diff --git a/doc/testing/testplan/README.md b/doc/testing/testplan/README.md
index 2031569738a2ae34529a68bd4568f996813b90bc..340bce285e9d96bdcb89a723a64d076b982385c7 100644
--- a/doc/testing/testplan/README.md
+++ b/doc/testing/testplan/README.md
@@ -1,6 +1,7 @@
# Test Plan Index
List of Common API Services implemented:
+* [Common Operations](./common_operations/README.md)
* [Api Invoker Management](./api_invoker_management/README.md)
* [Api Provider Management](./api_provider_management/README.md)
* [Api Publish Service](./api_publish_service/README.md)
diff --git a/doc/testing/testplan/api_access_control_policy/README.md b/doc/testing/testplan/api_access_control_policy/README.md
index dae28c55aae6c70c18883abeeed8a351284c6984..6233badb594b3c1bb779cacc79f737a3771906e2 100644
--- a/doc/testing/testplan/api_access_control_policy/README.md
+++ b/doc/testing/testplan/api_access_control_policy/README.md
@@ -825,5 +825,5 @@ At this documentation you will have all information and related files and exampl
[security notification body]: ./security_notification.json "Security Notification Request"
[access token req body]: ./access_token_req.json "Access Token Request"
[example]: ./access_token_req.json "Access Token Request Example"
-[invoker onboarding]: ../common_operations/README.md#register-an-invoker "Invoker Onboarding"
+[invoker onboarding]: ../common_operations/README.md#onboard-an-invoker "Invoker Onboarding"
[provider registration]: ../common_operations/README.md#register-a-provider "Provider Registration"
diff --git a/doc/testing/testplan/api_auditing_service/README.md b/doc/testing/testplan/api_auditing_service/README.md
index add1a9d7775aee028f7d197fe1cf7e0cd3509048..8b856af654eaafcea001a11dedf8a23bbaffc43e 100644
--- a/doc/testing/testplan/api_auditing_service/README.md
+++ b/doc/testing/testplan/api_auditing_service/README.md
@@ -242,6 +242,6 @@ At this documentation you will have all information and related files and exampl
[log entry request body]: ../api_logging_service/invocation_log.json "Log Request Body"
-[invoker onboarding]: ../common_operations/README.md#register-an-invoker "Invoker Onboarding"
+[invoker onboarding]: ../common_operations/README.md#onboard-an-invoker "Invoker Onboarding"
[provider onboarding]: ../common_operations/README.md#register-a-provider "Provider Onboarding"
diff --git a/doc/testing/testplan/api_discover_service/README.md b/doc/testing/testplan/api_discover_service/README.md
index 4c5c8f280e7d476bf7b15dcf5c7e47aaa57880df..aaef9ab4fc5ef557cfa83996b7e485b252ee9ea7 100644
--- a/doc/testing/testplan/api_discover_service/README.md
+++ b/doc/testing/testplan/api_discover_service/README.md
@@ -348,9 +348,8 @@ At this documentation you will have all information and related files and exampl
[service api description]: ../api_publish_service/service_api_description_post_example.json "Service API **Description** Request"
[publisher register body]: ../api_publish_service/publisher_register_body.json "Publish register Body"
[invoker onboarding body]: ../api_invoker_management/invoker_details_post_example.json "API Invoker Request"
- [invoker register body]: ../api_invoker_management/invoker_register_body.json "Invoker Register Body"
[provider request body]: ../api_provider_management/provider_details_post_example.json "API Provider Enrolment Request"
[provider request patch body]: ../api_provider_management/provider_details_enrolment_details_patch_example.json "API Provider Enrolment Patch Request"
- [provider getauth body]: ../api_provider_management/provider_getauth_example.json "Get Auth Example"
- [invoker onboarding]: ../common_operations/README.md#register-an-invoker "Invoker Onboarding"
+
+ [invoker onboarding]: ../common_operations/README.md#onboard-an-invoker "Invoker Onboarding"
[provider registration]: ../common_operations/README.md#register-a-provider "Provider Registration"
diff --git a/doc/testing/testplan/api_events_service/README.md b/doc/testing/testplan/api_events_service/README.md
index ca259ac3f38efe8b19f63995569f1020269238ac..95d55a8d980dfabee9273495cf4538b5d4dd5fbe 100644
--- a/doc/testing/testplan/api_events_service/README.md
+++ b/doc/testing/testplan/api_events_service/README.md
