You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
-[Appendix A (Normative): `info.description` template for when User identification can be from either an access token or explicit identifier](#appendix-a-normative-infodescription-template-for-when-user-identification-can-be-from-either-an-access-token-or-explicit-identifier)
@@ -1668,8 +1668,8 @@ Providing this capability is optional for any CAMARA API depending on UC require
1668
1668
If this capability is present in CAMARA API, the following attributes **must** be used in the POST request :
1669
1669
1670
1670
| attribute name | type | attribute description | cardinality |
| sink | string | https callback address where the notification must be POST-ed, `format: uri` should be used to require a string that is compliant with [RFC 3986](https://datatracker.ietf.org/doc/html/rfc3986). | mandatory |
| sink | string | https callback address where the notification must be POST-ed, `format: uri` should be used to require a string that is compliant with [RFC 3986](https://datatracker.ietf.org/doc/html/rfc3986). The [security considerations](#notifications-security-considerations) should be followed. | mandatory |
1673
1673
| sinkCredential | object | Sink credential provides authentication or authorization information necessary to enable delivery of events to a target. In order to be updated in future this object is polymorphic. See detail below. It is RECOMMENDED for subscription consumer to provide credential to protect notification endpoint. | optional |
1674
1674
1675
1675
Several types of `sinkCredential` could be available in the future, but for now only access token credential is managed.
@@ -1759,8 +1759,8 @@ The following table provides `/subscriptions` attributes
1759
1759
1760
1760
| name | type | attribute description | cardinality |
| protocol | string | Identifier of a delivery protocol. **Only** `HTTP` **is allowed for now**. | Mandatory |
1763
-
| sink | string | The address to which events shall be delivered, using the HTTP protocol, `format: uri` should be used to require a string that is compliant with [RFC 3986](https://datatracker.ietf.org/doc/html/rfc3986). | mandatory |
1762
+
| protocol | string | Identifier of a delivery protocol for the event notifications. The values follow the definitions of the [CloudEvent specification](https://github.com/cloudevents/spec/blob/main/subscriptions/spec.md#protocol). **Only** `HTTP` **is allowed for now**. | mandatory |
1763
+
| sink | string | The URL, to which event notifications shall be sent - `format: uri` should be used to require a string that is compliant with [RFC 3986](https://datatracker.ietf.org/doc/html/rfc3986). The URI-scheme shall be set according to the definition of the `protocol` value, e.g. the URI-scheme is `https` when `HTTP`is the value of the `protocol` property. The [security considerations](#notifications-security-considerations) should be followed. | mandatory |
1764
1764
| sinkCredential | object | Sink credential provides authorization information necessary to enable delivery of events to a target. In order to be updated in future this object is polymorphic. See detail below. To protect the notification endpoint providing sinkCredential is RECOMMENDED. <br> The sinkCredential must **not** be present in `POST` and `GET` responses. | optional |
1765
1765
| types | string | Type of event subscribed. This attribute **must** be present in the `POST` request. It is required by API project to provide an enum for this attribute. `type` must follow the format: `org.camaraproject.<api-name>.<api-version>.<event-name>` with the `api-version` with letter `v` and the major version like ``org.camaraproject.device-roaming-subscriptions.v1.roaming-status`` - Note: An array of types could be passed **but as of now only one value MUST passed**. Use of multiple value will be open later at API level. | mandatory |
1766
1766
| config | object | Implementation-specific configuration parameters needed by the subscription manager for acquiring events. In CAMARA we have predefined attributes like ``subscriptionExpireTime``, ``subscriptionMaxEvents`` or ``initialEvent``. See detail below. | mandatory |
@@ -1999,7 +1999,7 @@ To manage correlation between the subscription management and the event notifica
1999
1999
2000
2000
Note: There is no normative enforcement to use any of these patterns, and they could be used on agreement between API consumer & providers.
2001
2001
2002
-
#### Security Considerations
2002
+
#### Notifications Security Considerations
2003
2003
2004
2004
As notifications may carry sensitive information, privacy and security have to be considered.
0 commit comments