Copyright © 2017-2023 World Wide Web Consortium . W3C ® liability , trademark and permissive document license rules apply.
This document describes a formal information model and a common representation for a Web of Things (WoT) Thing Description 1.1. A Thing Description describes the metadata and interfaces of Things , where a Thing is an abstraction of a physical or virtual entity that provides interactions to and participates in the Web of Things. Thing Descriptions provide a set of interactions based on a small vocabulary that makes it possible both to integrate diverse devices and to allow diverse applications to interoperate. Thing Descriptions, by default, are encoded in a JSON format that also allows JSON-LD processing. The latter provides a powerful foundation to represent knowledge about Things in a machine-understandable way. A Thing Description instance can be hosted by the Thing itself or hosted externally when a Thing has resource restrictions (e.g., limited memory space) or when a Web of Things-compatible legacy device is retrofitted with a Thing Description. Furthermore, this document introduces the Thing Model, which allows authors to describe only the model or class of an Internet of Things (IoT) entity. Thing Models can be seen as a template for Thing Description instances, but with reduced constraints such as no or few requirements for specific communication metadata.
This specification describes a superset of the features defined in Thing Description 1.0 [ WOT-THING-DESCRIPTION10 ]. Unless otherwise specified, documents created with version 1.0 of this specification remain compatible with Thing Description 1.1.
This section describes the status of this document at the time of its publication. A list of current W3C publications and the latest revision of this technical report can be found in the W3C technical reports index at https://www.w3.org/TR/.
Future updates to this specification may incorporate new features .
The Web of Things Working Group intends to submit this document for consideration as a W3C Proposed Recommendation after at least the minimum CR review period has passed. However, before PR transition is requested, any features or assertions currently marked as at-risk that did not appear in the TD 1.0 specification and do not have at least two implementations at that time will either be removed or converted into informative statements, as appropriate.
This document was published by the Web of Things Working Group as a Proposed Recommendation using the Recommendation track .
Publication as a Proposed Recommendation does not imply endorsement by W3C and its Members.
This is a draft document and may be updated, replaced or obsoleted by other documents at any time. It is inappropriate to cite this document as other than work in progress.
The W3C Membership and other interested parties are invited to review the document and send comments through 10 July 2023. Advisory Committee Representatives should consult their WBS questionnaires . Note that substantive technical comments were expected during the Candidate Recommendation review period that ended 16 February 2023.
This document was produced by a group operating under the W3C Patent Policy . W3C maintains a public list of any patent disclosures made in connection with the deliverables of the group; that page also includes instructions for disclosing a patent. An individual who has actual knowledge of a patent which the individual believes contains Essential Claim(s) must disclose the information in accordance with section 6 of the W3C Patent Policy .
This document is governed by the 2 November 2021 W3C Process Document .
This section is non-normative.
The WoT Thing Description (TD) is a central building block in the W3C Web of Things (WoT) and can be considered as the entry point of a Thing (much like the index.html of a Web site). A TD instance has five main components: textual metadata about the Thing itself, a set of Interaction Affordances that indicate how the Thing can be used, schemas for the data exchanged with the Thing for machine-understandability, Security Definitions to provide metadata about the security mechanisms that must be used for interactions, and, finally, Web links to express any formal or informal relation to other Things or documents on the Web.
The
Interaction
Model
of
W3C
WoT
defines
three
types
of
Interaction
Affordances
:
Properties
(
PropertyAffordance
class)
can
be
used
for
sensing
and
controlling
parameters,
such
as
getting
the
current
value
or
setting
an
operation
state.
Actions
(
ActionAffordance
class)
model
invocation
of
physical
(and
hence
time-consuming)
processes,
but
can
also
be
used
to
abstract
RPC-like
calls
of
existing
platforms.
Events
(
EventAffordance
class)
are
used
for
the
push
model
of
communication
where
notifications,
discrete
events,
or
streams
of
values
are
sent
asynchronously
to
the
receiver.
See
[
wot-architecture11
]
for
details.
In
general,
the
TD
provides
metadata
for
different
Protocol
Bindings
identified
by
URI
schemes
[
RFC3986
]
(e.g.,
http
,
coap
,
etc.
[
IANA-URI-SCHEMES
]),
content
types
based
on
media
types
[
RFC2046
]
(e.g.,
application/json
,
application/xml
,
application/cbor
,
application/exi
,
etc.
[
IANA-MEDIA-TYPES
]),
and
security
mechanisms
(for
authentication,
authorization,
confidentiality,
etc.).
Serialization
of
TD
instances
is
based
on
JSON
[
RFC8259
],
where
JSON
names
refer
to
terms
of
the
TD
vocabulary,
as
defined
in
this
specification
document.
In
addition
the
JSON
serialization
of
TDs
follows
the
syntax
of
JSON-LD
1.1
[
JSON-LD11
]
to
enable
extensions
and
rich
semantic
processing.
Example 1 shows a TD instance and illustrates the Interaction Model with Properties, Actions, and Events by describing a lamp Thing with the title MyLampThing .
From
this
TD
example,
we
know
there
exists
one
Property
affordance
with
the
title
status
.
In
addition,
information
is
provided
to
indicate
that
this
Property
is
accessible
via
(the
secure
form
of)
the
HTTP
protocol
with
a
GET
method
at
the
URI
https://mylamp.example.com/status
(announced
within
the
forms
structure
by
the
href
member),
and
will
return
a
string-based
status
value.
The
use
of
the
GET
method
is
not
stated
explicitly,
but
is
one
of
the
default
assumptions
defined
by
this
document.
