Merge branch 'OCF-Doc11-change-order-of-sections-in-tests-to-improve-readability' into 'develop'

  *  Invoker exist in CAPIF

  *  Log Entry exist in CAPIF

**Execution Steps**:

  1. Register Provider and Invoker CCF

  2. Publish Service

  3. Create Log Entry

  4. Get Log Entry

**Information of Test**:

  1. Perform [provider onboarding], [invoker onboarding] 

  2. Publish Service API at CCF:

    - Send Post to ccf_publish_url https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis

    - body [service api description] with apiName service_1

    - Use APF Certificate

    - Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis**

    - body [service api description] with apiName **service_1**

    - Use **APF Certificate**

  3. Create Log Entry:

     - Send POST to *https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs*

     - Send **POST** to **https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs**

     - body [log entry request body]

     - Use AEF Certificate

     - Use **AEF Certificate**

  4. Get Log:

     1. Send GET to *https://{CAPIF_HOSTNAME}/logs/v1/apiInvocationLogs?aef-id={aefId}&api-invoker-id={api-invoker-id}*

     2. Use AMF Certificate

**Execution Steps**:

  1. Register Provider and Invoker CCF

  2. Publish Service

  3. Create Log Entry

  4. Get Log Entry

     1. Send **GET** to **https://{CAPIF_HOSTNAME}/logs/v1/apiInvocationLogs?aef-id={aefId}&api-invoker-id={api-invoker-id}**

     2. Use **AMF Certificate**

**Expected Result**:

  *  Service exist in CAPIF

  *  Invoker exist in CAPIF

**Execution Steps**:

  1. Register Provider and Invoker CCF

  2. Publish Service

  3. Get Log Entry

**Information of Test**:

  1. Perform [provider onboarding], [invoker onboarding] 

  2. Publish Service API at CCF:

    - Send Post to ccf_publish_url https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis

    - body [service api description] with apiName service_1

    - Use APF Certificate

  4. Get Log:

     1. Send GET to *https://{CAPIF_HOSTNAME}/logs/v1/apiInvocationLogs?aef-id={aefId}&api-invoker-id={api-invoker-id}*

     2. Use AMF Certificate

    - Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis**

    - body [service api description] with apiName **service_1**

    - Use **APF Certificate**

**Execution Steps**:

  1. Register Provider and Invoker CCF

  2. Publish Service

  3. Get Log Entry

  3. Get Log:

     1. Send **GET** to **https://{CAPIF_HOSTNAME}/logs/v1/apiInvocationLogs?aef-id={aefId}&api-invoker-id={api-invoker-id}**

     2. Use **AMF Certificate**

**Expected Result**:

  *  Invoker exist in CAPIF

  *  Log Entry exist in CAPIF

**Execution Steps**:

  1. Register Provider and Invoker CCF

  2. Publish Service

  3. Create Log Entry

  4. Get Log Entry

**Information of Test**:

  1. Perform [provider onboarding], [invoker onboarding] 

  2. Publish Service API at CCF:

    - Send Post to ccf_publish_url https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis

    - body [service api description] with apiName service_1

    - Use APF Certificate

    - Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis**

    - body [service api description] with apiName **service_1**

    - Use **APF Certificate**

  3. Create Log Entry:

     - Send POST to *https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs*

     - Send **POST** to **https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs**

     - body [log entry request body]

     - Use AEF Certificate

     - Use **AEF Certificate**

  4. Get Log:

     1. Send GET to *https://{CAPIF_HOSTNAME}/logs/v1/apiInvocationLogs

     2. Use AMF Certificate

**Execution Steps**:

  1. Register Provider and Invoker CCF

  2. Publish Service

  3. Create Log Entry

  4. Get Log Entry

     1. Send **GET** to **https://{CAPIF_HOSTNAME}/logs/v1/apiInvocationLogs**

     2. Use **AMF Certificate**

**Expected Result**:

  *  Invoker exist in CAPIF

  *  Log Entry exist in CAPIF

**Execution Steps**:

  1. Register Provider and Invoker CCF

  2. Publish Service

  3. Create Log Entry

  4. Get Log Entry

**Information of Test**:

  1. Perform [provider onboarding], [invoker onboarding] 

  2. Publish Service API at CCF:

    - Send Post to ccf_publish_url https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis

    - body [service api description] with apiName service_1

    - Use APF Certificate

    - Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis**

    - body [service api description] with apiName **service_1**

    - Use **APF Certificate**

  3. Create Log Entry:

     - Send POST to *https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs*

     - Send **POST** to **https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs**

     - body [log entry request body]

     - Use AEF Certificate

     - Use **AEF Certificate**

  4. Get Log:

     1. Send GET to *https://{CAPIF_HOSTNAME}/logs/v1/apiInvocationLogs?aef-id={aefId}&api-invoker-id={api-invoker-id}&api-version={v1}*

     2. Use AMF Certificate

**Execution Steps**:

  1. Register Provider and Invoker CCF

  2. Publish Service

  3. Create Log Entry

  4. Get Log Entry

     1. Send **GET** to **https://{CAPIF_HOSTNAME}/logs/v1/apiInvocationLogs?aef-id={aefId}&api-invoker-id={api-invoker-id}&api-version={v1}**

     2. Use **AMF Certificate**

**Expected Result**:

  *  Invoker exist in CAPIF

  *  Log Entry exist in CAPIF

**Execution Steps**:

  1. Register Provider and Invoker CCF

  2. Publish Service

  3. Create Log Entry

  4. Get Log Entry

**Information of Test**:

  1. Perform [provider onboarding], [invoker onboarding] 

  2. Publish Service API at CCF:

    - Send Post to ccf_publish_url https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis

    - body [service api description] with apiName service_1

    - Use APF Certificate

    - Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis**

    - body [service api description] with apiName **service_1**

    - Use **APF Certificate**

  3. Create Log Entry:

     - Send POST to *https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs*

     - Send **POST** to **https://{CAPIF_HOSTNAME}/api-invocation-logs/v1/{aefId}/logs**

     - body [log entry request body]

     - Use AEF Certificate

     - Use **AEF Certificate**

  4. Get Log:

     1. Send GET to *https://{CAPIF_HOSTNAME}/logs/v1/apiInvocationLogs?aef-id={aefId}&api-invoker-id={api-invoker-id}&api-version={v58}*

     2. Use AMF Certificate

**Execution Steps**:

  1. Register Provider and Invoker CCF

  2. Publish Service

  3. Create Log Entry

  4. Get Log Entry

     1. Send **GET** to **https://{CAPIF_HOSTNAME}/logs/v1/apiInvocationLogs?aef-id={aefId}&api-invoker-id={api-invoker-id}&api-version={v58}**

     2. Use **AMF Certificate**

**Expected Result**:

**Description**:

  This test case will check that a CAPIF subscriber (Invoker or Publisher) can Subscribe to Events

**Pre-Conditions**:

  * CAPIF subscriber is pre-authorised (has valid InvokerId or apfId from CAPIF Authority)

  2. Response to Event Subscription must accomplish:

     1. 201 Created

     2. The URI of the created resource shall be returned in the "Location" HTTP header, following this structure: *{apiRoot}/capif-events/{apiVersion}/{subscriberId}/subscriptions/{subscriptionId}

     2. The URI of the created resource shall be returned in the "Location" HTTP header, following this structure: **{apiRoot}/capif-events/{apiVersion}/{subscriberId}/subscriptions/{subscriptionId}**

     3. Response Body must follow **EventSubscription** data structure.

  3. Event Subscriptions are stored in CAPIF Database

  1. Perform [Invoker Onboarding]

  2. Event Subscription:

     1. Send **POST** to https://{CAPIF_HOSTNAME}/capif-events/v1/{subscriberId}/subscriptions

     1. Send **POST** to **https://{CAPIF_HOSTNAME}/capif-events/v1/{subscriberId}/subscriptions**

     2. body [event subscription request body]