@@ -258,10 +258,9 @@ At this documentation you will have all information and related files and exampl
-[invoker register body]: ../api_invoker_management/invoker_register_body.json "Invoker Register Body"
[invoker onboard request body]: ../api_invoker_management/invoker_details_post_example.json "API Invoker Request"
[event subscription request body]: ./event_subscription.json "Event Subscription Request"
-[invoker onboarding]: ../common_operations/README.md#register-an-invoker "Invoker Onboarding"
+[invoker onboarding]: ../common_operations/README.md#onboard-an-invoker "Invoker Onboarding"
[Return To All Test Plans]: ../README.md
diff --git a/doc/testing/testplan/api_invoker_management/README.md b/doc/testing/testplan/api_invoker_management/README.md
index 3b4e13031db427b109f0f8acaaa9d37f141a1815..02f04a9f3d3acdbac08ad97546d12dd843d1e97b 100644
--- a/doc/testing/testplan/api_invoker_management/README.md
+++ b/doc/testing/testplan/api_invoker_management/README.md
@@ -13,20 +13,19 @@ At this documentation you will have all information and related files and exampl
* NetApp was not registered previously
* NetApp was not onboarded previously
+ * ***Preconditions: The administrator must have previously registered the User.***
**Information of Test**:
1. Create public and private key at invoker
- 2. Register of Invoker at CCF:
- * Send POST to *http://{CAPIF_HOSTNAME}:{CAPIF_HTTP_PORT}/register*
- * body [invoker register body]
+ 2. Retrieve access_token by User:
- 3. Obtain Access Token:
- * Send POST to *http://{CAPIF_HOSTNAME}/getauth*
- * Body [invoker getauth body]
+ * Send **GET** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth**
+ * Include basic Auth Header with Admin user/password
+ * Retrieve **access_token** and the urls needed for next requests from response body [user_getauth_response_body_example]
- 4. Onboard Invoker:
+ 3. Onboard Invoker:
* Send POST to *https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers*
* Reference Request Body: [invoker onboarding body]
* "onboardingInformation"->"apiInvokerPublicKey": must contain public key generated by Invoker.
@@ -34,7 +33,7 @@ At this documentation you will have all information and related files and exampl
**Execution Steps**:
- 1. Register Invoker at CCF
+ 1. Retrieve access_token by User from register
2. Onboard Invoker at CCF
3. Store signed Certificate
@@ -305,8 +304,8 @@ At this documentation you will have all information and related files and exampl
[invoker onboarding body]: ./invoker_details_post_example.json "API Invoker Request"
-[invoker register body]: ./invoker_register_body.json "Invoker Register Body"
+[user_getauth_response_body_example]: ../common_operations/user_getauth_response_body_example.json "User GetAuth response Body Example"
[put register body]: ./invoker_details_put_example.json "API Invoker Update Request"
[invoker getauth body]: ./invoker_getauth_example.json "Get Auth Example"
-[invoker onboarding]: ../common_operations/README.md#register-an-invoker "Invoker Onboarding"
+[invoker onboarding]: ../common_operations/README.md#onboard-an-invoker "Invoker Onboarding"
diff --git a/doc/testing/testplan/api_invoker_management/invoker_register_body.json b/doc/testing/testplan/api_invoker_management/invoker_register_body.json
deleted file mode 100644
index e5bf1fc5b89682c56416c62530a95a5a86037885..0000000000000000000000000000000000000000
--- a/doc/testing/testplan/api_invoker_management/invoker_register_body.json
+++ /dev/null
@@ -1,7 +0,0 @@
-{
- "password": "password",
- "username": "ROBOT_TESTING_INVOKER",
- "role": "invoker",
- "description": "Testing",
- "cn": "ROBOT_TESTING_INVOKER"
-}
diff --git a/doc/testing/testplan/api_logging_service/README.md b/doc/testing/testplan/api_logging_service/README.md
index f22795a4faea72b64e0d3be0d2b2a252128d73b7..5d61b8e3baa72561be5132fb9ecde26c42c9b294 100644
--- a/doc/testing/testplan/api_logging_service/README.md
+++ b/doc/testing/testplan/api_logging_service/README.md
@@ -235,7 +235,7 @@ At this documentation you will have all information and related files and exampl
[log entry request body]: ./invocation_log.json "Log Request Body"
-[invoker onboarding]: ../common_operations/README.md#register-an-invoker "Invoker Onboarding"