In
a
similar
manner,
an
Action
affordance
is
specified
to
toggle
the
switch
status
using
the
POST
method
on
the
https://mylamp.example.com/toggle
resource,
where
POST
is
again
a
default
assumption
for
invoking
Actions.
The
Event
affordance
enables
a
mechanism
for
asynchronous
messages
to
be
sent
by
a
Thing
.
Here,
a
subscription
to
be
notified
upon
a
possible
overheating
event
of
the
lamp
can
be
obtained
by
using
HTTP
with
its
long
polling
subprotocol
on
https://mylamp.example.com/oh
.
This
example
also
specifies
the
basic
security
scheme,
requiring
a
username
and
password
for
access.
Note
that
a
security
scheme
is
first
given
a
name
in
securityDefinitions
and
then
activated
by
specifying
that
name
in
a
security
section.
In
combination
with
the
use
of
the
HTTP
protocol
this
example
demonstrates
the
use
of
HTTP
Basic
Authentication.
Specification
of
at
least
one
security
scheme
at
the
top
level
is
mandatory,
and
gives
the
default
access
requirements
for
every
resource.
However,
security
schemes
can
also
be
specified
per-form,
with
configurations
given
at
the
form
level
overriding
configurations
given
at
the
Thing
level,
allowing
for
the
specification
of
fine-grained
access
control.
It
is
also
possible
to
use
a
special
nosec
security
scheme
to
indicate
that
no
access
control
mechanisms
are
used.
Additional
examples
will
be
provided
later.
The
Thing
Description
offers
the
possibility
to
add
contextual
definitions
in
some
namespace.
This
mechanism
can
be
used
to
integrate
additional
semantics
to
the
content
of
the
Thing
Description
instance,
provided
that
formal
knowledge,
e.g.,
logic
rules
for
a
specific
domain
of
application,
can
be
found
under
the
given
namespace.
Contextual
information
can
also
help
specify
some
configurations
and
behavior
of
the
underlying
communication
protocols
declared
in
the
forms
field.
Example
2
extends
the
TD
sample
from
Example
1
by
introducing
a
second
definition
in
the
@context
to
declare
the
prefix
saref
as
referring
to
SAREF
,
the
Smart Appliance
Reference
Ontology
[
SMARTM2M
].
This
IoT
ontology
includes
terms
interpreted
as
semantic
labels
that
can
be
set
as
values
of
the
@type
field,
giving
the
semantics
of
Things
and
their
Interaction
Affordances
.
In
the
example
below,
the
Thing
is
labelled
with
saref:LightSwitch
,
the
status
Property
is
labelled
with
saref:OnOffState
and
the
toggle
Action
with
saref:ToggleCommand
.
The
declaration
mechanism
inside
some
@context
is
specified
by
JSON-LD.
A
TD
instance
complies
to
version
1.1
of
that
specification
[
json-ld11
].
Hence,
a
TD
instance
can
be
also
processed
as
an
RDF
document
(for
details
about
semantic
processing,
please
refer
to
Appendix
D.
JSON-LD
Context
Usage
and
the
documentation
under
the
namespace
IRIs,
e.g.,
https://www.w3.org/2019/wot/td
).
One of the main intentions of a Thing Description is to provide a Consumer with all the details necessary to successfully interact with a Thing . In some IoT application scenarios, a fully detailed Thing Description , e.g., with communication metadata is not necessary (e.g., IoT ecosystems may implicitly handle communication separately), or may not be available because a new entity has not yet been deployed (e.g., IP address is not yet known). Sometimes, also a kind of class definition is required that forces capability definitions that should be available for all created instances (e.g., large-scale production of new devices).
In order to address the above-mentioned scenarios or others, the Thing Model can be used that mainly provides the data model definitions within Things ' Properties , Actions , and/or Events and can be potentially used as template for creating Thing Description instances. In the following a sample Thing Model is presented that can be seen as a model for the Thing Description instance in Example 1 .
{ "@context": [
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1"],
"@type":
"hljs-string">"tm:ThingModel",
"title":
"hljs-string">"Lamp Thing Model",
"properties": { "status": {
"hljs-attr">"description": "current status of the lamp (on|off)",
"type":
"hljs-string">"string",
"readOnly":
"hljs-literal">true
}
},
"actions": { "toggle": {
"hljs-attr">"description": "Turn the lamp on or off"
}
},
"events": { "overheating": {
"hljs-attr">"description": "Lamp reaches a critical temperature (overheating)",
"data": {
"hljs-attr">"type": "string"}
}
}
}
Thing
Model
definitions
are
identified
by
the
"@type":
"tm:ThingModel"
.
As
the
example
shows,
it
does
not
provide
details
about
a
single
Thing
instance
due
to
the
lack
of
communication
and
security
metadata.
This
specification
presents
a
mechanism
for
deriving
valid
Thing
Description
instances
from
such
Thing
Model
definitions.
In
addition,
other
design
concepts
are
specified,
including
how
to
override,
extend,
and
reuse
existing
Thing
Model
definitions.
As well as sections marked as non-normative, all authoring guidelines, diagrams, examples, and notes in this specification are non-normative. Everything else in this specification is normative.
The key words MAY , MUST , MUST NOT , RECOMMENDED , SHOULD , and SHOULD NOT in this document are to be interpreted as described in BCP 14 [ RFC2119 ] [ RFC8174 ] when, and only when, they appear in all capitals, as shown here.
A Thing Description instance complies with this specification if it follows the normative statements in 5. TD Information Model and 6. TD Representation Format regarding Thing Description serialization.