     3. Use **Invoker Certificate**

  3. Remove Event Subcription with not valid subscriber:

     1. Send **DELETE** to to https://{CAPIF_HOSTNAME}/capif-events/v1/{subcriberId}/subscriptions/{SUBSCRIPTION_ID_NOT_VALID}

     1. Send **DELETE** to to **https://{CAPIF_HOSTNAME}/capif-events/v1/{subcriberId}/subscriptions/{SUBSCRIPTION_ID_NOT_VALID}**

     2. Use **Invoker Certificate**

**Expected Result**:

**Description**:

  This test case will check that a CAPIF Invoker subscribed to SERVICE_API_INVOCATION_SUCCESS and SERVICE_API_INVOCATION_FAILURE, receive the notification when AEF send to logging service result of invocations to their APIs.

  This test case will check that a CAPIF Invoker subscribed to SERVICE_API_INVOCATION_SUCCESS and SERVICE_API_INVOCATION_FAILURE, receive the notification when AEF Send **TO** logging service result of invocations to their APIs.

**Pre-Conditions**:

     * Send **POST** to ccf_publish_url **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis**

     * body [service api description] with apiName **service_1**

     * Store **serviceApiId**

     * Use APF Certificate

     * Use **APF Certificate**

  3. Perform [invoker onboarding]

  4. Discover published APIs:

        3. apiId of published API

        4. apiName of published API

        5. 200 and 400 results in two logs.

     3. Use AEF Certificate

     3. Use **AEF Certificate**

**Expected Result**:

  2. Mock Server received messages must accomplish:

     1. **Two Events have been received**.

     2. Validate received events follow **EventNotification** data structure, with **apiIds** in **eventDetail** parameter.

        1. One should be **SERVICE_API_AVAILABLE** apiId of service_2 published API.

        2. The other one must be **SERVICE_API_UNAVAILABLE** apiId of service_1 published API.

        1. One should be **SERVICE_API_AVAILABLE** apiId of **service_2** published API.

        2. The other one must be **SERVICE_API_UNAVAILABLE** apiId of **service_1** published API.

---

## Test Case 8: Invoker subscribe to Service API Update

  7. Update published API at CCF:

     * Send **PUT** to resource URL **https://{CAPIF_HOSTNAME}/published-apis/v1/{apfId}/service-apis/{serivceApiId}**

     * body [service api description] with overrided **apiName** to **service_1_modified**

     * body [service api description] with overrided **apiName** to **service_1**_modified**

     * Use **APF Certificate**

**Expected Result**:

  2. Response to Update Published Service API:

     1. **200 OK**

     2. Response Body must follow **ServiceAPIDescription** data structure with:

        * apiName **service_1_modified**

        * apiName **service_1**_modified**

  3. Mock Server received messages must accomplish:

     1. **One Event has been received**.

     2. Validate received events follow **EventNotification** data structure, with **serviceAPIDescriptions** in **eventDetail** parameter.

  6. Create Security Context for Invoker

     * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**

     * body [service security body]

     * Use Invoker Certificate

     * Use **Invoker Certificate**

  7. Provider Retrieve ACL

     * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}**

     * Use **serviceApiId** and **aefId**

  6. Create Security Context for Invoker

     * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**

     * body [service security body]

     * Use Invoker Certificate

     * Use **Invoker Certificate**

  7. Provider Retrieve ACL

     * Send **GET** **https://{CAPIF_HOSTNAME}/access-control-policy/v1/accessControlPolicyList/${serviceApiId}?aef-id=${aef_id}**

     * Use **serviceApiId** and **aefId**

     * Use **AEF Provider Certificate**

  3. Delete Security Context of Invoker by Provider:

     * Send **DELETE** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**

     * Use **AEF certificate**

     * Use **AEF Certificate**

**Expected Result**:

  6. Create Security Context for Invoker

     * Send **PUT** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}**

     * body [service security body]

     * Use Invoker Certificate

     * Use **Invoker Certificate**

  7. Revoke Authorization by Provider:

     * Send **POST** **https://{CAPIF_HOSTNAME}/trustedInvokers/{apiInvokerId}/delete**

     * body [security notification body]

     * Using AEF Certificate.

