diff --git a/doc/testing/testplan/api_security_service/README.md b/doc/testing/testplan/api_security_service/README.md
index 189d3f3703acf941e13fedb061e6dfadb87f31bc..7b871ccea5303a8cb253c429648ef9996f44f2c1 100644
--- a/doc/testing/testplan/api_security_service/README.md
+++ b/doc/testing/testplan/api_security_service/README.md
@@ -13,6 +13,12 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority)
+**Execution Steps**:
+
+ 1. Register and onboard Invoker at CCF
+ 2. Store signed Certificate
+ 3. Create Security Context
+
**Information of Test**:
1. Perform [Invoker Onboarding]
@@ -21,12 +27,6 @@ At this documentation you will have all information and related files and exampl
* body [service security body]
* Use **Invoker Certificate**
-**Execution Steps**:
-
- 1. Register and onboard Invoker at CCF
- 2. Store signed Certificate
- 3. Create Security Context
-
**Expected Result**:
1. Create security context:
@@ -47,6 +47,12 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerID), but user that create Security Context with Provider role
+**Execution Steps**:
+
+ 1. Register and onboard Invoker at CCF
+ 2. Register Provider at CCF
+ 3. Create Security Context using Provider certificate
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -56,12 +62,6 @@ At this documentation you will have all information and related files and exampl
* body [service security body]
* Using **AEF Certificate**
-**Execution Steps**:
-
- 1. Register and onboard Invoker at CCF
- 2. Register Provider at CCF
- 3. Create Security Context using Provider certificate
-
**Expected Result**:
1. Create security context using Provider certificate:
@@ -74,6 +74,7 @@ At this documentation you will have all information and related files and exampl
2. No context stored at DB
+
## Test Case 3: Create a security context for an API invoker with Provider entity role and invalid apiInvokerId
**Test ID**:: ***capif_security_api-3***
@@ -86,6 +87,11 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerID), but user that create Security Context with Provider role
+**Execution Steps**:
+
+ 1. Register Provider at CCF
+ 2. Create Security Context using Provider certificate
+
**Information of Test**:
1. Perform [Provider Registration]
@@ -95,11 +101,6 @@ At this documentation you will have all information and related files and exampl
* body [service security body]
* Using **AEF Certificate**
-**Execution Steps**:
-
- 1. Register Provider at CCF
- 2. Create Security Context using Provider certificate
-
**Expected Result**:
1. Create security context using Provider certificate:
@@ -111,6 +112,7 @@ At this documentation you will have all information and related files and exampl
* cause with message "User role must be invoker".
2. No context stored at DB
+
## Test Case 4: Create a security context for an API invoker with Invoker entity role and invalid apiInvokerId
**Test ID**:: ***capif_security_api-4***
@@ -123,6 +125,11 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerID), but user that create Security Context with invalid apiInvokerId
+**Execution Steps**:
+
+ 1. Register and onboard Invoker at CCF
+ 2. Create Security Context using Provider certificate
+
**Information of Test**:
1. Perform [Invoker Onboarding]
@@ -132,11 +139,6 @@ At this documentation you will have all information and related files and exampl
* body [service security body]
* Use **Invoker Certificate**
-**Execution Steps**:
-
- 1. Register and onboard Invoker at CCF
- 2. Create Security Context using Provider certificate
-
**Expected Result**:
1. Create security context using Provider certificate:
@@ -162,6 +164,13 @@ At this documentation you will have all information and related files and exampl
* Provider is pre-authorised (has valid apfId from CAPIF Authority) and API Invoker has created a valid Security Context
+**Execution Steps**:
+
+ 1. Register and onboard Invoker at CCF
+ 2. Register Provider at CCF
+ 3. Create Security Context using Provider certificate
+ 4. Retrieve Security Context by Provider
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -175,13 +184,6 @@ At this documentation you will have all information and related files and exampl
* Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* Using **AEF Certificate**
-**Execution Steps**:
-
- 1. Register and onboard Invoker at CCF
- 2. Register Provider at CCF
- 3. Create Security Context using Provider certificate
- 4. Retrieve Security Context by Provider
-
**Expected Result**:
1. Retrieve security context:
@@ -201,6 +203,12 @@ At this documentation you will have all information and related files and exampl
* Provider is pre-authorised (has valid apfId from CAPIF Authority) and API Invoker has created a valid Security Context
+**Execution Steps**:
+
+ 2. Register Provider at CCF
+ 3. Create Security Context using Provider certificate
+ 4. Retrieve Security Context by Provider of invalid invoker
+
**Information of Test**:
1. Perform [Provider Registration]
@@ -209,12 +217,6 @@ At this documentation you will have all information and related files and exampl
* Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}**
* Using **AEF Certificate**.