A JSON Schema [ JSON-SCHEMA ] to validate Thing Description instances is provided in Appendix B. JSON Schema for TD Instance Validation .
This section is non-normative.
The fundamental WoT terminology such as Thing , Consumer , Producer , Thing Description ( TD ), Partial TD , Thing Model ( TM ), Interaction Model , Interaction Affordance , Property , Action , Event , Protocol Binding , Servient , Vocabulary , Term , Vocabulary Term , WoT Interface , and WoT Runtime are defined in Section 3 of the WoT Architecture specification [ wot-architecture11 ].
In addition, this specification introduces the following definitions:
@type
members,
and
through
the
use
of
string
prefixes
using
a
colon
(
:
).
Thing
class.
For
that
purpose,
a
TD Processor
can
compute
fill
in
the
forms
of
Thing
Descriptions
in
which
all
possible
Default
Values
are
assigned.
A
TD
Processor
is
typically
a
sub-system
of
a
WoT
Runtime
.
Implementations
of
a
TD
Processor
can
be
a
TD
producer
(able
to
serialize
to
TD
Documents)
or
a
TD
consumer
(able
to
deserialize
from
TD
Documents)
or
both.
@context
are
defined
is
the
Thing
level,
forms
are
defined
within
the
Affordance
level,
type
,
maximum
are
defined
within
the
Data
Schema
level
and
href
is
defined
within
the
Forms
level.
Even
if
not
defined,
other
levels
can
be
used
such
as
Links
level.
These definitions are further developed in 5.2 Preliminaries .
The version of the TD Information Model defined in 5. TD Information Model of this specification is identified by the following IRI:
https://www.w3.org/2022/wot/td/v1.1
This IRI [ RFC3987 ], which is also a URI [ RFC3986 ], can be dereferenced to obtain a JSON-LD context file [ json-ld11 ], allowing the compact strings in TD Documents to be expanded to full IRI-based Vocabulary Terms . However, this processing is only required when transforming JSON-based TD Documents to RDF, an optional feature of TD Processor implementations.
In the present specification, Vocabulary Terms are always presented in their compact form. Their expanded form can be accessed under the namespace IRI of the Vocabulary they belong to. These namespaces follow the structure of 5.3 Class Definitions . Each Vocabulary used in the TD Information Model has its own namespace IRI, as follows:
Vocabulary | Namespace IRI |
---|---|
Core |
https://www.w3.org/2019/wot/td#
|
Data Schema |
https://www.w3.org/2019/wot/json-schema#
|
Security |
https://www.w3.org/2019/wot/security#
|
Hypermedia Controls |
https://www.w3.org/2019/wot/hypermedia#
|
All vocabularies that are additionally used for Thing Model definitions have the following namespace IRI:
Vocabulary | Namespace IRI |
---|---|
Thing Model |
https://www.w3.org/2022/wot/tm#
|
The
Vocabularies
are
independent
from
each
other.
They
may
be
reused
and
extended
in
other
W3C
specifications.
Every
breaking
change
in
the
design
of
a
Vocabulary
will
require
the
assignment
of
a
new
year-based
namespace
URI.
Note
that
to
maintain
the
general
coherence
of
the
TD
Information
Model
,
the
associated
JSON-LD
context
file
is
versioned
such
that
every
version
has
its
own
URI
(
v1
,
v1.1
,
v2
,
...)
to
also
identify
non-breaking
changes,
in
particular
the
addition
of
new
Terms
.
Because a Vocabulary under some namespace IRI can only undergo non-breaking changes, its content can be safely cached or embedded in applications. One advantage of exposing relatively static content under a namespace IRI is to optimize payload sizes of messages exchanged between constrained devices. It also avoids any privacy leakage resulting from devices accessing publicly available vocabularies from private networks (see also 11. Privacy Considerations ).
This section introduces the TD Information Model . The TD Information Model serves as the conceptual basis for the processing of Thing Descriptions and their serialization, which is described separately in 6. TD Representation Format .
The TD Information Model is built upon the following, independent Vocabularies :
Each of these Vocabularies is essentially a set of Terms that can be used to build data structures, interpreted as objects in the traditional object-oriented sense. Objects are instances of classes and have properties. In the context of W3C WoT, they denote Things and their Interaction Affordances . A formal definition of objects is given in 5.2 Preliminaries . The main elements of the TD Information Model are then presented in 5.3 Class Definitions . Certain object properties may be omitted in a TD when Default Values exist. A list of defaults is given in 5.4 Default Value Definitions .
The
UML
diagram
shown
next
gives
an
overview
of
the
TD
Information
Model
.
It
represents
all
classes
as
tables
and
the
associations
that
exist
between
classes,
starting
from
the
class
Thing
,
as
directed
arrows.
For
the
sake
of
readability,
the
diagram
was
split
in
four
parts,
one
for
each
of
the
four
base
Vocabularies
.
To provide a model that can be easily processed by both, simple rules on a tree-based document (i.e., raw JSON processing) and rich Semantic Web tooling (i.e., JSON-LD processing), this document defines the following formal preliminaries to construct the TD Information Model accordingly.
All definitions in this section refer to sets , which intuitively are collections of elements that can themselves be sets. All arbitrarily complex data structures can be defined in terms of sets. In particular, an Object is a data structure recursively defined as follows:
Though this definition does not prevent Objects to include multiple name-value pairs with the same name, they are generally not considered in this specification. An Object whose elements only have numbers as names is called an Array . Similarly, an Object whose elements only have Term s (that do not belong to any Vocabulary ) as names is called a Map . All names appearing in some name-value pair in a Map are assumed to be unique within the scope of the Map .
