Overview

Endpoint Metadata Extension service (EPMX) extends the communication capability of Kaa Protocol (1/KP). It implements 10/EPMP extension protocol to allow endpoints to retrieve and manage their metadata.

Additionally to implementing 10/EPMP, EPMX supports metadata whitelisting. This feature allows specifying a list of metadata fields that are accessible by endpoints. It also allows to forbid updating specific fields, rendering them read-only.

EPMX itself does not persist metadata and integrates with Endpoint Register service (EPR) (or other compatible implementation) for that purpose.

Interfaces

EPMX uses a number of interfaces to perform its functional role. The key supported interfaces are summarized in the following diagram.

EPMX interfaces diagram

For inter-service communication, Kaa services mainly use REST APIs and messaging protocols that run over NATS messaging system.

Extension service protocol

EPMX receives endpoint requests and sends responses back by means of 10/EPMP over 4/ESP.

Endpoint metadata management

EPMX uses EPR’s REST API to query and update persisted metadata.

Tekton integration

EPMX is integrated with the Kaa Tekton for centralized application configuration management. It receives configuration update messages from Tekton over 17/SCMP and uses Tekton REST API to retrieve current configs.

See configuration for more information.

Kaa Tenant Manager integration

EPMX supports multi-tenancy with each tenant using a separate OAuth 2.0 issuer for authentication, authorization, and resource management. The list of the existing tenants is managed by [the Kaa Tenant Manager][Tenant Manager], which provides REST API for retrieving tenant security configs.

See the security configuration for more details on how to enable multi-tenancy in EPMX.