5G Edge computing is a collaboration between cloud service providers and Verizon and setting up to use the Edge Discovery Service requires you to take actions in both platforms:

1. Find the regions defined in the Verizon 5G edge network, and then identify the regions where you want to deploy your application.
2. Create one or more service profiles that describe the resource requirements of the application services that will be deployed at the edge.
3. Use the region names and service profiles to find the optimal 5G Edge platforms to deploy to in each region. (You can, optionally, use a user equipment identifier instead of a service profile to find optimal 5G Edge platforms based on the IP address of that equipment.)
4. Through your cloud service provider, deploy your application's edge services to each of the 5G Edge platforms identified in the previous step.
5. Note the endpoint information for each of the deployed services; such as the FQDN, IPv4 address, IPv6 address, port and URI.
6. Register the endpoints with the Edge Discovery Service. In essence, you are telling the Edge Discovery Service, "Service XYZ is deployed to platform A at endpoint 123.23.345.111, and to platform B and endpoint 345.56.567.123."

After you have completed the above steps, you can send API requests to find the optimal service endpoints for specific client devices to connect to.

Steps 1-6 can be incorporated into your deployment processes. The request to find optimal service endpoints for each client session can be incorporated into the client application, or built into a cloud-based client routing service that is called at the beginning of each session.

Tutorial

 

Here is a tutorial to get you up and running with public MEC. Also, feel free to check out Verizon's 5G MEC blog.

 

 

5G Edge Developer Credentials and Tokens

 

You need an API Token to send API requests through the 5G Edge Developer Platform. You must register and sign in to be able to get keys and generate tokens to work with the Edge Discovery Service API.

 

Obtaining an API Token

 

We use the OAuth2 “client credentials” grant type to authenticate an API caller before providing an access token. We require that the application key and secret are Base64 encoded. To obtain an access token:

 

Current behavior for a Request Token, by default, the response is a "Full Access" token and doesn't require a scope to be specified:

curl --location --request POST 'https://5gedge.verizon.com/api/ts/v1/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic {token}' \
--data-urlencode 'grant_type=client_credentials'

if no scopes are specified, TSCore will respond with the "Full Access" scope:

{"access_token":"{token}","scope":" ts.application.ro ts.mec.fullaccess","token_type":"Bearer","expires_in":3600}

What is changing

 

There will now be a "Full Access" and "Limited Access" scopes for the OAuth request token.

 

Full Access

 

Implicit Request:

First options with the current process will respond with a Full Access scope (By Default) just like the current request process:

curl --location --request POST 'https://5gedge.verizon.com/api/ts/v1/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic {token}' \
--data-urlencode 'grant_type=client_credentials'

Response:

 If the token is already migrated, or if the Access Token was generated using a new client/secret using the new services, the response will include the "Full Access"  scope ( ts.mec.fullaccess ):

{"access_token":"{token}","scope":" ts.application.ro ts.mec.fullaccess","token_type":"Bearer","expires_in":1628}

Explicit Request:

The new explicit request requires two scopes to be specified (ts.application.ro  and ts.mec.fullaccess):

curl --location --request POST 'https://5gedge.verizon.com/api/ts/v1/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic {token}' \
--data-urlencode 'scope=ts.application.ro ts.mec.fullaccess' \
--data-urlencode 'grant_type=client_credentials'

Response:

Generating the access token using a client/secret, and the new services, the response will include the new scope ( ts.mec.fullaccess ):

{"access_token":"{token}","scope":"ts.application.ro ts.mec.fullaccess","token_type":"Bearer","expires_in":3600}

 

Limited Access

 

The new explicit request requires two scopes to be specified (ts.application.ro  and ts.mec.limitaccess):

curl --location --request POST 'https://5gedge.verizon.com/api/ts/v1/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic {token}' \
--data-urlencode 'scope=ts.application.ro ts.mec.limitaccess' \
--data-urlencode 'grant_type=client_credentials'

Response:

The response will include one new scope ( ts.mec.limitaccess ):

{"access_token":"{token}","scope":"ts.application.ro ts.mec.limitaccess","token_type":"Bearer","expires_in":3600}

 

New error responses

 

Token request with the wrong scope

 

Only the "Full Access" or "Limited Access" scopes can be used with the MEC API Endpoints. If an invalid token scope is requested the expected behavior is a 401 error. For example:

curl --location --request POST 'https://5gedge.verizon.com/api/ts/v1/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic {token}' \
--data-urlencode 'scope=ts.application.ro ts.mec.invalidaccess' \
--data-urlencode 'grant_type=client_credentials'

will result in the folowing response:

{"status": "401","message": "Invalid Token or Scopes" }

 

Please note: a "Full Access" token is required for any of the /serviceprofiles or /serviceendpoints API endpoints. A "Limited Access" token only has access to the Discovery API endpoints. Please see the table below.

 

API endpoints accessible based on the token

Endpoint	"Limited Access" token	"Full Access" token
EndpointFind the optimal 5G Edge platforms	"Limited Access" tokenSí	"Full Access" tokenSí
EndpointOutput a list of all 5G regions	"Limited Access" tokenSí	"Full Access" tokenSí
EndpointFind optimal edge application server endpoints	"Limited Access" tokenSí	"Full Access" tokenSí
EndpointRegister the routable service endpoints of a deployed application	"Limited Access" tokenNo	"Full Access" tokenSí
EndpointList all of the Service Endpoint IDs for a specific API key	"Limited Access" tokenNo	"Full Access" tokenSí
EndpointGet the routable endpoints of a registered serviceEndpointsId	"Limited Access" tokenNo	"Full Access" tokenSí
EndpointUpdate routable endpoint information for a specified serviceEndpointsId	"Limited Access" tokenNo	"Full Access" tokenSí
EndpointDeregister (delete) routable endpoints from a 5G Edge platform	"Limited Access" tokenNo	"Full Access" tokenSí
EndpointCreate a service profile that describes the resource requirements of an application	"Limited Access" tokenNo	"Full Access" tokenSí
EndpointGet all service profiles for an API key	"Limited Access" tokenNo	"Full Access" tokenSí
EndpointGet an individual service profile	"Limited Access" tokenNo	"Full Access" tokenSí
EndpointUpdate a service profile	"Limited Access" tokenNo	"Full Access" tokenSí
EndpointDeregister (delete) a service profile	"Limited Access" tokenNo	"Full Access" tokenSí