Moreover, Object s can be instances of some Class . A Class , which is denoted by a Vocabulary Term , is first defined by a set of Vocabulary Terms called a Signature . A Class whose Signature is empty is called a Simple Type .
The
Signature
of
a
Class
allows
to
construct
two
functions
that
further
define
Classes
:
an
Assignment
Function
and
a
Type
Function
.
The
Assignment
Function
of
a
Class
takes
a
Vocabulary
Term
of
the
Class
's
Signature
as
input
and
returns
either
true
or
false
as
output.
Intuitively,
the
Assignment
Function
indicates
whether
an
element
of
the
Signature
is
mandatory
or
optional
when
instantiating
the
Class
.
The
Type
Function
of
a
Class
also
takes
a
Vocabulary
Term
of
the
Class
's
Signature
as
input
and
returns
another
Class
as
output.
These
functions
are
partial
:
their
domain
is
limited
to
the
Signature
of
the
Class
being
defined.
On the basis of these two functions, an Instance Relation can be defined for a pair composed of an Object and a Class . This relation is defined as constraints to be satisfied. That is, an Object is an instance of a Class if the two following constraints are both satisfied:
true
,
the
Object
includes
a
name-value
pair
with
the
Vocabulary
Term
as
name.
According
to
the
definition
above,
an
Object
would
be
an
instance
of
every
Simple
Type
,
regardless
of
its
structure.
Instead,
another
definition
for
the
Instance
Relation
is
introduced
for
Simple
Types
:
an
Object
is
an
instance
of
a
Simple
Type
if
it
is
a
Term
with
a
given
lexical
form
(e.g.,
true
,
false
for
the
boolean
type,
1
,
2
,
3
,
...
for
the
unsignedInt
type,
etc.).
Moreover, additional Classes , called Parameterized Classes , can be derived from the generic Map and Array structures. An Object is a Map of some Class , that is, an instance of the Map type parameterized with some Class , if it is a Map such that the value in all the name-value pairs it contains is an instance of this Class . The same applies to Arrays .
Finally, a Class is a Subclass of some other Class if every instance of the former is also an instance of the latter.
Given
all
definitions
above,
the
TD
Information
Model
is
to
be
understood
as
a
set
of
Class
definitions,
which
include
a
Class
name
(a
Vocabulary
Term
),
a
Signature
(a
set
of
Vocabulary
Terms
),
an
Assignment
Function
,
and
a
Type
Function
.
These
Class
definitions
are
provided
as
tables
in
5.3
Class
Definitions
.
For
each
table,
the
values
"mandatory"
(respectively,
"optional")
in
the
assignment
column
indicates
that
the
Assignment
Function
returns
true
(respectively,
false
)
for
the
corresponding
Vocabulary
Term
.
By
convention,
Simple
Types
are
denoted
by
names
starting
with
lowercase.
The
TD Information
Model
references
the
following
Simple Types
defined
in
XML
Schema
[
XMLSCHEMA11-2-20120405
]:
string
,
anyURI
,
dateTime
,
integer
,
unsignedInt
,
double
,
and
boolean
.
Their
definition
(i.e.,
the
specification
of
their
lexical
form)
is
outside
of
the
scope
of
the
TD
Information
Model
.
In
addition,
the
TD
Information
Model
defines
a
global
function
on
pairs
of
Vocabulary
Terms
.
The
function
takes
a
Class
name
and
another
Vocabulary
Term
as
input
and
returns
an
Object
.
If
the
returned
Object
is
different
from
null
,
it
represents
the
Default
Value
for
some
assignment
on
the
input
Vocabulary
Term
in
an
instance
of
the
input
Class
.
This
function
allows
to
relax
the
constraint
defined
above
on
the
Assignment
Function
:
an
Object
is
an
instance
of
a
Class
if
it
includes
all
mandatory
assignments
or
if
Default
Value
exist
for
the
missing
assignments.
All
Default
Values
are
given
in
the
table
of
5.4
Default
Value
Definitions
.
In
each
table
of
5.3
Class
Definitions
,
the
assignment
column
contains
the
value
"with
default"
if
a
Default
Value
is
available
for
the
corresponding
combination
of
Class
and
Vocabulary
Term
in
the
TD
Information
Model
.
The formalization introduced here does not consider the possible relation between Objects as abstract data structures and physical world objects such as Things . However, care was given to the possibility of re-interpreting all Vocabulary Terms involved in the TD Information Model as RDF resources, so as to integrate them in a larger model of the physical world (an ontology). For details about semantic processing, please refer to D. JSON-LD Context Usage and the documentation under the namespace IRIs, e.g., https://www.w3.org/2019/wot/td .
A TD Processor MUST satisfy the Class instantiation constraints on all Classes defined in 5.3.1 Core Vocabulary Definitions , 5.3.2 Data Schema Vocabulary Definitions , 5.3.3 Security Vocabulary Definitions , and 5.3.4 Hypermedia Controls Vocabulary Definitions .
In particular, note that all vocabulary terms and values are case sensitive. This is also true for the serialization of the information model (Section 6. TD Representation Format ).
An abstraction of a physical or a virtual entity whose metadata and interfaces are described by a WoT Thing Description, whereas a virtual entity is the composition of one or more Things.
