onboard-an-invoker "Invoker Onboarding"

 [provider onboarding]: ../common_operations/README.md#register-a-provider "Provider Onboarding"
--- a/doc/testing/testplan/api_discover_service/README.md
+++ b/doc/testing/testplan/api_discover_service/README.md
@@ -348,9 +348,8 @@ At this documentation you will have all information and related files and exampl
   [service api description]: ../api_publish_service/service_api_description_post_example.json  "Service API **Description** Request"
   [publisher register body]: ../api_publish_service/publisher_register_body.json  "Publish register Body"
   [invoker onboarding body]: ../api_invoker_management/invoker_details_post_example.json  "API Invoker Request"
-   [invoker register body]: ../api_invoker_management/invoker_register_body.json  "Invoker Register Body"
   [provider request body]: ../api_provider_management/provider_details_post_example.json  "API Provider Enrolment Request"
   [provider request patch body]: ../api_provider_management/provider_details_enrolment_details_patch_example.json  "API Provider Enrolment Patch Request"
-   [provider getauth body]: ../api_provider_management/provider_getauth_example.json    "Get Auth Example"
-   [invoker onboarding]: ../common_operations/README.md#register-an-invoker "Invoker Onboarding"
+
+   [invoker onboarding]: ../common_operations/README.md#onboard-an-invoker "Invoker Onboarding"
   [provider registration]: ../common_operations/README.md#register-a-provider "Provider Registration"
--- a/doc/testing/testplan/api_events_service/README.md
+++ b/doc/testing/testplan/api_events_service/README.md
--- a/doc/testing/testplan/api_invoker_management/README.md
+++ b/doc/testing/testplan/api_invoker_management/README.md
@@ -13,20 +13,19 @@ At this documentation you will have all information and related files and exampl

  * NetApp was not registered previously
  * NetApp was not onboarded previously
+  * ***Preconditions: The administrator must have previously registered the User.***

 **Information of Test**:

  1. Create public and private key at invoker

-  2. Register of Invoker at CCF:
-     * Send POST to *http://{CAPIF_HOSTNAME}:{CAPIF_HTTP_PORT}/register* 
-     * body [invoker register body]
+  2. Retrieve access_token by User:

-  3. Obtain Access Token:
-     * Send POST to *http://{CAPIF_HOSTNAME}/getauth*
-     * Body [invoker getauth body]
+    * Send **GET** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth**
+      * Include basic Auth Header with Admin user/password
+    * Retrieve **access_token** and the urls needed for next requests from response body [user_getauth_response_body_example]

-  4. Onboard Invoker:
+  3. Onboard Invoker:
     * Send POST to *https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers*
     * Reference Request Body: [invoker onboarding body]
     * "onboardingInformation"->"apiInvokerPublicKey": must contain public key generated by Invoker.
@@ -34,7 +33,7 @@ At this documentation you will have all information and related files and exampl

 **Execution Steps**:

-  1. Register Invoker at CCF
+  1. Retrieve access_token by User from register
  2. Onboard Invoker at CCF
  3. Store signed Certificate
   
@@ -305,8 +304,8 @@ At this documentation you will have all information and related files and exampl


 [invoker onboarding body]: ./invoker_details_post_example.json  "API Invoker Request"
-[invoker register body]: ./invoker_register_body.json  "Invoker Register Body"
+[user_getauth_response_body_example]: ../common_operations/user_getauth_response_body_example.json  "User GetAuth response Body Example"
 [put register body]: ./invoker_details_put_example.json  "API Invoker Update Request"
 [invoker getauth body]: ./invoker_getauth_example.json    "Get Auth Example"

-[invoker onboarding]: ../common_operations/README.md#register-an-invoker "Invoker Onboarding"
+[invoker onboarding]: ../common_operations/README.md#onboard-an-invoker "Invoker Onboarding"
--- a/doc/testing/testplan/api_invoker_management/invoker_register_body.json
+++ b/doc/testing/testplan/api_invoker_management/invoker_register_body.json
-{
-  "password": "password",
-  "username": "ROBOT_TESTING_INVOKER",
-  "role": "invoker",
-  "description": "Testing",
-  "cn": "ROBOT_TESTING_INVOKER"
-}
--- a/doc/testing/testplan/api_logging_service/README.md
+++ b/doc/testing/testplan/api_logging_service/README.md
@@ -235,7 +235,7 @@ At this documentation you will have all information and related files and exampl