-**Execution Steps**:
-
- 2. Register Provider at CCF
- 3. Create Security Context using Provider certificate
- 4. Retrieve Security Context by Provider of invalid invoker
-
**Expected Result**:
1. Retrieve security context:
@@ -238,6 +240,13 @@ At this documentation you will have all information and related files and exampl
* API Exposure Function is not pre-authorised (has invalid apfId)
+**Execution Steps**:
+
+ 1. Register and onboard Invoker at CCF
+ 2. Store signed Certificate
+ 3. Create Security Context
+ 4. Retrieve Security Context as Provider.
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -251,13 +260,6 @@ At this documentation you will have all information and related files and exampl
* Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* Using **Invoker Certificate**
-**Execution Steps**:
-
- 1. Register and onboard Invoker at CCF
- 2. Store signed Certificate
- 3. Create Security Context
- 4. Retrieve Security Context as Provider.
-
**Expected Result**:
1. Create security context:
@@ -281,6 +283,13 @@ At this documentation you will have all information and related files and exampl
* Provider is pre-authorised (has valid apfId from CAPIF Authority) and API Invoker has created a valid Security Context
+**Execution Steps**:
+
+ 1. Register and onboard Invoker at CCF
+ 2. Register Provider at CCF
+ 3. Create Security Context using Provider certificate
+ 4. Delete Security Context by Provider
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -298,13 +307,6 @@ At this documentation you will have all information and related files and exampl
* Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* Using **AEF Certificate**
-**Execution Steps**:
-
- 1. Register and onboard Invoker at CCF
- 2. Register Provider at CCF
- 3. Create Security Context using Provider certificate
- 4. Delete Security Context by Provider
-
**Expected Result**:
1. Delete security context:
@@ -331,6 +333,12 @@ At this documentation you will have all information and related files and exampl
* Provider is pre-authorised (has valid apfId from CAPIF Authority) and API Invoker has created a valid Security Context
+**Execution Steps**:
+
+ 1. Register Provider at CCF
+ 2. Create Security Context using Provider certificate
+ 3. Delete Security Context by Invoker
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -344,12 +352,6 @@ At this documentation you will have all information and related files and exampl
* Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* Use **Invoker Certificate**
-**Execution Steps**:
-
- 1. Register Provider at CCF
- 2. Create Security Context using Provider certificate
- 3. Delete Security Context by Invoker
-
**Expected Result**:
1. Delete security context:
@@ -373,6 +375,11 @@ At this documentation you will have all information and related files and exampl
* Invoker is pre-authorised.
+**Execution Steps**:
+
+ 1. Register Provider at CCF
+ 2. Delete Security Context by invoker
+
**Information of Test**:
1. Perform [Invoker Onboarding]
@@ -381,11 +388,6 @@ At this documentation you will have all information and related files and exampl
* Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}**
* Use **Invoker Certificate**
-**Execution Steps**:
-
- 1. Register Provider at CCF
- 2. Delete Security Context by invoker
-
**Expected Result**:
1. Delete security context:
@@ -409,6 +411,11 @@ At this documentation you will have all information and related files and exampl
* Provider is pre-authorised (has valid apfId from CAPIF Authority).
+**Execution Steps**:
+
+ 1. Register Provider at CCF
+ 2. Delete Security Context by provider
+
**Information of Test**:
1. Perform [Provider Registration]
@@ -417,11 +424,6 @@ At this documentation you will have all information and related files and exampl
* Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{API_INVOKER_NOT_VALID}**
* Use **AEF Certificate**
-**Execution Steps**:
-
- 1. Register Provider at CCF
- 2. Delete Security Context by provider
-
**Expected Result**:
1. Retrieve security context:
@@ -445,6 +447,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized
+**Execution Steps**:
+
+ 1. Register and onboard Invoker at CCF
+ 2. Register Provider at CCF
+ 3. Create Security Context By Invoker
+ 4. Update Security Context By Invoker
+ 5. Retrieve Security Context By Provider
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -463,14 +473,6 @@ At this documentation you will have all information and related files and exampl
* Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* Using **AEF Certificate**.