Vocabulary term | Description | Assignment | Type |
---|---|---|---|
@context
| JSON-LD keyword to define short-hand names called terms that are used throughout a TD document. | mandatory |
anyURI
or
Array
|
@type
| JSON-LD keyword to label the object with semantic tags (or types). | optional |
string
or
Array
of
string
|
id
| Identifier of the Thing in form of a URI [ RFC3986 ] (e.g., stable URI, temporary and mutable URI, URI with local IP address, URN, etc.). | optional |
anyURI
|
title
| Provides a human-readable title (e.g., display a text for UI representation) based on a default language. | mandatory |
string
|
titles
| Provides multi-language human-readable titles (e.g., display a text for UI representation in different languages). Also see MultiLanguage . | optional |
Map
of
MultiLanguage
|
description
| Provides additional (human-readable) information based on a default language. | optional |
string
|
descriptions
| Can be used to support (human-readable) information in different languages. Also see MultiLanguage . | optional |
Map
of
MultiLanguage
|
version
| Provides version information. | optional |
VersionInfo
|
created
| Provides information when the TD instance was created. | optional |
dateTime
|
modified
| Provides information when the TD instance was last modified. | optional |
dateTime
|
support
|
Provides
information
about
the
TD
maintainer
as
URI
scheme
(e.g.,
mailto
[
RFC6068
],
tel
[
RFC3966
],
https
[
RFC9112
]).
| optional |
anyURI
|
base
|
Define
the
base
URI
that
is
used
for
all
relative
URI
references
throughout
a
TD
document.
In
TD
instances,
all
relative
URIs
are
resolved
relative
to
the
base
URI
using
the
algorithm
defined
in
[
RFC3986
].
base
does
not
affect
the
URIs
used
in
@context
and
the
IRIs
used
within
Linked
Data
[
LINKED-DATA
]
graphs
that
are
relevant
when
semantic
processing
is
applied
to
TD
instances.
| optional |
anyURI
|
properties
| All Property-based Interaction Affordances of the Thing. | optional |
Map
of
PropertyAffordance
|
actions
| All Action-based Interaction Affordances of the Thing. | optional |
Map
of
ActionAffordance
|
events
| All Event-based Interaction Affordances of the Thing. | optional |
Map
of
EventAffordance
|
links
| Provides Web links to arbitrary resources that relate to the specified Thing Description. | optional |
Array
of
Link
|
forms
| Set of form hypermedia controls that describe how an operation can be performed. Forms are serializations of Protocol Bindings. Thing level forms are used to describe endpoints for a group of interaction affordances. | optional |
Array
of
Form
|
security
|
Set
of
security
definition
names,
chosen
from
those
defined
in
securityDefinitions
.
These
must
all
be
satisfied
for
access
to
resources.
| mandatory |
string
or
Array
of
string
|
securityDefinitions
|
Set
of
named
security
configurations
(definitions
only).
Not
actually
applied
unless
names
are
used
in
a
security
name-value
pair.
| mandatory |
Map
of
SecurityScheme
|
profile
| Indicates the WoT Profile mechanisms followed by this Thing Description and the corresponding Thing implementation. | optional |
anyURI
or
Array
of
anyURI
|
schemaDefinitions
|
Set
of
named
data
schemas.
To
be
used
in
a
schema
name-value
pair
inside
an
AdditionalExpectedResponse
object.
| optional |
Map
of
DataSchema
|
uriVariables
|
Define
URI
template
variables
according
to
[
RFC6570
]
as
collection
based
on
DataSchema
declarations.
The
Thing
level
uriVariables
can
be
used
in
Thing
level
forms
or
in
Interaction
Affordances.
The
individual
variables
DataSchema
cannot
be
an
ObjectSchema
or
an
ArraySchema
since
each
variable
needs
to
be
serialized
to
a
string
inside
the
href
upon
the
execution
of
the
operation.
If
the
same
variable
is
both
declared
in
Thing
level
uriVariables
and
in
Interaction
Affordance
level,
the
Interaction
Affordance
level
variable
takes
precedence.
| optional |
Map
of
DataSchema
|
For
@context
the
following
rules
are
defined
for
Thing
Description
instances:
@context
name-value
pair
MUST
contain
the
anyURI
https://www.w3.org/2022/wot/td/v1.1
in
order
to
identify
the
document
as
a
TD
1.1
which
would
allow
Consumers
to
use
the
newly
introduced
terms.
https://www.w3.org/2019/wot/td/v1
MUST
be
the
first
entry
and
the
https://www.w3.org/2022/wot/td/v1.1
MUST
be
the
second
entry.
@context
is
an
Array
,
the
anyURI
https://www.w3.org/2022/wot/td/v1.1
MAY
be
followed
by
elements
of
type
anyURI
or
type
Map
in
any
order,
while
it
is
RECOMMENDED
to
include
only
one
Map
with
all
the
name-value
pairs
in
the
@context
Array
.
@context
Array
MAY
contain
name-value
pairs,
where
the
value
is
a
namespace
identifier
of
type
anyURI
and
the
name
a
Term
or
prefix
denoting
that
namespace.
@context
Array
SHOULD
contain
a
name-value
pair
that
defines
the
default
language
for
the
Thing
Description,
where
the
name
is
the
Term
@language
and
the
value
is
a
well-formed
language
tag
as
defined
by
[
BCP47
]
(e.g.,
en
,
de-AT
,
gsw-CH
,
zh-Hans
,
zh-Hant-HK
,
sl-nedis
).
To determine the base direction of all human-readable text in Thing Description and Thing Model instances this specification recommends to follow the [ STRING-META ] guideline about string-specific directional information when no built-in mechanism for associating base direction metadata is available.
TD Processors should be aware of certain special cases when processing bidirectional text. TD Processors SHOULD take care to use bidi isolation when presenting strings to users, particularly when embedding in surrounding text (e.g., for Web user interface) . Mixed direction text can occur in any language, even when the language is properly identified.