 [log entry request body]: ./invocation_log.json "Log Request Body"

-[invoker onboarding]: ../common_operations/README.md#register-an-invoker "Invoker Onboarding"
+[invoker onboarding]: ../common_operations/README.md#onboard-an-invoker "Invoker Onboarding"

 [provider onboarding]: ../common_operations/README.md#register-a-provider "Provider Onboarding"

--- a/doc/testing/testplan/api_provider_management/README.md
+++ b/doc/testing/testplan/api_provider_management/README.md
@@ -17,15 +17,14 @@ At this documentation you will have all information and related files and exampl

  1. Create public and private key at provider for provider itself and each function (apf, aef and amf)

-  2. Register of Provider at CCF:
-     * Send POST to *http://{CAPIF_HOSTNAME}:{CAPIF_HTTP_PORT}/register*
-     * body [provider register body]
-  
-  3. Obtain Access Token:
-     * Send POST to *http://{CAPIF_HOSTNAME}/getauth*
-     * Body [provider getauth body]
+  2. Retrieve access_token by User:
+
+    * Send **GET** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth**
+      * Include basic Auth Header with Admin user/password
+    * Retrieve **access_token** and the urls needed for next requests from response body [user_getauth_response_body_example]
+
+  3. Register Provider:

-  4. Register Provider:
     * Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations*
     * body [provider request body]
     * Authentication Bearer with access_token
@@ -61,22 +60,22 @@ At this documentation you will have all information and related files and exampl
 **Information of Test**:

  1. Create public and private key at provider for provider itself and each function (apf, aef and amf)
-
-  2. Register of Provider at CCF:
-     * Send POST to *http://{CAPIF_HOSTNAME}:{CAPIF_HTTP_PORT}/register*
-     * body [provider register body]
  
-  3. Obtain Access Token:
-     * Send POST to *http://{CAPIF_HOSTNAME}/getauth*
-     * Body [provider getauth body]
+  2. Retrieve access_token by User:
+
+    * Send **GET** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth**
+      * Include basic Auth Header with Admin user/password
+    * Retrieve **access_token** and the urls needed for next requests from response body [user_getauth_response_body_example]
+
+  3. Register Provider:

-  4. Register Provider:
     * Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations*
     * body [provider request body]
     * Authentication Bearer with access_token
     * Store each cert in a file with according name.

-  5. Re-Register Provider:
+  4. Re-Register Provider:
+
     * Same regSec than Previous registration

 **Execution Steps**:
@@ -90,6 +89,7 @@ At this documentation you will have all information and related files and exampl
  1. Re-Register Provider:
     1. **403 Forbidden** response.
     2. body returned must accomplish **ProblemDetails** data structure, with:
+
        * status 403
        * title with message "Forbidden"
        * detail with message "Provider already registered".
@@ -110,22 +110,21 @@ At this documentation you will have all information and related files and exampl
 **Information of Test**:

  1. Create public and private key at provider for provider itself and each function (apf, aef and amf)
+  2. Retrieve access_token by User:

-  2. Register of Provider at CCF:
-     * Send POST to *http://{CAPIF_HOSTNAME}:{CAPIF_HTTP_PORT}/register*
-     * body [provider register body]
-  
-  3. Obtain Access Token:
-     * Send POST to *http://{CAPIF_HOSTNAME}/getauth*
-     * Body [provider getauth body]
+    * Send **GET** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth**
+      * Include basic Auth Header with Admin user/password
+    * Retrieve **access_token** and the urls needed for next requests from response body [user_getauth_response_body_example]
+
+  3. Register Provider:

-  4. Register Provider:
     * Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations*
     * body [provider request body]
     * Authentication Bearer with access_token
     * Get Resource URL from Location

-  5. Update Provider:
+  4. Update Provider:
+
     * Send PUT to Resource URL returned at registration *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{registrationId}*
     * body [provider request body] with apiProvDomInfo set to ROBOT_TESTING_MOD
     * Use AMF Certificate.
@@ -167,21 +166,21 @@ At this documentation you will have all information and related files and exampl

