---
openapi: 3.0.3
info:
title: Simple Edge Discovery
version: wip
x-camara-commonalities: 0.6
description: |
# Find the closest Edge Cloud Zone
---
# Summary
The Simple Edge Discovery API returns the name of the closest operator Edge
Cloud Zone to a particular user device.
# Purpose
Network operators may host multiple Edge Cloud Zones in a
given territory. Connecting your application to a server on the closest
Edge Cloud Zone means packets travel the shortest distance between
endpoints, typically resulting in the lowest round-trip latency. Note, the
physical (GPS) location of a user device is not a reliable way to determine
the closest Edge Cloud Zone, due to the way operator networks are routed -
so the operator will calculate the Edge Cloud Zone with the
_shortest network path_ to the network-attached device identified in the API
request.
Once you have the name of the closest Edge Cloud Zone to the user device,
you may:
* connect the application client on the user device to your application
server instance on that Edge Cloud Zone. Note: the IP address of that
application server instance is not part of the API response, so you will need
to map the edge cloud zone name to the server endpoint IP address you received
when you deployed the server via the cloud provider's API.
* or, if you have no instance on that Edge Cloud Zone, you may wish to
deploy one there using the cloud provider's APIs.
Note: the provider of the Edge Cloud Zone may be an operator, or a cloud
provider working in partnership with the operator.
# Usage
The API may be called either by an application client hosted on a device
attached to the operator network (i.e. phone, tablet), or by a server.
There is a single API endpoint: `/retrieve-closest-edge-cloud-zone`.
To call this endpoint, the API consumer must first obtain a valid OAuth2 token
from the token endpoint, and pass it as an `Authorization` header in the API
request.
# Identifying the device
The API returns the closest Edge Cloud Zone to a given device, so that
device needs to be identifiable by the network. This can be achieved either
by passing one or more device identifiers in the request, or, from the
three-legged access token where implemented by the operator.
## Passing device identifier(s) in the request
At least one of the following device identifiers must be provided, unless
using a 3-legged access token (see next section):
- Phone number (i.e. MSISDN)
- Network Access Identifier assigned by the mobile network operator for the device
- IPv6 address
- IPv4 address
NOTE1: the network operator might support only a subset of these options.
The API invoker can provide multiple identifiers to be compatible across
different network operators. In this case the identifiers MUST belong to the
same device.
NOTE2: for this Commonalities release, we are enforcing that the
`networkAccessIdentifier` is only part of the schema for future-proofing, and
CAMARA does not currently allow its use. After the CAMARA meta-release work
is concluded and the relevant issues are resolved, its use will need to be
explicitly documented in the guidelines.
## Identifying the device from the access token
This API requires the API consumer to identify a device as the subject of
the API as follows:
- When the API is invoked using a two-legged access token, the subject will be
identified from the optional `device` object, which therefore MUST be provided.
- When a three-legged access token is used however, this optional identifier
MUST NOT be provided, as the subject will be uniquely identified from the access
token.
This approach simplifies API usage for API consumers using a three-legged access
token to invoke the API by relying on the information that is associated with the
access token and was identified during the authentication process.
## Error handling:
- If the subject cannot be identified from the access token and the optional `device`
object is not included in the request, then the server will return an error with the
`422 MISSING_IDENTIFIER` error code.
- If the subject can be identified from the access token and the optional `device`
object is also included in the request, then the server will return an error with the
`422 UNNECESSARY_IDENTIFIER` error code. This will be the case even if the same device
is identified by these two methods, as the server is unable to make this comparison.
# Responses
## Success
A JSON object is returned containing an array with a single member object.
This contains identifiers for the closest Edge Cloud Zone. The HTTP status
code will be`200 OK`. An example response:
```
[
{
"edgeCloudZoneId": "4gt555-6457-7890-d4he-1dc79f44gb66",
"edgeCloudZoneName": "example zone name",
"edgeCloudProvider": "example zone provider"
}
]
```
* `edgeCloudZoneId` is a UUID for the Edge Cloud Zone.
* `edgeCloudZoneName` is the common name of the closest Edge Cloud Zone to
the user device.
* `edgeCloudProvider` is the name of the operator or cloud provider of
the Edge Cloud Zone.
