1. Virtual Network Functions Manager Installation and User Guide
  2. VNFM User Management

8 VNFM User Management

(Required) Enter introductory text here, including the definition and purpose of the concept. The initial build is delivered with two pre-installed users that are admin and reader. The user must login to VNFM first using the given credentials to generate anOAuth/X-Token for the admin using the API "Login to VNFM".

The password of the admin must be changed using the generated X-Token, and a new password must be stored using the Change Password API.

The new users is registered using the Register to VNFM API.

Once the registration request is sent by the user, the admin has the access to view the registration request instance with the help of the OAuth/X-Token through the Query all user instances API.

The admin can provision the incoming requests and add the user request using the Provision and Add API.

Upon the successful registration, the user can simply login to VNFM using the credentials to generate an OAuth/X-Token and use it for other LCM-Operations.

8.1 Access Control in VNFM

The admin user has access to use the available APIs. However, the user with reader privileges, is restricted to use the following:

  • Query All VNF Instances:
    https://<VNFM_HOST_IP>:8443/vnflcm/<<vnfm_version>>/vnf_instances/
  • Query Individual VNF Instance:
    https://<VNFM_HOST_IP>:8443/vnflcm/<<vnfm_version>>/vnf_instances/{
      vnfInstanceId
  • Query All LCM Operation:
    https://<VNFM_HOST_IP>:8443/vnflcm/<<vnfm_version>>/vnf_lcm_op_occs
  • Query Individual LCM Operation:
    https://<VNFM_HOST_IP>:8443/vnflcm/<<vnfm_version>>/vnf_lcm_op_occs/{
      vnfLcmOpOccId }
  • Query Heal VNF requests:
    https://<VNFM_HOST_IP>:8443/vnflcm/<<vnfm_version>>/vips/{vip}/heal
  • Query VNFM State Information:
    https://<VNFM_HOST_IP>:8443/vnflcm/<<vnfm_version>>/vnfmState

8.2 Login to VNFM

The user must provide the grant_type and the Authorization to generate an authentication token ergo OAuth-Token. Where,
  • grant_type: grant_type of the registered user. Currently, supporting only client_credentials.
  • Authorization: Authorization of the registered user. Currently, supporting Basic Format (Accepting Encrypted value of "'username':'password'").

Sample Request: Login to VNFM request generated

URL: https://<<VNFM HOST IP>>:8443/vnflcm/<<vnfm_version>>/vnfm_login/oauth/token

Accept: application/json

Content-Type: application/json

Example for Login:

{

"grant_type": "xxxx",

"Authorization": "xxxx"

}

Sample Response: Login to VNFM Response

200 Created

Content-Type: application/json

Request URL: https://<<VNFM HOST IP>>:8443/vnflcm/<<vnfm_version>>/vnfm_login/oauth/token 

"access_token": "eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiJJRCBvZiB0b2tlbiA6IHRva2VuX1ZORk0iLCJpYXQiOjE2ODcyNTQ2MDAsInN1YiI6IlN1YmplY3Qgb2YgSldUIiwiaXNzIjoiSXNzdWVyIG9mIFRva2VuOiBPcmFjbGUtRFNSIiwiYXVkIjoiYXVkaWVuY2UgOiBhZG1pbiIsImV4cCI6MTY4NzI1ODIwMH0.2r8-JaaP2-YfbRRpmQ6Zyik3vzbKweofsuHsFnQoz-g",
  "token_type": "Bearer",
  "expires_in": "3600000",
  "refresh_token": "eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiJJRCBvZiB0b2tlbiA6IHRva2VuX1ZORk0iLCJpYXQiOjE2ODcyNTQ2MDAsInN1YiI6IlN1YmplY3Qgb2YgSldUIiwiaXNzIjoiSXNzdWVyIG9mIFRva2VuOiBPcmFjbGUtRFNSIiwiYXVkIjoiYXVkaWVuY2UgOiBhZG1pbiIsImV4cCI6MTY4NzI1ODIwMH0.2r8-JaaP2-YfbRRpmQ6Zyik3vzbKweofsuHsFnQoz-g"

The following table describes the parameters used for sending request to VNFM:

Table 8-1 Parameters and Definitions

Parameter Definitions
grant_type client_credentials.
Authorization base64 decode of "username:password".

Note:

Authorization: Basic "YWRtaW46YWRtaW4=" where "YWRtaW46YWRtaW4=" is base64 encode of "username:password".

8.3 Register to VNFM

The new user must provide the username, the password and the access to send a successful registration request.

Note:

A valid password must be in range between 8 to 31 characters, with at least one digit, at least one lowercase letter, at least one uppercase letter, at least one special character, and should not contain white spaces.

Sample Request: Register to VNFM request generated

URL: https://<<VNFM HOST IP>>:8443/vnflcm/<<vnfm_version>>/vnfm_register

Accept: application/json

Content-Type: application/json

Authorization: Token generated after login

Example for Registration:

{

"username": "xxxx",

"password": "xxxx",

"access": "read/admin"

}

Sample Response: Register to VNFM Response

201 Created

Content-Type: application/json

Authorization: Token generated after login

Request URL: https://<<VNFM HOST IP>>:8443/vnflcm/<<vnfm_version>>/vnfm_register

{

"response": "Registration Request Sent"

The following table describes the parameters used for sending request to VNFM:

Table 8-2 Parameters and Definitions

Parameter Definitions
username Username of the new user.
password password Password of the new user.
access Scope of the new user.