-**Execution Steps**:
-
- 1. Register and onboard Invoker at CCF
- 2. Register Provider at CCF
- 3. Create Security Context By Invoker
- 4. Update Security Context By Invoker
- 5. Retrieve Security Context By Provider
-
**Expected Result**:
1. Update security context:
@@ -496,6 +498,13 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized.
* Invoker has created the Security Context previously.
+**Execution Steps**:
+
+ 1. Register and onboard Invoker at CCF
+ 2. Register Provider at CCF
+ 3. Create Security Context
+ 4. Update Security Context as Provider
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -510,13 +519,6 @@ At this documentation you will have all information and related files and exampl
* body [service security body] but with notification destination modified to **http://robot.testing2**
* Using **AEF Certificate**
-**Execution Steps**:
-
- 1. Register and onboard Invoker at CCF
- 2. Register Provider at CCF
- 3. Create Security Context
- 4. Update Security Context as Provider
-
**Expected Result**:
1. Update security context:
@@ -541,6 +543,11 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized.
* Invoker has created the Security Context previously.
+**Execution Steps**:
+
+ 1. Register Provider at CCF
+ 2. Update Security Context as Provider
+
**Information of Test**:
1. Perform [Provider Registration]
@@ -550,11 +557,6 @@ At this documentation you will have all information and related files and exampl
* body [service security body]
* Using **AEF Certificate**
-**Execution Steps**:
-
- 1. Register Provider at CCF
- 2. Update Security Context as Provider
-
**Expected Result**:
1. Update security context:
@@ -578,6 +580,11 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority)
+**Execution Steps**:
+
+ 1. Register and onboard Invoker at CCF
+ 2. Update Security Context
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -587,11 +594,6 @@ At this documentation you will have all information and related files and exampl
* body [service security body]
* Using **Invoker Certificate**.
-**Execution Steps**:
-
- 1. Register and onboard Invoker at CCF
- 2. Update Security Context
-
**Expected Result**:
1. Retrieve security context:
@@ -615,6 +617,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized
+**Execution Steps**:
+
+ 1. Register and onboard Invoker at CCF
+ 2. Register Provider at CCF
+ 3. Create Security Context by Invoker
+ 4. Revoke Security Context by Provider
+ 5. Retrieve Security Context by Provider
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -633,15 +643,6 @@ At this documentation you will have all information and related files and exampl
* Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* Using **AEF Certificate**.
-
-**Execution Steps**:
-
- 1. Register and onboard Invoker at CCF
- 2. Register Provider at CCF
- 3. Create Security Context by Invoker
- 4. Revoke Security Context by Provider
- 5. Retrieve Security Context by Provider
-
**Expected Result**:
1. Revoke Authorization:
@@ -668,6 +669,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized
+**Execution Steps**:
+
+ 1. Register and onboard Invoker at CCF
+ 2. Register Provider at CCF
+ 3. Create Security Context
+ 4. Revoke Security Context by invoker
+ 5. Retrieve Security Context
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -686,14 +695,6 @@ At this documentation you will have all information and related files and exampl
* Send **GET** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**
* Using Provider Certificate
-**Execution Steps**:
-
- 1. Register and onboard Invoker at CCF
- 2. Register Provider at CCF
- 3. Create Security Context
- 4. Revoke Security Context by invoker
- 5. Retrieve Security Context
-
**Expected Result**:
1. Revoke Security Context by invoker:
@@ -722,6 +723,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized
+**Execution Steps**:
+
+ 1. Register and onboard Invoker at CCF
+ 2. Register Provider at CCF
+ 3. Create Security Context
+ 4. Revoke Security Context by Provider
+ 5. Retrieve Security Context
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -741,14 +750,6 @@ At this documentation you will have all information and related files and exampl
* This request will ask with parameter to retrieve authenticationInfo and authorizationInfo
* Using **AEF Certificate**.