## Errors
If the authentication token is not valid, a `401 UNAUTHENTICATED` error is
returned.
If the mobile subscription parameters contain a formatting error, a `400
INVALID_ARGUMENT` error is returned.
If the mobile subscription cannot be identified from the provided
parameters, a `404 NOT_FOUND` error is returned.
Any more general service failures will result in an error in the `5xx`range
with an explanation.
### Additional CAMARA error responses
The list of error codes in this API specification is not exhaustive. Therefore
the API specification may not document some non-mandatory error statuses as
indicated in `CAMARA API Design Guide`.
Please refer to the `CAMARA_common.yaml` of the Commonalities Release associated
to this API version for a complete list of error responses. The applicable
Commonalities Release can be identified in the `API Readiness Checklist` document
associated to this API version.
As a specific rule, error `501 - NOT_IMPLEMENTED` can be only a possible error
response if it is explicitly documented in the API.
# Notes for Simple Edge Discovery API publishers
Should your implementation require the `Port` value to be passed in addition
to the `IP-Address`, please make that explicit in the documentation, and
utilise the `GENERIC_400_MISSING_PORT` error if the `Port` header is omitted.
# Authorization and authentication
The "Camara Security and Interoperability Profile" provides details of how
an API consumer requests an access token. Please refer to Identity and Consent
Management (https://github.com/camaraproject/IdentityAndConsentManagement/)
for the released version of the profile.
The specific authorization flows to be used will be agreed upon during the
onboarding process, happening between the provider of the application consuming
the API and the operator's API exposure platform, taking into account the
declared purpose for accessing the API, whilst also being subject to the
prevailing legal framework dictated by local legislation.
In cases where personal data is processed by the API and users can exercise
their rights through mechanisms such as opt-in and/or opt-out, the use of
three-legged access tokens is mandatory. This ensures that the API remains
in compliance with privacy regulations, upholding the principles of
transparency and user-centric privacy-by-design.
# Further info and support
---
license:
name: Apache 2.0
url: https://www.apache.org/licenses/LICENSE-2.0.html
externalDocs:
description: Product documentation at CAMARA.
url: https://github.com/camaraproject/EdgeCloud
servers:
- url: "{apiRoot}/simple-edge-discovery/vwip"
variables:
apiRoot:
default: https://localhost:9091
description: |
API root, defined by the service provider, e.g.
`api.example.com` or `api.example.com/somepath`
tags:
- name: Discovery
description: |
Find the closest Edge Cloud Zone to the user device.
paths:
/retrieve-closest-edge-cloud-zone:
post:
security:
- openId:
- simple-edge-discovery:read
operationId: readClosestEdgeCloudZone
parameters:
- in: header
name: x-correlator
description: Correlation id for the different services
required: false
schema:
$ref: "#/components/schemas/XCorrelator"
requestBody:
description: Parameters to create a new session
required: true
content:
application/json:
schema:
$ref: "#/components/schemas/RequestBody"
examples:
Identify Device By 3-Legged Access Token:
$ref: '#/components/examples/IdentifyDeviceBy3LeggedToken'
Identify Device By Phone Number:
$ref: '#/components/examples/IdentifyDeviceByPhoneNumber'
Identify Device By IP Address:
$ref: '#/components/examples/IdentifyDeviceByIPAddress'
Identify Device By Multiple Identifiers:
$ref: '#/components/examples/IdentifyDeviceByMultipleIdentifiers'
responses:
"200":
$ref: "#/components/responses/200Success"
"400":
$ref: "#/components/responses/Generic400"
"401":
$ref: "#/components/responses/Generic401"
"403":
$ref: "#/components/responses/Generic403"
"404":
$ref: "#/components/responses/Generic404"
"422":
$ref: "#/components/responses/Generic422"
"429":
$ref: "#/components/responses/Generic429"
tags:
- Discovery
summary: |
Returns the name of the Edge Cloud Zone closest to user device
identified in the request.
description: |
On receiving this request, the network will return the name
of the Edge Cloud Zone with the shortest network path to the end user
device identified in the request.