     * Using **AEF Certificate**.

**Expected Result**:

# Test Plan for CAPIF Api Invoker Management

At this documentation you will have all information and related files and examples of test plan for this API.

## Test Case 1: Onboard NetApp

## Test Case 1: Onboard Network App

**Test ID**: ***capif_api_invoker_management-1***

**Description**:

  This test will try to register new NetApp at CAPIF Core.

  This test will try to register new Network App at CAPIF Core.

**Pre-Conditions**:

  * NetApp was not registered previously

  * NetApp was not onboarded previously

  * Network App was not registered previously

  * Network App was not onboarded previously

  * ***Preconditions: The administrator must have previously registered the User.***

**Execution Steps**:

  1. Retrieve access_token by User from register

  2. Onboard Invoker at CCF

  3. Store signed Certificate

**Information of Test**:

  1. Create public and private key at invoker

    * Retrieve **access_token** and the urls needed for next requests from response body [user_getauth_response_body_example]

  3. Onboard Invoker:

     * Send POST to *https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers*

     * Send **POST** to **https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers**

     * Reference Request Body: [invoker onboarding body]

     * "onboardingInformation"->"apiInvokerPublicKey": must contain public key generated by Invoker.

     * Send at Authorization Header the Bearer access_token obtained previously (Authorization:Bearer ${access_token})

**Execution Steps**:

  1. Retrieve access_token by User from register

  2. Onboard Invoker at CCF

  3. Store signed Certificate

     * Send in Authorization Header the Bearer access_token obtained previously (Authorization:Bearer ${access_token})

**Expected Result**:

     2. Response Body must follow **APIInvokerEnrolmentDetails** data structure with:

        * apiInvokerId

        * onboardingInformation->apiInvokerCertificate must contain the public key signed.

     3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}*

     3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}**

## Test Case 2: Onboard NetApp Already onboarded

## Test Case 2: Onboard Network App Already onboarded

**Test ID**: ***capif_api_invoker_management-2***

**Description**:

  This test will check second onboard of same NetApp is not allowed.

  This test will check second onboard of same Network App is not allowed.

**Pre-Conditions**:

  * NetApp was registered previously

  * NetApp was onboarded previously

  * Network App was registered previously

  * Network App was onboarded previously

**Execution Steps**:

  1. Register Network App at CCF

  2. Onboard Network App at CCF

  3. Store signed Certificate at Network App

  4. Onboard Again the Network App at CCF

**Information of Test**:

  1. Perform [Invoker Onboarding]

  2. Repeat Onboard Invoker:

     * Send POST to *https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers*

     * Send **POST** to **https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers**

     * Reference Request Body: [invoker onboarding body]

     * "onboardingInformation"->"apiInvokerPublicKey": must contain public key generated by Invoker.

     * Send at Authorization Header the Bearer access_token obtained previously (Authorization:Bearer ${access_token})

**Execution Steps**:

  1. Register NetApp at CCF

  2. Onboard NetApp at CCF

  3. Store signed Certificate at NetApp

  4. Onboard Again the NetApp at CCF

     * Send in Authorization Header the Bearer access_token obtained previously (Authorization:Bearer ${access_token})

**Expected Result**:

     2. Response Body must follow **APIInvokerEnrolmentDetails** data structure with:

        * apiInvokerId

        * onboardingInformation->apiInvokerCertificate must contain the public key signed.

     3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}*

  2. Response to Second Onboard of NetApp must accomplish:

     3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}**

  2. Response to Second Onboard of Network App must accomplish:

     1. **403 Forbidden**

     2. Error Response Body must accomplish with **ProblemDetails** data structure with:

        * status 403

        * cause with message "Identical invoker public key".