-**Execution Steps**:
-
- 1. Register and onboard Invoker at CCF
- 2. Register Provider at CCF
- 3. Create Security Context
- 4. Revoke Security Context by Provider
- 5. Retrieve Security Context
-
**Expected Result**:
1. Revoke Security Context by invoker:
@@ -778,6 +779,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerId)
* Service API of Provider is published
+**Execution Steps**:
+
+ 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
+ 2. Register and onboard Invoker at CCF
+ 3. Discover Service APIs by Invoker.
+ 4. Create Security Context According to Service APIs discovered.
+ 5. Request Access Token
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -806,14 +815,6 @@ At this documentation you will have all information and related files and exampl
* Create Scope properly for request: ***3gpp#{aef_id}:{api_name}***
* Using **Invoker Certificate**.
-**Execution Steps**:
-
- 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
- 2. Register and onboard Invoker at CCF
- 3. Discover Service APIs by Invoker.
- 4. Create Security Context According to Service APIs discovered.
- 5. Request Access Token
-
**Expected Result**:
1. Response to Request of Access Token:
@@ -834,6 +835,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerID from CAPIF Authority) and Provider is also authorized
+**Execution Steps**:
+
+ 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
+ 2. Register and onboard Invoker at CCF
+ 3. Discover Service APIs by Invoker.
+ 4. Create Security Context According to Service APIs discovered.
+ 5. Request Access Token by Provider
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -861,14 +870,6 @@ At this documentation you will have all information and related files and exampl
* ***grant_type=client_credentials***
* Using **AEF Certificate**
-**Execution Steps**:
-
- 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
- 2. Register and onboard Invoker at CCF
- 3. Discover Service APIs by Invoker.
- 4. Create Security Context According to Service APIs discovered.
- 5. Request Access Token by Provider
-
**Expected Result**:
1. Response to Request of Access Token:
@@ -877,6 +878,7 @@ At this documentation you will have all information and related files and exampl
* error unauthorized_client
* error_description=Role not authorized for this API route
+
## Test Case 21: Retrieve access token by Provider with invalid apiInvokerId
**Test ID**:: ***capif_security_api-21***
@@ -889,6 +891,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised and Provider is also authorized
+**Execution Steps**:
+
+ 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
+ 2. Register and onboard Invoker at CCF
+ 3. Discover Service APIs by Invoker.
+ 4. Create Security Context According to Service APIs discovered.
+ 5. Request Access Token by Provider
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -916,14 +926,6 @@ At this documentation you will have all information and related files and exampl
* ***grant_type=client_credentials***
* Using **AEF Certificate**
-**Execution Steps**:
-
- 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
- 2. Register and onboard Invoker at CCF
- 3. Discover Service APIs by Invoker.
- 4. Create Security Context According to Service APIs discovered.
- 5. Request Access Token by Provider
-
**Expected Result**:
1. Response to Request of Access Token:
@@ -945,6 +947,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised (has valid apiInvokerId)
+**Execution Steps**:
+
+ 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
+ 2. Register and onboard Invoker at CCF
+ 3. Discover Service APIs by Invoker.
+ 4. Create Security Context According to Service APIs discovered.
+ 5. Request Access Token by Invoker
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -968,14 +978,6 @@ At this documentation you will have all information and related files and exampl
* ***grant_type=client_credentials***
* Using **Invoker Certificate**
-**Execution Steps**:
-
- 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
- 2. Register and onboard Invoker at CCF
- 3. Discover Service APIs by Invoker.
- 4. Create Security Context According to Service APIs discovered.
- 5. Request Access Token by Invoker
-
**Expected Result**:
1. Response to Request of Access Token:
@@ -989,6 +991,7 @@ At this documentation you will have all information and related files and exampl
**NOTE: ProblemDetails29571 is the definition present for this request at swagger of ProblemDetails, and this is different from definition of ProblemDetails across other CAPIF Services**
+
## Test Case 23: Retrieve access token with invalid client_id
**Test ID**:: ***capif_security_api-23***
@@ -1001,6 +1004,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised and Provider is also authorized
+**Execution Steps**:
+
+ 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
+ 2. Register and onboard Invoker at CCF
+ 3. Discover Service APIs by Invoker.