components:
securitySchemes:
openId:
description: Common security scheme for all CAMARA APIs
type: openIdConnect
openIdConnectUrl: https://example.com/.well-known/openid-configuration
headers:
x-correlator:
description: Correlation id for the different services
required: false
schema:
$ref: "#/components/schemas/XCorrelator"
schemas:
EdgeCloudZone:
type: object
description: |
An Edge Cloud Zone, uniquely identified by a combination
of the value of the Edge Resource Name object and the value of the
Provider object (the name of the cloud provider or operator hosting that
edge cloud zone).
properties:
edgeCloudZoneId:
$ref: "#/components/schemas/EdgeCloudZoneId"
edgeCloudZoneName:
$ref: "#/components/schemas/EdgeCloudZoneName"
edgeCloudProvider:
$ref: "#/components/schemas/EdgeCloudProvider"
required:
- edgeCloudZoneId
- edgeCloudZoneName
- edgeCloudProvider
EdgeCloudZoneId:
description: |
Operator-issued UUID for the Edge Cloud Zone.
type: string
format: uuid
additionalProperties: false
EdgeCloudZoneName:
description: |
Edge Cloud Zone Name - the common name for the Edge Cloud Zone.
type: string
additionalProperties: false
EdgeCloudProvider:
description: |
The company name of the Edge Cloud Zone provider.
type: string
ErrorInfo:
type: object
description: Error information
required:
- status
- code
- message
properties:
status:
type: integer
description: HTTP response status code
code:
type: string
description: Friendly Code to describe the error
message:
type: string
description: A human readable description of what the event represents
RequestBody:
description: Common request body to allow optional Device object to be passed
type: object
properties:
device:
$ref: "#/components/schemas/Device"
DeviceResponse:
description: |
An identifier for the end-user equipment able to connect to the network that the response refers to. This parameter is only returned when the API consumer includes the `device` parameter in their request (i.e. they are using a two-legged access token), and is relevant when more than one device identifier is specified, as only one of those device identifiers is allowed in the response.
If the API consumer provides more than one device identifier in their request, the API provider must return a single identifier which is the one they are using to fulfil the request, even if the identifiers do not match the same device. API provider does not perform any logic to validate/correlate that the indicated device identifiers match the same device. No error should be returned if the identifiers are otherwise valid to prevent API consumers correlating different identifiers with a given end user.
allOf:
- $ref: "#/components/schemas/Device"
- maxProperties: 1
Device:
description: |
End-user equipment able to connect to a mobile network. Examples of devices include smartphones or IoT sensors/actuators.
The developer can choose to provide the below specified device identifiers:
* `ipv4Address`
* `ipv6Address`
* `phoneNumber`
* `networkAccessIdentifier`
NOTE 1: the MNO might support only a subset of these options. The API invoker can provide multiple identifiers to be compatible across different MNOs. In this case the identifiers MUST belong to the same device.
NOTE 2: as for this Commonalities release, we are enforcing that the networkAccessIdentifier is only part of the schema for future-proofing, and CAMARA does not currently allow its use. After the CAMARA meta-release work is concluded and the relevant issues are resolved, its use will need to be explicitly documented in the guidelines.
type: object
properties:
phoneNumber:
$ref: "#/components/schemas/PhoneNumber"
networkAccessIdentifier:
$ref: "#/components/schemas/NetworkAccessIdentifier"
ipv4Address:
$ref: "#/components/schemas/DeviceIpv4Addr"
ipv6Address:
$ref: "#/components/schemas/DeviceIpv6Address"
minProperties: 1
PhoneNumber:
description: |
A public identifier addressing a telephone subscription. In mobile networks it corresponds to the MSISDN (Mobile Station International Subscriber Directory Number). In order to be globally unique it has to be formatted in international format, according to E.164 standard, prefixed with '+'.
type: string
pattern: '^\+[1-9][0-9]{4,14}$'
example: "+123456789"
NetworkAccessIdentifier:
description: |
A public identifier addressing a subscription in a mobile network. In 3GPP terminology, it corresponds to the GPSI formatted with the External Identifier ({Local Identifier}@{Domain Identifier}). Unlike the telephone number, the network access identifier is not subjected to portability ruling in force, and is individually managed by each operator.
type: string
example: "[email protected]"
DeviceIpv4Addr:
type: object
description: |
The device should be identified by either the public (observed) IP address and port as seen by the application server, or the private (local) and any public (observed) IP addresses in use by the device (this information can be obtained by various means, for example from some DNS servers).