+[invoker onboarding]: ../common_operations/README.md#onboard-an-invoker "Invoker Onboarding"
[provider onboarding]: ../common_operations/README.md#register-a-provider "Provider Onboarding"
diff --git a/doc/testing/testplan/api_provider_management/README.md b/doc/testing/testplan/api_provider_management/README.md
index d20f83944fc6a1b7ae505377628dd670e7c93d8e..fe72d20ead83260ba471643fb19945c6988b56a6 100644
--- a/doc/testing/testplan/api_provider_management/README.md
+++ b/doc/testing/testplan/api_provider_management/README.md
@@ -17,15 +17,14 @@ At this documentation you will have all information and related files and exampl
1. Create public and private key at provider for provider itself and each function (apf, aef and amf)
- 2. Register of Provider at CCF:
- * Send POST to *http://{CAPIF_HOSTNAME}:{CAPIF_HTTP_PORT}/register*
- * body [provider register body]
-
- 3. Obtain Access Token:
- * Send POST to *http://{CAPIF_HOSTNAME}/getauth*
- * Body [provider getauth body]
+ 2. Retrieve access_token by User:
+
+ * Send **GET** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth**
+ * Include basic Auth Header with Admin user/password
+ * Retrieve **access_token** and the urls needed for next requests from response body [user_getauth_response_body_example]
+
+ 3. Register Provider:
- 4. Register Provider:
* Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations*
* body [provider request body]
* Authentication Bearer with access_token
@@ -61,22 +60,22 @@ At this documentation you will have all information and related files and exampl
**Information of Test**:
1. Create public and private key at provider for provider itself and each function (apf, aef and amf)
-
- 2. Register of Provider at CCF:
- * Send POST to *http://{CAPIF_HOSTNAME}:{CAPIF_HTTP_PORT}/register*
- * body [provider register body]
- 3. Obtain Access Token:
- * Send POST to *http://{CAPIF_HOSTNAME}/getauth*
- * Body [provider getauth body]
+ 2. Retrieve access_token by User:
+
+ * Send **GET** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth**
+ * Include basic Auth Header with Admin user/password
+ * Retrieve **access_token** and the urls needed for next requests from response body [user_getauth_response_body_example]
+
+ 3. Register Provider:
- 4. Register Provider:
* Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations*
* body [provider request body]
* Authentication Bearer with access_token
* Store each cert in a file with according name.
- 5. Re-Register Provider:
+ 4. Re-Register Provider:
+
* Same regSec than Previous registration
**Execution Steps**:
@@ -90,6 +89,7 @@ At this documentation you will have all information and related files and exampl
1. Re-Register Provider:
1. **403 Forbidden** response.
2. body returned must accomplish **ProblemDetails** data structure, with:
+
* status 403
* title with message "Forbidden"
* detail with message "Provider already registered".
@@ -110,22 +110,21 @@ At this documentation you will have all information and related files and exampl
**Information of Test**:
1. Create public and private key at provider for provider itself and each function (apf, aef and amf)
+ 2. Retrieve access_token by User:
- 2. Register of Provider at CCF:
- * Send POST to *http://{CAPIF_HOSTNAME}:{CAPIF_HTTP_PORT}/register*
- * body [provider register body]
-
- 3. Obtain Access Token:
- * Send POST to *http://{CAPIF_HOSTNAME}/getauth*
- * Body [provider getauth body]
+ * Send **GET** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth**
+ * Include basic Auth Header with Admin user/password
+ * Retrieve **access_token** and the urls needed for next requests from response body [user_getauth_response_body_example]
+
+ 3. Register Provider:
- 4. Register Provider:
* Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations*
* body [provider request body]
* Authentication Bearer with access_token
* Get Resource URL from Location
- 5. Update Provider:
+ 4. Update Provider:
+
* Send PUT to Resource URL returned at registration *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{registrationId}*
* body [provider request body] with apiProvDomInfo set to ROBOT_TESTING_MOD
* Use AMF Certificate.