TD producers SHOULD attempt to provide mixed direction strings in a way that can be displayed successfully by a naive user agent. For example, if an RTL string begins with an LTR run (such as a number or a brand or trade name in Latin script), including an RLM character at the start of the string or wrapping opposite direction runs in bidi controls can assist in proper display.
Strings on the Web: Language and Direction Metadata [ string-meta ] provides some guidance and illustrates a number of pitfalls when using bidirectional text.
In
addition
to
the
explicitly
provided
Interaction
Affordances
in
the
properties
,
actions
,
and
events
Maps
,
a
Thing
can
also
provide
meta-interactions,
which
are
indicated
by
Form
instances
in
its
optional
forms
Array
.
When
the
forms
Array
of
a
Thing
instance
contains
Form
instances,
it
MUST
contain
op
member
with
the
string
values
assigned
to
the
name
op
,
either
directly
or
within
an
Array
,
MUST
be
one
of
the
following
operation
types
:
readallproperties
,
writeallproperties
,
readmultipleproperties
,
writemultipleproperties
,
observeallproperties
,
unobserveallproperties
,
queryallactions
,
subscribeallevents
,
or
unsubscribeallevents
.
(See
an
example
for
an
usage
of
form
in
a
Thing
instance.)
The
data
schema
for
each
of
the
property
meta-interactions
is
constructed
by
combining
the
data
schemas
of
each
PropertyAffordance
instance
in
a
single
ObjectSchema
instance,
where
the
properties
Map
of
the
ObjectSchema
instance
contains
each
data
schema
of
the
PropertyAffordances
identified
by
the
name
of
the
corresponding
PropertyAffordances
instance.
If
not
specified
otherwise
(e.g.,
through
a
TD
Context
Extension
),
the
request
data
of
the
readmultipleproperties
operation
is
an
Array
that
contains
the
intended
PropertyAffordances
instance
names,
which
is
serialized
to
the
content
type
specified
by
the
Form
instance.
Metadata of a Thing that shows the possible choices to Consumers , thereby suggesting how Consumers may interact with the Thing. There are many types of potential affordances, but W3C WoT defines three types of Interaction Affordances: Properties, Actions, and Events.
Vocabulary term | Description | Assignment | Type |
---|---|---|---|
@type
| JSON-LD keyword to label the object with semantic tags (or types). | optional |
string
or
Array
of
string
|
title
| Provides a human-readable title (e.g., display a text for UI representation) based on a default language. | optional |
string
|
titles
| Provides multi-language human-readable titles (e.g., display a text for UI representation in different languages). Also see MultiLanguage . | optional |
Map
of
MultiLanguage
|
description
| Provides additional (human-readable) information based on a default language. | optional |
string
|
descriptions
| Can be used to support (human-readable) information in different languages. Also see MultiLanguage . | optional |
Map
of
MultiLanguage
|
forms
| Set of form hypermedia controls that describe how an operation can be performed. Forms are serializations of Protocol Bindings. The array cannot be empty. | mandatory |
Array
of
Form
|
uriVariables
|
Define
URI
template
variables
according
to
[
RFC6570
]
as
collection
based
on
DataSchema
declarations.
The
individual
variables
DataSchema
cannot
be
an
ObjectSchema
or
an
ArraySchema
since
each
variable
needs
to
be
serialized
to
a
string
inside
the
href
upon
the
execution
of
the
operation.
If
the
same
variable
is
both
declared
in
Thing
level
uriVariables
and
in
Interaction
Affordance
level,
the
Interaction
Affordance
level
variable
takes
precedence.
| optional |
Map
of
DataSchema
|
The
class
InteractionAffordance
has
the
following
subclasses:
An Interaction Affordance that exposes state of the Thing. This state can then be retrieved (read) and/or updated (write). Things can also choose to make Properties observable by pushing the new state after a change.
Vocabulary term | Description | Assignment | Type |
---|---|---|---|
observable
|
A
hint
that
indicates
whether
Servients
hosting
the
Thing
and
Intermediaries
should
provide
a
Protocol
Binding
that
supports
the
observeproperty
and
unobserveproperty
operations
for
this
Property.
| with default |
boolean
|
Property
instances
are
also
instances
of
the
class
DataSchema
.
Therefore,
it
can
contain
the
type
,
unit
,
readOnly
and
writeOnly
members,
among
others.
PropertyAffordance
is
a
Subclass
of
the
InteractionAffordance
Class
and
the
DataSchema
Class
.
When
a
Form
instance
is
within
a
PropertyAffordance
instance,
the
value
assigned
to
op
MUST
be
one
of
readproperty
,
writeproperty
,
observeproperty
,
unobserveproperty
or
an
Array
containing
a
combination
of
these
terms.
It
is
considered
to
be
good
practice
that
each
observeproperty
has
a
corresponding
unobserveproperty
unless
the
protocol
supports
implicit
unsubscription
mechanisms
(e.g.,
heartbeat
to
detect
connection
loss).
The observation mechanism depends on the underlying protocol or sub-protocol. Having said that, it is not guaranteed that the current Property value will be provided once the subscription is initiated. Hence, it may be necessary to read the current Property value before/after the subscription to get a first value.
An Interaction Affordance that allows to invoke a function of the Thing, which manipulates state (e.g., toggling a lamp on or off) or triggers a process on the Thing (e.g., dim a lamp over time).
