data_model/1.6/clusters/NetworkIdentityManagement.xml

<?xml version="1.0"?>
<!--
Copyright (C) Connectivity Standards Alliance (2026). All rights reserved.
The information within this document is the property of the Connectivity
Standards Alliance and its use and disclosure are restricted, except as
expressly set forth herein.

Connectivity Standards Alliance hereby grants you a fully-paid, non-exclusive,
nontransferable, worldwide, limited and revocable license (without the right to
sublicense), under Connectivity Standards Alliance's applicable copyright
rights, to view, download, save, reproduce and use the document solely for your
own internal purposes and in accordance with the terms of the license set forth
herein. This license does not authorize you to, and you expressly warrant that
you shall not: (a) permit others (outside your organization) to use this
document; (b) post or publish this document; (c) modify, adapt, translate, or
otherwise change this document in any manner or create any derivative work
based on this document; (d) remove or modify any notice or label on this
document, including this Copyright Notice, License and Disclaimer. The
Connectivity Standards Alliance does not grant you any license hereunder other
than as expressly stated herein.

Elements of this document may be subject to third party intellectual property
rights, including without limitation, patent, copyright or trademark rights,
and any such third party may or may not be a member of the Connectivity
Standards Alliance. Connectivity Standards Alliance members grant other
Connectivity Standards Alliance members certain intellectual property rights as
set forth in the Connectivity Standards Alliance IPR Policy. Connectivity
Standards Alliance members do not grant you any rights under this license. The
Connectivity Standards Alliance is not responsible for, and shall not be held
responsible in any manner for, identifying or failing to identify any or all
such third party intellectual property rights. Please visit www.csa-iot.org for
more information on how to become a member of the Connectivity Standards
Alliance.

This document and the information contained herein are provided on an “AS IS”
basis and the Connectivity Standards Alliance DISCLAIMS ALL WARRANTIES EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO (A) ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OF THIRD PARTIES (INCLUDING
WITHOUT LIMITATION ANY INTELLECTUAL PROPERTY RIGHTS INCLUDING PATENT, COPYRIGHT
OR TRADEMARK RIGHTS); OR (B) ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE, TITLE OR NONINFRINGEMENT. IN NO EVENT WILL THE
CONNECTIVITY STANDARDS ALLIANCE BE LIABLE FOR ANY LOSS OF PROFITS, LOSS OF
BUSINESS, LOSS OF USE OF DATA, INTERRUPTION OF BUSINESS, OR FOR ANY OTHER
DIRECT, INDIRECT, SPECIAL OR EXEMPLARY, INCIDENTAL, PUNITIVE OR CONSEQUENTIAL
DAMAGES OF ANY KIND, IN CONTRACT OR IN TORT, IN CONNECTION WITH THIS DOCUMENT
OR THE INFORMATION CONTAINED HEREIN, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
LOSS OR DAMAGE.

All company, brand and product names in this document may be trademarks that
are the sole property of their respective owners.

This notice and disclaimer must be included on all copies of this document.

Connectivity Standards Alliance
508 Second Street, Suite 206
Davis, CA 95616, USA

