ETSI - GS NFV-SEC 022
Network Functions Virtualisation (NFV) Release 2; Security; Access Token Specification for API Access
|Publication Date:||1 June 2020|
The present document defines the access tokens and related metadata for RESTful protocols and data model for ETSI NFV management and orchestration (MANO) interfaces. It defines also the process for the token verification by the API Producer.
For this aim, the present document:
• Analyses the security threat arising from the misuse of the access token and defines the security requirements associated to access token.
• Analyses existing specifications related to access token for API access and their compliancy with the requirements defined.
• Defines the token request and generation profile, the token format and associated metadata considering the result of existing access token specifications analysis.
• Defines the token verification procedures for the API Producer.