## Test Case 3: Update Onboarded NetApp  

## Test Case 3: Update Onboarded Network App

**Test ID**: ***capif_api_invoker_management-3***

**Description**:

  This test will try to update information of previous onboard NetApp at CAPIF Core.

  This test will try to update information of previous onboard Network App at CAPIF Core.

**Pre-Conditions**:

  * NetApp was registered previously

  * NetApp was onboarded previously with {onboardingId}

  * Network App was registered previously

  * Network App was onboarded previously with {onboardingId}

**Execution Steps**:

  1. Register Invoker at CCF

  2. Onboard Invoker at CCF

  3. Store signed Certificate

  4. Update Onboarding Information at CCF with a minor change on "notificationDestination"

**Information of Test**:

  1. Perform [Invoker Onboarding]

  2. Update information of previously onboarded Invoker:

     * Send PUT to *https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{onboardingId}*

     * Send **PUT** to **https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{onboardingId}**

     * Reference Request Body is: [put invoker onboarding body]

       * "notificationDestination": "*http://host.docker.internal:8086/netapp_new_callback*",

**Execution Steps**:

  1. Register Invoker at CCF

  2. Onboard Invoker at CCF

  3. Store signed Certificate

  4. Update Onboarding Information at CCF with a minor change on "notificationDestination"

**Expected Result**:

  1. Response to Onboard request must accomplish:

     2. Response Body must follow **APIInvokerEnrolmentDetails** data structure with:

        * apiInvokerId

        * onboardingInformation->apiInvokerCertificate must contain the public key signed.

     3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}*

     3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}**

  2. Response to Update Request (PUT) with minor change must contain:

     1. **200 OK** response.

     2. notificationDestination on response must contain the new value

## Test Case 4: Update Not Onboarded NetApp

## Test Case 4: Update Not Onboarded Network App

**Test ID**: ***capif_api_invoker_management-4***

**Description**:

  This test will try to update information of not onboarded NetApp at CAPIF Core.

  This test will try to update information of not onboarded Network App at CAPIF Core.

**Pre-Conditions**:

  * NetApp was registered previously

  * NetApp was not onboarded previously

  * Network App was registered previously

  * Network App was not onboarded previously

**Execution Steps**:

  1. Register Invoker at CCF

  2. Onboard Invoker at CCF

  3. Update Onboarding Information at CCF of not onboarded

**Information of Test**:

  1. Perform [Invoker Onboarding]

  2. Update information of not onboarded Invoker:

     * Send PUT to *https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{INVOKER_NOT_REGISTERED}*

     * Send **PUT** to **https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{INVOKER_NOT_REGISTERED}**

     * Reference Request Body is: [put invoker onboarding body]

**Execution Steps**:

  1. Register Invoker at CCF

  2. Onboard Invoker at CCF

  3. Update Onboarding Information at CCF of not onboarded

**Expected Result**:

  1. Response to Onboard request must accomplish:

     2. Error Response Body must accomplish with **ProblemDetails** data structure with:

        * status 404

        * title with message "Not Found"

        * detail with message "Please provide an existing Netapp ID".

        * cause with message "Not exist NetappID".

        * detail with message "Please provide an existing Network App ID".

        * cause with message "Not exist Network App ID".

## Test Case 5: Offboard NetApp

## Test Case 5: Offboard Network App

**Test ID**: ***capif_api_invoker_management-5***

**Description**:

  This test case will check that a Registered NetApp can be deleted.

  This test case will check that a Registered Network App can be deleted.