+ 4. Create Security Context According to Service APIs discovered.
+ 5. Request Access Token by Invoker
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -1029,14 +1040,6 @@ At this documentation you will have all information and related files and exampl
* **client_id is not-valid**
* Using **Invoker Certificate**
-**Execution Steps**:
-
- 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
- 2. Register and onboard Invoker at CCF
- 3. Discover Service APIs by Invoker.
- 4. Create Security Context According to Service APIs discovered.
- 5. Request Access Token by Invoker
-
**Expected Result**:
1. Response to Request of Access Token:
@@ -1058,6 +1061,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised and Provider is also authorized
+**Execution Steps**:
+
+ 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
+ 2. Register and onboard Invoker at CCF
+ 3. Discover Service APIs by Invoker.
+ 4. Create Security Context According to Service APIs discovered.
+ 5. Request Access Token by Invoker
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -1085,14 +1096,6 @@ At this documentation you will have all information and related files and exampl
* ***grant_type=not_valid***
* Using **Invoker Certificate**
-**Execution Steps**:
-
- 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
- 2. Register and onboard Invoker at CCF
- 3. Discover Service APIs by Invoker.
- 4. Create Security Context According to Service APIs discovered.
- 5. Request Access Token by Invoker
-
**Expected Result**:
1. Response to Request of Access Token:
@@ -1113,6 +1116,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised and Provider is also authorized
+**Execution Steps**:
+
+ 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
+ 2. Register and onboard Invoker at CCF
+ 3. Discover Service APIs by Invoker.
+ 4. Create Security Context According to Service APIs discovered.
+ 5. Request Access Token by Invoker
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -1141,14 +1152,6 @@ At this documentation you will have all information and related files and exampl
* ***scope=not-valid-scope***
* Using **Invoker Certificate**
-**Execution Steps**:
-
- 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
- 2. Register and onboard Invoker at CCF
- 3. Discover Service APIs by Invoker.
- 4. Create Security Context According to Service APIs discovered.
- 5. Request Access Token by Invoker
-
**Expected Result**:
1. Response to Request of Access Token:
@@ -1170,6 +1173,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised and Provider is also authorized
+**Execution Steps**:
+
+ 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
+ 2. Register and onboard Invoker at CCF
+ 3. Discover Service APIs by Invoker.
+ 4. Create Security Context According to Service APIs discovered.
+ 5. Request Access Token by Invoker
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -1198,14 +1209,6 @@ At this documentation you will have all information and related files and exampl
* ***scope=3gpp#1234:**service_1***
* Using **Invoker Certificate**
-**Execution Steps**:
-
- 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
- 2. Register and onboard Invoker at CCF
- 3. Discover Service APIs by Invoker.
- 4. Create Security Context According to Service APIs discovered.
- 5. Request Access Token by Invoker
-
**Expected Result**:
1. Response to Request of Access Token:
@@ -1227,6 +1230,14 @@ At this documentation you will have all information and related files and exampl
* API Invoker is pre-authorised and Provider is also authorized
+**Execution Steps**:
+
+ 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
+ 2. Register and onboard Invoker at CCF
+ 3. Discover Service APIs by Invoker.
+ 4. Create Security Context According to Service APIs discovered.
+ 5. Request Access Token by Invoker
+
**Information of Test**:
1. Perform [Provider Registration] and [Invoker Onboarding]
@@ -1255,14 +1266,6 @@ At this documentation you will have all information and related files and exampl
* ***scope=3gpp#{aef_id}:not-valid***
* Using **Invoker Certificate**
-**Execution Steps**:
-
- 1. Register Provider at CCF, store certificates and Publish Service API **service_1** at CCF
- 2. Register and onboard Invoker at CCF
- 3. Discover Service APIs by Invoker.
- 4. Create Security Context According to Service APIs discovered.
- 5. Request Access Token by Invoker
-
**Expected Result**:
1. Response to Request of Access Token:
@@ -1273,9 +1276,6 @@ At this documentation you will have all information and related files and exampl
[Return To All Test Plans]: ../README.md
-
-
-
[service security body]: ./service_security.json "Service Security Request"
[security notification body]: ./security_notification.json "Security Notification Request"
[access token req body]: ./access_token_req.json "Access Token Request"