If the allocated and observed IP addresses are the same (i.e. NAT is not in use) then the same address should be specified for both publicAddress and privateAddress.
If NAT64 is in use, the device should be identified by its publicAddress and publicPort, or separately by its allocated IPv6 address (field ipv6Address of the Device object)
In all cases, publicAddress must be specified, along with at least one of either privateAddress or publicPort, dependent upon which is known. In general, mobile devices cannot be identified by their public IPv4 address alone.
properties:
publicAddress:
$ref: "#/components/schemas/SingleIpv4Addr"
privateAddress:
$ref: "#/components/schemas/SingleIpv4Addr"
publicPort:
$ref: "#/components/schemas/Port"
anyOf:
- required: [publicAddress, privateAddress]
- required: [publicAddress, publicPort]
example:
{
"publicAddress": "84.125.93.10",
"publicPort": 59765
}
DeviceIpv6Address:
description: |
The device should be identified by the observed IPv6 address, or by any single IPv6 address from within the subnet allocated to the device (e.g. adding ::0 to the /64 prefix).
type: string
format: ipv6
example: 2001:db8:85a3:8d3:1319:8a2e:370:7344
SingleIpv4Addr:
description: A single IPv4 address with no subnet mask
type: string
format: ipv4
example: "84.125.93.10"
Port:
description: TCP or UDP port number
type: integer
minimum: 1024
maximum: 65535
XCorrelator:
type: string
pattern: ^[a-zA-Z0-9-_:;.\/<>{}]{0,256}$
example: "b4333c46-49c0-4f62-80d7-f0ef930f1c46"
DeviceResponseBody:
description: |
The optional device identifier to include in the response
properties:
device:
description: |
The device identifier that was used to fulfil the request.
If this property is not present then the device
identifier sent in the request was used.
allOf:
- $ref: "#/components/schemas/DeviceResponse"
- example: {"phoneNumber": "+123456789"}
responses:
200Success:
description: 200 OK
headers:
x-correlator:
$ref: "#/components/headers/x-correlator"
content:
application/json:
schema:
required:
- edgeCloudZoneId
- edgeCloudZoneName
- edgeCloudProvider
allOf:
- $ref: "#/components/schemas/EdgeCloudZone"
- $ref: "#/components/schemas/DeviceResponseBody"
examples:
Closest Edge Cloud details:
description: The details of the closest Edge Cloud Zone
value:
edgeCloudZoneId: "f81d4fae-7dec-11d0-a765-00a0c91e6bf6"
edgeCloudZoneName: "UK-SOUTH"
edgeCloudProvider: "Example Provider"
Closest Edge Cloud plus device identifier:
description: The details of the closest Edge Cloud Zone
and the device identifier used to fulfill the request
value:
edgeCloudZoneId: "f81d4fae-7dec-11d0-a765-00a0c91e6bf6"
edgeCloudZoneName: "UK-SOUTH"
edgeCloudProvider: "Example Provider"
device:
phoneNumber: "+123456789"
Generic400:
description: Bad Request
headers:
x-correlator:
$ref: "#/components/headers/x-correlator"
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/ErrorInfo"
- type: object
properties:
status:
enum:
- 400
code:
enum:
- INVALID_ARGUMENT
- OUT_OF_RANGE
examples:
GENERIC_400_INVALID_ARGUMENT:
description: Invalid Argument. Generic Syntax Exception
value:
status: 400
code: INVALID_ARGUMENT
message: Client specified an invalid argument, request body or query param.
GENERIC_400_OUT_OF_RANGE:
description: Out of Range. Specific Syntax Exception used when a given field has a pre-defined range or a invalid filter criteria combination is requested
value:
status: 400
code: OUT_OF_RANGE
message: Client specified an invalid range.
Generic401:
description: Unauthorized
headers:
x-correlator:
$ref: "#/components/headers/x-correlator"
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/ErrorInfo"
- type: object
properties:
status:
enum:
- 401
code:
enum:
- UNAUTHENTICATED
- AUTHENTICATION_REQUIRED
examples:
GENERIC_401_UNAUTHENTICATED:
description: Request cannot be authenticated
value:
status: 401
code: UNAUTHENTICATED
message: Request not authenticated due to missing, invalid, or expired credentials.