**Pre-Conditions**:

  * NetApp was registered previously

  * NetApp was onboarded previously

**Information of Test**:

  1. Perform [Invoker Onboarding]

  2. Offboard:

     * Send Delete to *https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{onboardingId}*

  * Network App was registered previously

  * Network App was onboarded previously

**Execution Steps**:

  2. Onboard Invoker at CCF

  3. Offboard Invoker at CCF

**Information of Test**:

  1. Perform [Invoker Onboarding]

  2. Offboard:

     * Send **DELETE** to **https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{onboardingId}**

**Expected Result**:

  1. Response to Onboard request must accomplish:

     1. **204 No Content**

## Test Case 6: Offboard Not previsouly Onboarded NetApp

## Test Case 6: Offboard Not previsouly Onboarded Network App

**Test ID**: ***capif_api_invoker_management-6***

**Description**:

  This test case will check that a Non-Registered NetApp cannot be deleted

  This test case will check that a Non-Registered Network App cannot be deleted

**Pre-Conditions**:

  * NetApp was registered previously

  * NetApp was not onboarded previously

  * Network App was registered previously

  * Network App was not onboarded previously

**Execution Steps**:

  1. Register Invoker at CCF

  2. Offboard Invoker at CCF

**Information of Test**:

  1. Perform [Invoker Onboarding]

  2. Offboard:

     * Send Delete to *https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{INVOKER_NOT_REGISTERED}*

**Execution Steps**:

  1. Register Invoker at CCF

  2. Offboard Invoker at CCF

     * Send **DELETE** to **https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{INVOKER_NOT_REGISTERED}**

**Expected Result**:

     2. Error Response Body must accomplish with **ProblemDetails** data structure with:

        * status 404

        * title with message "Not Found"

        * detail with message "Please provide an existing Netapp ID".

        * cause with message "Not exist NetappID".

        * detail with message "Please provide an existing Network App ID".

        * cause with message "Not exist Network App ID".

## Test Case 7: Update Onboarded NetApp Certificate

## Test Case 7: Update Onboarded Network App Certificate

**Test ID**: ***capif_api_invoker_management-7***

**Pre-Conditions**:

  * NetApp was registered previously

  * NetApp was onboarded previously with {onboardingId} and {public_key_1}

  * Network App was registered previously

  * Network App was onboarded previously with {onboardingId} and {public_key_1}

**Execution Steps**:

  1. Register Invoker at CCF

  2. Onboard Invoker at CCF

  3. Store signed Certificate

  4. Update Onboarding Information at CCF with new public key

  5. Update Onboarding Information at CCF with minor change

**Information of Test**:

  2. Create {public_key_2}

  3. Update information of previously onboarded Invoker:

     * Send PUT to *https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{onboardingId}*

     * Send **PUT** to **https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{onboardingId}**

     * Reference Request Body is: [put invoker onboarding body]

       * ["onboardingInformation"]["apiInvokerPublicKey"]: {public_key_2},

     * Store new certificate.

  4. Update information of previously onboarded Invoker Using new certificate:

     * Send PUT to *https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{onboardingId}*

     * Send **PUT** to **https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers/{onboardingId}**

     * Reference Request Body is: [put invoker onboarding body]

       * "notificationDestination": "*http://host.docker.internal:8086/netapp_new_callback*",

     * Use new invoker certificate

**Execution Steps**:

  1. Register Invoker at CCF

  2. Onboard Invoker at CCF

  3. Store signed Certificate

  4. Update Onboarding Information at CCF with new public key

  5. Update Onboarding Information at CCF with minor change

     * Use new **Invoker Certificate**

**Expected Result**:

     2. Response Body must follow **APIInvokerEnrolmentDetails** data structure with:

        * apiInvokerId

        * onboardingInformation->apiInvokerCertificate must contain the public key signed.

     3. Response Header **Location** must be received with URI to new resource created, following this structure: *{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}*

     3. Response Header **Location** must be received with URI to new resource created, following this structure: **{apiRoot}/api-invoker-management/{apiVersion}/onboardedInvokers/{onboardingId}**

  2. Response to Update Request (PUT) with new public key:

     1. **200 OK** response.

     2. apiInvokerCertificate with new certificate on response -> store to use.

[invoker onboarding body]: ./invoker_details_post_example.json  "API Invoker Request"

[user_getauth_response_body_example]: ../common_operations/user_getauth_response_body_example.json  "User GetAuth response Body Example"

[put register body]: ./invoker_details_put_example.json  "API Invoker Update Request"