@@ -167,21 +166,21 @@ At this documentation you will have all information and related files and exampl
1. Create public and private key at provider for provider itself and each function (apf, aef and amf)
- 2. Register of Provider at CCF:
- * Send POST to *http://{CAPIF_HOSTNAME}:{CAPIF_HTTP_PORT}/register*
- * body [provider register body]
-
- 3. Obtain Access Token:
- * Send POST to *http://{CAPIF_HOSTNAME}/getauth*
- * Body [provider getauth body]
+ 2. Retrieve access_token by User:
+
+ * Send **GET** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth**
+ * Include basic Auth Header with Admin user/password
+ * Retrieve **access_token** and the urls needed for next requests from response body [user_getauth_response_body_example]
+
+ 3. Register Provider:
- 4. Register Provider:
* Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations*
* body [provider request body]
* Authentication Bearer with access_token
* Store each cert in a file with according name.
- 5. Update Not Registered Provider:
+ 4. Update Not Registered Provider:
+
* Send PUT *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{API_PROVIDER_NOT_REGISTERED}*
* body [provider request body]
* Use AMF Certificate.
@@ -189,7 +188,7 @@ At this documentation you will have all information and related files and exampl
**Execution Steps**:
1. Register Provider at CCF
- 3. Update Not Registered Provider
+ 2. Update Not Registered Provider
**Expected Result**:
@@ -217,21 +216,21 @@ At this documentation you will have all information and related files and exampl
1. Create public and private key at provider for provider itself and each function (apf, aef and amf)
- 2. Register of Provider at CCF:
- * Send POST to *http://{CAPIF_HOSTNAME}:{CAPIF_HTTP_PORT}/register*
- * body [provider register body]
-
- 3. Obtain Access Token:
- * Send POST to *http://{CAPIF_HOSTNAME}/getauth*
- * Body [provider getauth body]
+ 2. Retrieve access_token by User:
+
+ * Send **GET** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth**
+ * Include basic Auth Header with Admin user/password
+ * Retrieve **access_token** and the urls needed for next requests from response body [user_getauth_response_body_example]
+
+ 3. Register Provider:
- 4. Register Provider:
* Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations*
* body [provider request body]
* Authentication Bearer with access_token
* Store each cert in a file with according name.
- 5. Partial update provider:
+ 4. Partial update provider:
+
* Send PATCH *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{registrationId}*
* body [provider request patch body]
* Use AMF Certificate.
@@ -265,21 +264,21 @@ At this documentation you will have all information and related files and exampl
1. Create public and private key at provider for provider itself and each function (apf, aef and amf)
- 2. Register of Provider at CCF:
- * Send POST to *http://{CAPIF_HOSTNAME}:{CAPIF_HTTP_PORT}/register*
- * body [provider register body]
-
- 3. Obtain Access Token:
- * Send POST to *http://{CAPIF_HOSTNAME}/getauth*
- * Body [provider getauth body]
+ 2. Retrieve access_token by User:
+
+ * Send **GET** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth**
+ * Include basic Auth Header with Admin user/password
+ * Retrieve **access_token** and the urls needed for next requests from response body [user_getauth_response_body_example]
+
+ 3. Register Provider:
- 4. Register Provider:
* Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations*
* body [provider request body]
* Authentication Bearer with access_token
* Store each cert in a file with according name.
- 5. Partial update Provider:
+ 4. Partial update Provider:
+
* Send PATCH *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{API_API_PROVIDER_NOT_REGISTERED}*
* body [provider request patch body]
* Use AMF Certificate.
@@ -296,6 +295,7 @@ At this documentation you will have all information and related files and exampl
1. Partial update provider:
1. **404 Not Found** response.
2. body returned must accomplish **ProblemDetails** data structure, with:
+
* status 404
* title with message "Not Found"
* detail with message "Not Exist Provider Enrolment Details".