Generic403:
description: Forbidden
headers:
x-correlator:
$ref: "#/components/headers/x-correlator"
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/ErrorInfo"
- type: object
properties:
status:
enum:
- 403
code:
enum:
- PERMISSION_DENIED
- INVALID_TOKEN_CONTEXT
examples:
GENERIC_403_PERMISSION_DENIED:
description: Permission denied. OAuth2 token access does not have the required scope or when the user fails operational security
value:
status: 403
code: PERMISSION_DENIED
message: Client does not have sufficient permissions to perform this action.
GENERIC_403_INVALID_TOKEN_CONTEXT:
description: Reflect some inconsistency between information in some field of the API and the related OAuth2 Token
value:
status: 403
code: INVALID_TOKEN_CONTEXT
message: "{{field}} is not consistent with access token."
Generic404:
description: Not found
headers:
x-correlator:
$ref: "#/components/headers/x-correlator"
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/ErrorInfo"
- type: object
properties:
status:
enum:
- 404
code:
enum:
- NOT_FOUND
- IDENTIFIER_NOT_FOUND
examples:
GENERIC_404_NOT_FOUND:
description: Resource is not found
value:
status: 404
code: NOT_FOUND
message: The specified resource is not found.
GENERIC_404_IDENTIFIER_NOT_FOUND:
description: Some identifier cannot be matched to a device
value:
status: 404
code: IDENTIFIER_NOT_FOUND
message: Device identifier not found.
Generic422:
description: Unprocessable Content
headers:
x-correlator:
$ref: "#/components/headers/x-correlator"
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/ErrorInfo"
- type: object
properties:
status:
enum:
- 422
code:
enum:
- SERVICE_NOT_APPLICABLE
- MISSING_IDENTIFIER
- UNSUPPORTED_IDENTIFIER
- UNNECESSARY_IDENTIFIER
examples:
GENERIC_422_SERVICE_NOT_APPLICABLE:
description: Service not applicable for the provided identifier
value:
status: 422
code: SERVICE_NOT_APPLICABLE
message: The service is not available for the provided identifier.
GENERIC_422_MISSING_IDENTIFIER:
description: An identifier is not included in the request and the device or phone number identification cannot be derived from the 3-legged access token
value:
status: 422
code: MISSING_IDENTIFIER
message: The device cannot be identified.
GENERIC_422_UNSUPPORTED_IDENTIFIER:
description: None of the provided identifiers is supported by the implementation
value:
status: 422
code: UNSUPPORTED_IDENTIFIER
message: The identifier provided is not supported.
GENERIC_422_UNNECESSARY_IDENTIFIER:
description: An explicit identifier is provided when a device or phone number has already been identified from the access token
value:
status: 422
code: UNNECESSARY_IDENTIFIER
message: The device is already identified by the access token.
Generic429:
description: Too Many Requests
headers:
x-correlator:
$ref: "#/components/headers/x-correlator"
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/ErrorInfo"
- type: object
properties:
status:
enum:
- 429
code:
enum:
- QUOTA_EXCEEDED
- TOO_MANY_REQUESTS
examples:
GENERIC_429_QUOTA_EXCEEDED:
description: Request is rejected due to exceeding a business quota limit
value:
status: 429
code: QUOTA_EXCEEDED
message: Out of resource quota.
GENERIC_429_TOO_MANY_REQUESTS:
description: Access to the API has been temporarily blocked due to rate or spike arrest limits being reached.
value:
status: 429
code: TOO_MANY_REQUESTS
message: Rate limit reached.
examples:
IdentifyDeviceBy3LeggedToken:
description: Empty JSON when device is identified by access token
value:
{}
IdentifyDeviceByPhoneNumber:
description: Identifying device by phone number
value:
device:
phoneNumber: "+123456789"
IdentifyDeviceByIPAddress:
description: Identifying device by IP address
value:
device:
ipv4Address:
publicAddress: "84.125.93.10"
publicPort: 59765
IdentifyDeviceByMultipleIdentifiers:
description: Identifying device by multiple device identifiers
value:
device:
phoneNumber: "+123456789"
ipv4Address:
publicAddress: "84.125.93.10"
publicPort: 59765
networkAccessIdentifier: "[email protected]"