  1. Create public and private key at provider for provider itself and each function (apf, aef and amf)

-  2. Register of Provider at CCF:
-     * Send POST to *http://{CAPIF_HOSTNAME}:{CAPIF_HTTP_PORT}/register*
-     * body [provider register body]
-  
-  3. Obtain Access Token:
-     * Send POST to *http://{CAPIF_HOSTNAME}/getauth*
-     * Body [provider getauth body]
+  2. Retrieve access_token by User:
+
+    * Send **GET** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth**
+      * Include basic Auth Header with Admin user/password
+    * Retrieve **access_token** and the urls needed for next requests from response body [user_getauth_response_body_example]
+
+  3. Register Provider:

-  4. Register Provider:
     * Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations*
     * body [provider request body]
     * Authentication Bearer with access_token
     * Store each cert in a file with according name.

-  5. Update Not Registered Provider:
+  4. Update Not Registered Provider:
+
     * Send PUT *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{API_PROVIDER_NOT_REGISTERED}*
     * body [provider request body]
     * Use AMF Certificate.
@@ -189,7 +188,7 @@ At this documentation you will have all information and related files and exampl
 **Execution Steps**:
  
  1. Register Provider at CCF
-  3. Update Not Registered Provider
+  2. Update Not Registered Provider
   
 **Expected Result**:

@@ -217,21 +216,21 @@ At this documentation you will have all information and related files and exampl

  1. Create public and private key at provider for provider itself and each function (apf, aef and amf)

-  2. Register of Provider at CCF:
-     * Send POST to *http://{CAPIF_HOSTNAME}:{CAPIF_HTTP_PORT}/register*
-     * body [provider register body]
-  
-  3. Obtain Access Token:
-     * Send POST to *http://{CAPIF_HOSTNAME}/getauth*
-     * Body [provider getauth body]
+  2. Retrieve access_token by User:
+
+    * Send **GET** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth**
+      * Include basic Auth Header with Admin user/password
+    * Retrieve **access_token** and the urls needed for next requests from response body [user_getauth_response_body_example]
+
+  3. Register Provider:

-  4. Register Provider:
     * Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations*
     * body [provider request body]
     * Authentication Bearer with access_token
     * Store each cert in a file with according name.

-  5. Partial update provider:
+  4. Partial update provider:
+
     * Send PATCH *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{registrationId}*
     * body [provider request patch body]
     * Use AMF Certificate.
@@ -265,21 +264,21 @@ At this documentation you will have all information and related files and exampl

  1. Create public and private key at provider for provider itself and each function (apf, aef and amf)

-  2. Register of Provider at CCF:
-     * Send POST to *http://{CAPIF_HOSTNAME}:{CAPIF_HTTP_PORT}/register*
-     * body [provider register body]
-  
-  3. Obtain Access Token:
-     * Send POST to *http://{CAPIF_HOSTNAME}/getauth*
-     * Body [provider getauth body]
+  2. Retrieve access_token by User:
+
+    * Send **GET** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth**
+      * Include basic Auth Header with Admin user/password
+    * Retrieve **access_token** and the urls needed for next requests from response body [user_getauth_response_body_example]
+
+  3. Register Provider:

-  4. Register Provider:
     * Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations*
     * body [provider request body]
     * Authentication Bearer with access_token
     * Store each cert in a file with according name.

-  5. Partial update Provider:
+  4. Partial update Provider:
+
     * Send PATCH *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{API_API_PROVIDER_NOT_REGISTERED}*
     * body [provider request patch body]
     * Use AMF Certificate.
@@ -296,6 +295,7 @@ At this documentation you will have all information and related files and exampl
  1. Partial update provider:
     1. **404 Not Found** response.
     2. body returned must accomplish **ProblemDetails** data structure, with:
+
        * status 404
        * title with message "Not Found"
        * detail with message "Not Exist Provider Enrolment Details".
@@ -317,21 +317,21 @@ At this documentation you will have all information and related files and exampl

  1. Create public and private key at provider for provider itself and each function (apf, aef and amf)

-  2. Register of Provider at CCF:
-     * Send POST to *http://{CAPIF_HOSTNAME}:{CAPIF_HTTP_PORT}/register*
-     * body [provider register body]
-  
-  3. Obtain Access Token:
-     * Send POST to *http://{CAPIF_HOSTNAME}/getauth*
-     * Body [provider getauth body]
+  2. Retrieve access_token by User:
+
+    * Send **GET** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth**
+      * Include basic Auth Header with Admin user/password
+    * Retrieve **access_token** and the urls needed for next requests from response body [user_getauth_response_body_example]
+
+  3. Register Provider:

-  4. Register Provider:
     * Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations*
     * body [provider request body]
     * Authentication Bearer with access_token
     * Store each cert in a file with according name.