8.4 Query All User Instances

The admin must provide the Authorization to view all the incoming registration requests.

Note:

Only the admin has the access to use this API.

Sample Request: Querying all user instances request generated 

URL: https://<<VNFM HOST IP>>:8443/vnflcm/<<vnfm_version>>/view_registration_requests
Accept: Authorization


Content-Type: Text


Example for querying all users:

eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiJJRCBvZiB0b2tlbiA6IHRva2VuX1ZORk0iLCJpYXQiOjE1NzMwMjEyMDYsInN1YiI6IlN1YmplY3Qgb2YgSldUIiwiaXNzIjoiSXNzdWVyIG9mIFRva2VuOiBPcmFjbGUtRFNSIiwiYXVkIjoiYXVkaWVuY2UgOiBhZG1pbiIsIm4cCI6MTU3MzAzOTIwNn0.Ep-lKGBZqaO9u_cpj1bSN8DBpWvZoRMQTOYNr18KY8w

Sample Response: Querying all user instances Response 

201 Created
Content-Type: application/json

Request URL: https://<<VNFM HOST IP>>:8443/vnflcm/<<vnfm_version>>/view_registration_requests

{
"user": [
{
"username": "xx",
"password": "xx",
"access": "read"
},
{
"username": "xx",
"password": "xx",
"access": "read"
},
{
"username": "xx",
"password": "xx",
"access": "admin"
}
]
}

The following table describes the parameters used for sending request to VNFM:

Table 8-3 Parameters and Definitions

Parameter Definitions
Authorization Authentication Token generated by the admin.

8.5 Change Password of the User

The user must provide the username, old password, new password and the Authorization to change the existing credentials in the system.

Note:

A valid password must be in range between 8 to 31 characters, with at least one digit, at least one lowercase letter, at least one uppercase letter, at least one special character, and should not contain white spaces.

Sample Request: Change Password request generated 

URL: https://<<VNFM HOST IP>>:8443/vnflcm/<<vnfm_version>>/change_password


Accept: application/json


Content-Type: application/json


Example for changing the password for a user:

Authorization :

eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiJJRCBvZiB0b2tlbiA6IHRva2VuX1ZORk0iLCJpYXQiOjE1NzMwMjEyMDYsInN1YiI6IlN1YmplY3Qgb2YgSldUIiwiaXNzIjoiSXNzdWVyIG9mIFRva2VuOiBPcmFjbGUtRFNSIiwiYXVkIjoiYXVkaWVuY2UgOiBhZG1pbiIsIm4cCI6MTU3MzAzOTIwNn0.Ep-lKGBZqaO9u_cpj1bSN8DBpWvZoRMQTOYNr18KY8w


{
"username": "xxx",
"newPassword": "xxx",
"oldPassword": "xxx"
}

Sample Response: Change Password Response 

201 Created

Content-Type: application/json

Request URL: https://<<VNFM HOST IP>>:8443/vnflcm/<<vnfm_version>>/change_password

{

"response":"Password Updated Successfully."

}

The following table describes the parameters used for sending request to VNFM:

Table 8-4 Parameters and Definitions

Parameter Definitions
username Username of the existing user.
newPassword The new password to be set for the user.
oldPassword The already existing password for the user.

8.6 Provision and Add User to VNFM

The admin must provide the username, password, access grant and the Authorization to add the credentials in the system.

Note:

Only the admin has the access to use this API.

Sample Request: Provision and Adding the users request generated 

URL: https://<<VNFM HOST IP>>:8443/vnflcm/<<vnfm_version>>/provision_and_add


Accept: application/json


Content-Type: application/json


Example for provisioning and adding a user:

Authorization :

eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiJJRCBvZiB0b2tlbiA6IHRva2VuX1ZORk0iLCJpYXQiOjE1NzMwMjEyMDYsInN1YiI6IlN1YmplY3Qgb2YgSldUIiwiaXNzIjoiSXNzdWVyIG9mIFRva2VuOiBPcmFjbGUtRFNSIiwiYXVkIjoiYXVkaWVuY2UgOiBhZG1pbiIsIm4cCI6MTU3MzAzOTIwNn0.Ep-lKGBZqaO9u_cpj1bSN8DBpWvZoRMQTOYNr18KY8w

{
"username": "xxx",
"password": "xxx",
"access": "read/admin"
}

Sample Response: Provision and Adding Response 

201 Created

Content-Type: application/json

Request URL: https://<<VNFM HOST IP>>:8443/vnflcm/<<vnfm_version>>/provision_and_add

{

"response":"User Successfully created."

}

The following table describes the parameters used for sending request to VNFM:

Table 8-5 Parameters and Definitions

Parameter Definitions
username Username of the user.
password Password of the user.
access Scope of the user.