:xrefstyle: basic
-->
<cluster xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="types types.xsd cluster cluster.xsd" id="0x0450" name="Network Identity Management Cluster" revision="1">
  <revisionHistory>
    <revision revision="1" summary="Initial revision"/>
  </revisionHistory>
  <clusterIds>
    <clusterId id="0x0450" name="Network Identity Management">
      <provisionalConform/>
    </clusterId>
  </clusterIds>
  <classification hierarchy="base" role="application" picsCode="NETIM" scope="Endpoint"/>
  <dataTypes>
    <number name="ClientIndex" type="uint16"/>
    <number name="NetworkIdentityIndex" type="uint16"/>
    <enum name="IdentityTypeEnum">
      <item value="0" name="ECDSA" summary="ECDSA on the elliptic curve secp256r1">
        <mandatoryConform/>
      </item>
    </enum>
    <struct name="ActiveNetworkIdentityStruct">
      <field id="0" name="Index" type="NetworkIdentityIndex">
        <mandatoryConform/>
        <constraint>
          <between>
            <from value="1"/>
            <to value="65534"/>
          </between>
        </constraint>
      </field>
      <field id="1" name="Type" type="IdentityTypeEnum">
        <mandatoryConform/>
      </field>
      <field id="2" name="Identifier" type="octstr">
        <mandatoryConform/>
        <constraint>
          <allowed value="20"/>
        </constraint>
      </field>
      <field id="3" name="CreatedTimestamp" type="epoch-s">
        <mandatoryConform/>
      </field>
      <field id="4" name="Current" type="bool">
        <mandatoryConform/>
      </field>
      <field id="5" name="RemainingClients" type="uint16">
        <quality nullable="true"/>
        <mandatoryConform/>
      </field>
    </struct>
    <struct name="ClientStruct">
      <field id="0" name="ClientIndex" type="ClientIndex">
        <mandatoryConform/>
        <constraint>
          <between>
            <from value="1"/>
            <to value="2047"/>
          </between>
        </constraint>
      </field>
      <field id="1" name="ClientIdentifier" type="octstr">
        <mandatoryConform/>
        <constraint>
          <allowed value="20"/>
        </constraint>
      </field>
      <field id="2" name="NetworkIdentityIndex" type="NetworkIdentityIndex" default="null">
        <quality nullable="true"/>
        <mandatoryConform/>
        <constraint>
          <between>
            <from value="1"/>
            <to value="65534"/>
          </between>
        </constraint>
      </field>
    </struct>
  </dataTypes>
  <attributes>
    <attribute id="0x0000" name="ActiveNetworkIdentities" type="list">
      <entry type="ActiveNetworkIdentityStruct"/>
      <access read="true" readPrivilege="manage"/>
      <quality persistence="nonVolatile"/>
      <mandatoryConform/>
      <constraint>
        <maxCount value="4"/>
      </constraint>
    </attribute>
    <attribute id="0x0001" name="Clients" type="list">
      <entry type="ClientStruct"/>
      <access read="true" readPrivilege="manage"/>
      <quality persistence="nonVolatile"/>
      <mandatoryConform/>
      <constraint>
        <maxCount>
          <attribute name="ClientTableSize"/>
        </maxCount>
      </constraint>
    </attribute>
    <attribute id="0x0002" name="ClientTableSize" type="uint16" default="500">
      <access read="true" readPrivilege="view"/>
      <quality persistence="fixed"/>
      <mandatoryConform/>
      <constraint>
        <between>
          <from value="500"/>
          <to value="2047"/>
        </between>
      </constraint>
    </attribute>
  </attributes>
  <commands>
    <command id="0x00" name="AddClient" direction="commandToServer" response="AddClientResponse">
      <access invokePrivilege="manage" timed="true"/>
      <mandatoryConform/>
      <field id="0" name="ClientIdentity" type="octstr">
        <mandatoryConform/>
        <constraint>
          <maxLength value="140"/>
        </constraint>
      </field>
    </command>
    <command id="0x01" name="AddClientResponse" direction="responseFromServer">
      <mandatoryConform/>
      <field id="0" name="ClientIndex" type="ClientIndex">
        <mandatoryConform/>
        <constraint>
          <between>
            <from value="1"/>
            <to value="2047"/>
          </between>
        </constraint>
      </field>
    </command>
    <command id="0x02" name="RemoveClient" direction="commandToServer" response="Y">
      <access invokePrivilege="manage" timed="true"/>
      <mandatoryConform/>
      <field id="0" name="ClientIndex" type="ClientIndex">
        <optionalConform choice="a"/>
        <constraint>
          <between>
            <from value="1"/>
            <to value="2047"/>
          </between>
        </constraint>
      </field>
      <field id="1" name="ClientIdentifier" type="octstr">
        <optionalConform choice="a"/>
        <constraint>
          <allowed value="20"/>
        </constraint>
      </field>
    </command>
    <command id="0x03" name="QueryIdentity" direction="commandToServer" response="QueryIdentityResponse">
      <access invokePrivilege="manage"/>
      <mandatoryConform/>
      <field id="0" name="NetworkIdentityIndex" type="NetworkIdentityIndex">
        <optionalConform choice="b"/>
      </field>
      <field id="1" name="NetworkIdentityType" type="IdentityTypeEnum">
        <optionalConform choice="b"/>
      </field>
      <field id="2" name="Identifier" type="octstr">
        <optionalConform choice="b"/>
        <constraint>
          <allowed value="20"/>
        </constraint>
      </field>
    </command>
    <command id="0x04" name="QueryIdentityResponse" direction="responseFromServer">
      <mandatoryConform/>
      <field id="0" name="Identity" type="octstr">
        <mandatoryConform/>
        <constraint>
          <desc/>
        </constraint>
      </field>
    </command>
    <command id="0x40" name="ImportAdminSecret" direction="commandToServer" response="Y">
      <access invokePrivilege="admin" timed="true"/>
      <mandatoryConform/>
      <field id="0" name="NetworkAdministratorSharedSecret" type="octstr">
        <mandatoryConform/>
        <constraint>
          <maxLength value="64"/>
        </constraint>
      </field>
    </command>
    <command id="0x41" name="ExportAdminSecret" direction="commandToServer" response="ExportAdminSecretResponse">
      <access invokePrivilege="admin"/>
      <mandatoryConform/>
    </command>
    <command id="0x42" name="ExportAdminSecretResponse" direction="responseFromServer">
      <mandatoryConform/>
      <field id="0" name="NetworkAdministratorSharedSecret" type="octstr">
        <mandatoryConform/>
        <constraint>
          <maxLength value="64"/>
        </constraint>
      </field>
    </command>
  </commands>
</cluster>