-  5. Delete registered provider:
+  4. Delete registered provider:
+
     * Send DELETE *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{registrationId}*
     * Use AMF Certificate.

@@ -362,21 +362,21 @@ At this documentation you will have all information and related files and exampl

  1. Create public and private key at provider for provider itself and each function (apf, aef and amf)

-  2. Register of Provider at CCF:
-     * Send POST to *http://{CAPIF_HOSTNAME}:{CAPIF_HTTP_PORT}/register*
-     * body [provider register body]
-  
-  3. Obtain Access Token:
-     * Send POST to *http://{CAPIF_HOSTNAME}/getauth*
-     * Body [provider getauth body]
+  2. Retrieve access_token by User:
+
+    * Send **GET** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth**
+      * Include basic Auth Header with Admin user/password
+    * Retrieve **access_token** and the urls needed for next requests from response body [user_getauth_response_body_example]
+
+  3. Register Provider:

-  4. Register Provider:
     * Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations*
     * body [provider request body]
     * Authentication Bearer with access_token
     * Store each cert in a file with according name.

-  5. Delete registered provider at Provider Management:
+  4. Delete registered provider at Provider Management:
+
     * Send DELETE *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{API_PROVIDER_NOT_REGISTERED}*
     * Use AMF Certificate.

@@ -395,11 +395,9 @@ At this documentation you will have all information and related files and exampl
        * detail with message "Not Exist Provider Enrolment Details".
        * cause with message "Not found registrations to send this api provider details".

-[provider register body]: ./provider_details_post_example.json  "API Provider Enrolment Request"
-
 [provider request body]: ./provider_details_post_example.json  "API Provider Enrolment Request"

 [provider request patch body]: ./provider_details_enrolment_details_patch_example.json  "API Provider Enrolment Patch Request"

-[provider getauth body]: ./provider_getauth_example.json    "Get Auth Example"
+[user_getauth_response_body_example]: ../common_operations/user_getauth_response_body_example.json    "User GetAuth response Body Example"

--- a/doc/testing/testplan/api_provider_management/provider_register_body.json
+++ b/doc/testing/testplan/api_provider_management/provider_register_body.json
-{
-  "password": "password",
-  "username": "ROBOT_TESTING_PUBLISHER",
-  "role": "provider",
-  "description": "Testing",
-  "cn": "ROBOT_TESTING_PUBLISHER"
-}
--- a/doc/testing/testplan/api_publish_service/README.md
+++ b/doc/testing/testplan/api_publish_service/README.md
@@ -647,11 +647,9 @@ At this documentation you will have all information and related files and exampl
   [service api description]: ./service_api_description_post_example.json  "Service API Description Request"
   [publisher register body]: ./publisher_register_body.json  "Publish register Body"
   [invoker onboarding body]: ../api_invoker_management/invoker_details_post_example.json  "API Invoker Request"
-   [invoker register body]: ../api_invoker_management/invoker_register_body.json  "Invoker Register Body"
   [provider request body]: ../api_provider_management/provider_details_post_example.json  "API Provider Enrolment Request"
   [provider request patch body]: ../api_provider_management/provider_details_enrolment_details_patch_example.json  "API Provider Enrolment Patch Request"
-   [provider getauth body]: ../api_provider_management/provider_getauth_example.json    "Get Auth Example"

-   [invoker onboarding]: ../common_operations/README.md#register-an-invoker "Invoker Onboarding"
+   [invoker onboarding]: ../common_operations/README.md#onboard-an-invoker "Invoker Onboarding"
   [provider registration]: ../common_operations/README.md#register-a-provider "Provider Registration"