Vocabulary term | Description | Assignment | Type |
---|---|---|---|
input
| Used to define the input data schema of the Action. | optional |
DataSchema
|
output
| Used to define the output data schema of the Action. | optional |
DataSchema
|
safe
| Signals if the Action is safe (=true) or not. Used to signal if there is no internal state (cf. resource state) is changed when invoking an Action. In that case responses can be cached as example. | with default |
boolean
|
idempotent
| Indicates whether the Action is idempotent (=true) or not. Informs whether the Action can be called repeatedly with the same result, if present, based on the same input. | with default |
boolean
|
synchronous
| Indicates whether the action is synchronous (=true) or not. A synchronous action means that the response of action contains all the information about the result of the action and no further querying about the status of the action is needed. Lack of this keyword means that no claim on the synchronicity of the action can be made. | optional |
boolean
|
ActionAffordance
is
a
Subclass
of
the
InteractionAffordance
Class
.
When
a
Form
instance
is
within
an
ActionAffordance
instance,
the
value
assigned
to
op
MUST
either
be
invokeaction
,
queryaction
,
cancelaction
or
an
Array
containing
a
combination
of
these
terms.
An Interaction Affordance that describes an event source, which asynchronously pushes event data to Consumers (e.g., overheating alerts).
Vocabulary term | Description | Assignment | Type |
---|---|---|---|
subscription
| Defines data that needs to be passed upon subscription, e.g., filters or message format for setting up Webhooks. | optional |
DataSchema
|
data
| Defines the data schema of the Event instance messages pushed by the Thing. | optional |
DataSchema
|
dataResponse
| Defines the data schema of the Event response messages sent by the consumer in a response to a data message. | optional |
DataSchema
|
cancellation
| Defines any data that needs to be passed to cancel a subscription, e.g., a specific message to remove a Webhook. | optional |
DataSchema
|
EventAffordance
is
a
Subclass
of
the
InteractionAffordance
Class
.
When
a
Form
instance
is
within
an
EventAffordance
instance,
the
value
assigned
to
op
MUST
be
either
subscribeevent
,
unsubscribeevent
,
or
both
terms
within
an
Array
.
It
is
considered
to
be
good
practice
that
each
subscribeevent
has
a
corresponding
unsubscribeevent
unless
the
protocol
supports
implicit
unsubscription
mechanisms
(e.g.,
heartbeat
to
detect
connection
loss).
Metadata of a Thing that provides version information about the TD document. If required, additional version information such as firmware and hardware version (term definitions outside of the TD namespace) can be extended via the TD Context Extension mechanism.
Vocabulary term | Description | Assignment | Type |
---|---|---|---|
instance
| Provides a version indicator of this TD. | mandatory |
string
|
model
| Provides a version indicator of the underlying TM. | optional |
string
|
It
is
recommended
that
the
values
within
instances
and
model
of
the
VersionInfo
Class
follow
the
semantic
versioning
pattern,
where
a
sequence
of
three
numbers
separated
by
a
dot
indicates
the
major
version,
minor
version,
and
patch
version,
respectively.
See
[
SEMVER
]
for
details.
A Map providing a set of human-readable texts in different languages identified by language tags described in [ BCP47 ]. See 6.3.2 Human-Readable Metadata for example usages of this container in a Thing Description instance.
Each
name
of
the
MultiLanguage
Map
MUST
be
a
language
tag
as
defined
in
[
BCP47
].
Each
value
of
the
MultiLanguage
Map
MUST
be
of
type
string
.
A data schema is an abstract notation for data contained in data formats.
The data schema vocabulary definition reflects a very common subset of the terms defined by JSON Schema [ JSON-SCHEMA ]. It is noted that data schema definitions within Thing Description instances are not limited to this defined subset and may use additional terms found in JSON Schema using a TD Context Extension for the additional terms as described in 7. TD Context Extensions , otherwise these terms are semantically ignored by TD Processors (for details about semantic processing, please refer to D. JSON-LD Context Usage and the documentation under the namespace IRIs, e.g., https://www.w3.org/2019/wot/td ).
In
a
TD,
concrete
data
formats
are
specified
in
Forms
(see
5.3.4.2
Form
)
using
content
types.
When
the
value
of
a
content
type
in
an
instance
of
the
Form
is
application/json
,
the
data
schema
can
be
processed
directly
by
JSON
Schema
processors.
Otherwise,
Web
of
Things
(WoT)
Binding
Templates
[
WOT-BINDING-TEMPLATES
]
defines
data
schema's
available
mappings
to
other
content
types
such
as
XML
[
xml
].
If
the
content
type
in
an
instance
of
the
Form
is
not
application/json
and
if
no
mapping
is
defined
for
the
content
type,
specifying
a
data
schema
does
not
make
sense
for
the
content
type.
The following table contains content types which MAY use data schema to describe the structure of their payloads.
Format | Content Type |
---|---|
JSON/CBOR |
application/json
application/ld+json
application/senml+json
application/cbor
application/senml+cbor
|
XML/EXI |
application/xml
application/senml+xml
application/exi
application/senml-exi
|
Metadata that describes the data format used. It can be used for validation.
