Endpoint Metadata Extension service (EPMX) extends the communication capability of Kaa Protocol (1/KP). It implements 10/EPMP extension protocol to allow endpoints to retrieve and manage their metadata.
Additionally to implementing 10/EPMP, EPMX supports metadata whitelisting. This feature allows specifying a list of metadata fields that are accessible by endpoints. It also allows to forbid updating specific fields, rendering them read-only.
EPMX itself does not persist metadata and integrates with Endpoint Register service (EPR) (or other compatible implementation) for that purpose.
EPMX uses a number of interfaces to perform its functional role. The key supported interfaces are summarized in the following diagram.
For inter-service communication, Kaa services mainly use REST APIs and messaging protocols that run over NATS messaging system.
Extension service protocol
EPMX receives endpoint requests and sends responses back by means of 10/EPMP over 4/ESP.
Endpoint metadata management
EPMX uses EPR’s REST API to query and update persisted metadata.
EPMX is integrated with the Kaa Tekton for centralized application configuration management. It receives configuration update messages from Tekton over 17/SCMP and uses Tekton REST API to retrieve current configs.
See configuration for more information.
Kaa Tenant Manager integration
EPMX supports multi-tenancy with each tenant using a separate OAuth 2.0 issuer for authentication, authorization, and resource management. The list of the existing tenants is managed by [the Kaa Tenant Manager][Tenant Manager], which provides REST API for retrieving tenant security configs.
See the security configuration for more details on how to enable multi-tenancy in EPMX.