@@ -317,21 +317,21 @@ At this documentation you will have all information and related files and exampl
1. Create public and private key at provider for provider itself and each function (apf, aef and amf)
- 2. Register of Provider at CCF:
- * Send POST to *http://{CAPIF_HOSTNAME}:{CAPIF_HTTP_PORT}/register*
- * body [provider register body]
-
- 3. Obtain Access Token:
- * Send POST to *http://{CAPIF_HOSTNAME}/getauth*
- * Body [provider getauth body]
+ 2. Retrieve access_token by User:
+
+ * Send **GET** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth**
+ * Include basic Auth Header with Admin user/password
+ * Retrieve **access_token** and the urls needed for next requests from response body [user_getauth_response_body_example]
+
+ 3. Register Provider:
- 4. Register Provider:
* Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations*
* body [provider request body]
* Authentication Bearer with access_token
* Store each cert in a file with according name.
- 5. Delete registered provider:
+ 4. Delete registered provider:
+
* Send DELETE *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{registrationId}*
* Use AMF Certificate.
@@ -362,21 +362,21 @@ At this documentation you will have all information and related files and exampl
1. Create public and private key at provider for provider itself and each function (apf, aef and amf)
- 2. Register of Provider at CCF:
- * Send POST to *http://{CAPIF_HOSTNAME}:{CAPIF_HTTP_PORT}/register*
- * body [provider register body]
-
- 3. Obtain Access Token:
- * Send POST to *http://{CAPIF_HOSTNAME}/getauth*
- * Body [provider getauth body]
+ 2. Retrieve access_token by User:
+
+ * Send **GET** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth**
+ * Include basic Auth Header with Admin user/password
+ * Retrieve **access_token** and the urls needed for next requests from response body [user_getauth_response_body_example]
+
+ 3. Register Provider:
- 4. Register Provider:
* Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations*
* body [provider request body]
* Authentication Bearer with access_token
* Store each cert in a file with according name.
- 5. Delete registered provider at Provider Management:
+ 4. Delete registered provider at Provider Management:
+
* Send DELETE *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations/{API_PROVIDER_NOT_REGISTERED}*
* Use AMF Certificate.
@@ -395,11 +395,9 @@ At this documentation you will have all information and related files and exampl
* detail with message "Not Exist Provider Enrolment Details".
* cause with message "Not found registrations to send this api provider details".
-[provider register body]: ./provider_details_post_example.json "API Provider Enrolment Request"
-
[provider request body]: ./provider_details_post_example.json "API Provider Enrolment Request"
[provider request patch body]: ./provider_details_enrolment_details_patch_example.json "API Provider Enrolment Patch Request"
-[provider getauth body]: ./provider_getauth_example.json "Get Auth Example"
+[user_getauth_response_body_example]: ../common_operations/user_getauth_response_body_example.json "User GetAuth response Body Example"
diff --git a/doc/testing/testplan/api_provider_management/provider_register_body.json b/doc/testing/testplan/api_provider_management/provider_register_body.json
deleted file mode 100644
index fc26db2141eab904b1f2f8d96e963f2ec0efcbe1..0000000000000000000000000000000000000000
--- a/doc/testing/testplan/api_provider_management/provider_register_body.json
+++ /dev/null
@@ -1,7 +0,0 @@
-{
- "password": "password",
- "username": "ROBOT_TESTING_PUBLISHER",
- "role": "provider",
- "description": "Testing",
- "cn": "ROBOT_TESTING_PUBLISHER"
-}
diff --git a/doc/testing/testplan/api_publish_service/README.md b/doc/testing/testplan/api_publish_service/README.md
index 668662dfb3c8b28f229b807daa95f0ee0476b81c..21512db6fbd04c0170c0cf940bba92486000aa33 100644
--- a/doc/testing/testplan/api_publish_service/README.md
+++ b/doc/testing/testplan/api_publish_service/README.md
@@ -647,11 +647,9 @@ At this documentation you will have all information and related files and exampl
[service api description]: ./service_api_description_post_example.json "Service API Description Request"
[publisher register body]: ./publisher_register_body.json "Publish register Body"
[invoker onboarding body]: ../api_invoker_management/invoker_details_post_example.json "API Invoker Request"
- [invoker register body]: ../api_invoker_management/invoker_register_body.json "Invoker Register Body"
[provider request body]: ../api_provider_management/provider_details_post_example.json "API Provider Enrolment Request"
[provider request patch body]: ../api_provider_management/provider_details_enrolment_details_patch_example.json "API Provider Enrolment Patch Request"
- [provider getauth body]: ../api_provider_management/provider_getauth_example.json "Get Auth Example"
- [invoker onboarding]: ../common_operations/README.md#register-an-invoker "Invoker Onboarding"
+ [invoker onboarding]: ../common_operations/README.md#onboard-an-invoker "Invoker Onboarding"
[provider registration]: ../common_operations/README.md#register-a-provider "Provider Registration"
diff --git a/doc/testing/testplan/api_security_service/README.md b/doc/testing/testplan/api_security_service/README.md
index 306470adfa1b1041f00f272243975dd2f5c9c9b6..e051f90fc1e32645e24cf099fd6108f6520200f5 100644
--- a/doc/testing/testplan/api_security_service/README.md
+++ b/doc/testing/testplan/api_security_service/README.md
@@ -1281,7 +1281,7 @@ At this documentation you will have all information and related files and exampl
[access token req body]: ./access_token_req.json "Access Token Request"
[example]: ./access_token_req.json "Access Token Request Example"
- [invoker onboarding]: ../common_operations/README.md#register-an-invoker "Invoker Onboarding"
+ [invoker onboarding]: ../common_operations/README.md#onboard-an-invoker "Invoker Onboarding"
[provider registration]: ../common_operations/README.md#register-a-provider "Provider Registration"
diff --git a/doc/testing/testplan/common_operations/README.md b/doc/testing/testplan/common_operations/README.md
index e75570791e791a22caca495c280d9f5f539d4743..d6cda4bf6c30d3b9c7732bd50f5541e5c15c1009 100644
--- a/doc/testing/testplan/common_operations/README.md
+++ b/doc/testing/testplan/common_operations/README.md
@@ -1,26 +1,57 @@
# Common Operations
-## Register an Invoker
+## Register new user
+
+In order to use OpenCAPIF we must add a new user. This new user can onboard/register any Invokers or Providers.
+
+That new user **must be created by administrator** of Register Service and with the credentials shared by administrator, the new user can get the **access_token** by requesting it to Register service.
+
+The steps to register a new user at Register Service are:
+
+### Admin create User
+1) **Login as Admin to get access_token:**
+
+ * Send **POST** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/login**
+ * **Include basic Auth Header with Admin credentials**
+ * Get **access_token** and **refresh_token** from response
+
+
+
+2) **Create User:**
+
+ * Send **POST** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/createUser**
+ * Include Admin **access_token** in **Authorization Bearer Header**
+ * Body [user_registration_body]
+
+
+
+### User Retrieve access token and other information
+1) **Retrieve access_token by User:**
+
+ * Send **GET** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth**
+ * Include **basic Auth Header with User credentials**
+ * Retrieve **access_token** and the urls needed for next requests from response body [user_getauth_response_body_example]
+
+## Onboard an Invoker
### Steps to perform operation
+***Preconditions: The administrator must have previously registered the User.***
+
1. Create public and private key at invoker
- 2. Register of Invoker at CCF:
- * Send POST to http://{CAPIF_HOSTNAME}:{CAPIF_HTTP_PORT}/register
- * Body [invoker register body]
+ 2. Retrieve access_token by User:
+
+ * Send **GET** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth**
+ * Include basic Auth Header with Admin user/password
+ * Retrieve **access_token** and the urls needed for next requests from response body [user_getauth_response_body_example]
- 3. Obtain Access Token:
- * Send POST to *http://{CAPIF_HOSTNAME}/getauth*
- * Body [invoker getauth body]
+ 3. Onboard Invoker:
- 4. Onboard Invoker:
- * Send POST to https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers
- * Reference Request Body: [invoker onboarding body]
- * "onboardingInformation"->"apiInvokerPublicKey": must contain public key generated by Invoker.
- * Send at Authorization Header the Bearer access_token obtained previously (Authorization:Bearer ${access_token})
+ * Send **POST** to **https://{CAPIF_HOSTNAME}/api-invoker-management/v1/onboardedInvokers**
+ * Reference Request Body: [invoker onboarding body]
+ * "onboardingInformation"->"apiInvokerPublicKey": must contain public key generated by Invoker.
+ * Send at Authorization Header the Bearer access_token obtained previously (Authorization:Bearer ${access_token})
### Checks to ensure onboarding
- 1. Response to Register:
- 1. **201 Created**
2. Response to Get Auth:
1. **200 OK**
@@ -38,15 +69,14 @@
### Steps to Perform operation
1. Create public and private key at provider for provider itself and each function (apf, aef and amf)
- 2. Register of Provider at CCF:
- * Send POST to *http://{CAPIF_HOSTNAME}:{CAPIF_HTTP_PORT}/register*
- * body [provider register body]
+ 2. Retrieve access_token by User:
- 3. Obtain Access Token:
- * Send POST to *http://{CAPIF_HOSTNAME}/getauth*
- * Body [provider getauth body]
+ * Send **GET** to **https://${CAPIF_REGISTER}:${CAPIF_REGISTER_PORT}/getauth**
+ * Include basic Auth Header with Admin user/password
+ * Retrieve **access_token** and the urls needed for next requests from response body [user_getauth_response_body_example]
+
+ 3. Register Provider:
- 4. Register Provider:
* Send POST *https://{CAPIF_HOSTNAME}/api-provider-management/v1/registrations*
* body [provider request body]
* Send at Authorization Header the Bearer access_token obtained previously (Authorization:Bearer ${access_token})
@@ -70,18 +100,13 @@
+[user_registration_body]: ./user_registration_body.json "User Registration Body"
+[user_getauth_response_body_example]: ./user_getauth_response_body_example.json "User GetAuth response Body Example"
-
-[invoker register body]: ../api_invoker_management/invoker_register_body.json "Invoker Register Body"
[invoker onboarding body]: ../api_invoker_management/invoker_details_post_example.json "API Invoker Request"
[invoker getauth body]: ../api_invoker_management/invoker_getauth_example.json "Get Auth Example"
-[provider register body]: ../api_provider_management/provider_register_body.json "Provider Register Body"
[provider request body]: ../api_provider_management/provider_details_post_example.json "API Provider Enrolment Request"
-[provider getauth body]: ../api_provider_management/provider_getauth_example.json "Get Auth Example"
-
-
-
[Return To All Test Plans]: ../README.md
diff --git a/doc/testing/testplan/common_operations/user_getauth_response_body_example.json b/doc/testing/testplan/common_operations/user_getauth_response_body_example.json
new file mode 100644
index 0000000000000000000000000000000000000000..a4a71feba3522d8678a453eb5d8b82180dc82312
--- /dev/null
+++ b/doc/testing/testplan/common_operations/user_getauth_response_body_example.json
@@ -0,0 +1,10 @@
+{
+ "access_token": "eyJhbGciOiJS...",
+ "ca_root": "-----BEGIN CERTIFICATE----- ...",
+ "ccf_api_onboarding_url": "api-provider-management/v1/registrations",
+ "ccf_discover_url": "service-apis/v1/allServiceAPIs?api-invoker-id=",
+ "ccf_onboarding_url": "api-invoker-management/v1/onboardedInvokers",
+ "ccf_publish_url": "published-apis/v1/<apfId>/service-apis",
+ "ccf_security_url": "capif-security/v1/trustedInvokers/<apiInvokerId>",
+ "message": "Token and CA root returned successfully"
+}
\ No newline at end of file
diff --git a/doc/testing/testplan/common_operations/user_registration_body.json b/doc/testing/testplan/common_operations/user_registration_body.json
new file mode 100644
index 0000000000000000000000000000000000000000..123c1e16bf5ef55eab5dc90927b3715856a0c0ab
--- /dev/null
+++ b/doc/testing/testplan/common_operations/user_registration_body.json
@@ -0,0 +1,6 @@
+{
+ "username": "customUser",
+ "password": "password",
+ "description": "description",
+ "email": "customuser@telefonica.com"
+}
\ No newline at end of file