Vocabulary term | Description | Assignment | Type |
---|---|---|---|
@type
| JSON-LD keyword to label the object with semantic tags (or types) | optional |
string
or
Array
of
string
|
title
| Provides a human-readable title (e.g., display a text for UI representation) based on a default language. | optional |
string
|
titles
| Provides multi-language human-readable titles (e.g., display a text for UI representation in different languages). Also see MultiLanguage . | optional |
Map
of
MultiLanguage
|
description
| Provides additional (human-readable) information based on a default language. | optional |
string
|
descriptions
| Can be used to support (human-readable) information in different languages. Also see MultiLanguage . | optional |
Map
of
MultiLanguage
|
const
| Provides a constant value. | optional | any type |
default
| Supply a default value. The value SHOULD validate against the data schema in which it resides. | optional | any type |
unit
| Provides unit information that is used, e.g., in international science, engineering, and business. To preserve uniqueness, it is recommended that the value of the unit points to a semantic definition (also see Section Semantic Annotations ). | optional |
string
|
oneOf
| Used to ensure that the data is valid against one of the specified schemas in the array. This can be used to describe multiple input or output schemas. | optional |
Array
of
DataSchema
|
enum
| Restricted set of values provided as an array. | optional | Array of any type |
readOnly
| Boolean value that is a hint to indicate whether a property interaction / value is read only (=true) or not (=false). | with default |
boolean
|
writeOnly
| Boolean value that is a hint to indicate whether a property interaction / value is write only (=true) or not (=false). | with default |
boolean
|
format
| Allows validation based on a format pattern such as "date-time", "email", "uri", etc. (Also see below.) | optional |
string
|
type
| Assignment of JSON-based data types compatible with JSON Schema (one of boolean, integer, number, string, object, array, or null). | optional |
string
(one
of
object
,
array
,
string
,
number
,
integer
,
boolean
,
or
null
)
|
The
class
DataSchema
has
the
following
subclasses:
The
format
string
values
are
known
from
a
fixed
set
of
values
and
their
corresponding
format
rules
defined
in
[
JSON-SCHEMA
]
(Section
7.3
Defined
Formats
in
particular).
Servients
MAY
use
the
format
value
to
perform
additional
validation
accordingly.
When
a
value
that
is
not
found
in
the
known
set
of
values
is
assigned
to
format
,
such
a
validation
SHOULD
succeed.
any
type
(e.g.,
const
,
default
)
follow
data
types
compatible
with
JSON
Schema
(boolean,
integer,
number,
string,
object,
array,
or
null).
The
format
term
is
not
widely
implemented
by
JSON
Schema
tools.
In
addition,
the
term
format
is
being
discussed
by
the
JSON
Schema
standardisation
community
and
may
be
replaced
by
another
mechanism
or
removed
in
a
future
JSON
Schema
version.
Metadata
describing
data
of
type
Array
.
This
Subclass
is
indicated
by
the
value
array
assigned
to
type
in
DataSchema
instances.
Vocabulary term | Description | Assignment | Type |
---|---|---|---|
items
| Used to define the characteristics of an array. | optional |
DataSchema
or
Array
of
DataSchema
|
minItems
| Defines the minimum number of items that have to be in the array. | optional |
unsignedInt
|
maxItems
| Defines the maximum number of items that have to be in the array. | optional |
unsignedInt
|
Metadata
describing
data
of
type
boolean
.
This
Subclass
is
indicated
by
the
value
boolean
assigned
to
type
in
DataSchema
instances.
Metadata
describing
data
of
type
number
.
This
Subclass
is
indicated
by
the
value
number
assigned
to
type
in
DataSchema
instances.
Vocabulary term | Description | Assignment | Type |
---|---|---|---|
minimum
| Specifies a minimum numeric value, representing an inclusive lower limit. Only applicable for associated number or integer types. | optional |
double
|
exclusiveMinimum
| Specifies a minimum numeric value, representing an exclusive lower limit. Only applicable for associated number or integer types. | optional |
double
|
maximum
| Specifies a maximum numeric value, representing an inclusive upper limit. Only applicable for associated number or integer types. | optional |
double
|
exclusiveMaximum
| Specifies a maximum numeric value, representing an exclusive upper limit. Only applicable for associated number or integer types. | optional |
double
|
multipleOf
| Specifies the multipleOf value number. The value must strictly greater than 0. Only applicable for associated number or integer types. | optional |
double
|
Metadata
describing
data
of
type
integer
.
This
Subclass
is
indicated
by
the
value
integer
assigned
to
type
in
DataSchema
instances.
Vocabulary term | Description | Assignment | Type |
---|---|---|---|
minimum
| Specifies a minimum numeric value, representing an inclusive lower limit. Only applicable for associated number or integer types. | optional |
integer
|
exclusiveMinimum
| Specifies a minimum numeric value, representing an exclusive lower limit. Only applicable for associated number or integer types. | optional |
integer
|
maximum
| Specifies a maximum numeric value, representing an inclusive upper limit. Only applicable for associated number or integer types. | optional |
integer
|
exclusiveMaximum
| Specifies a maximum numeric value, representing an exclusive upper limit. Only applicable for associated number or integer types. | optional |
integer
|
multipleOf
| Specifies the multipleOf value number. The value must strictly greater than 0. Only applicable for associated number or integer types. | optional |
integer
|
Metadata
describing
data
of
type
Object
.
This
Subclass
is
indicated
by
the
value
object
assigned
to
type
in
DataSchema
instances.
Vocabulary term | Description | Assignment | Type |
---|---|---|---|
properties
| Data schema nested definitions. | optional |
Map
of
DataSchema
|
required
|
Defines
which
members
of
the
object
type
are
mandatory,
i.e.
which
members
are
mandatory
in
the
payload
that
is
to
be
sent
(e.g.
input
of
invokeaction
,
writeproperty
)
and
what
members
will
be
definitely
delivered
in
the
payload
that
is
being
received
(e.g.
output
of
invokeaction
,
readproperty
)
| optional |
Array
of
string
|
Metadata
describing
data
of
type
string
.
This
Subclass
is
indicated
by
the
value
string
assigned
to
type
in
DataSchema
instances.
Vocabulary term | Description | Assignment | Type |
---|---|---|---|
minLength
| Specifies the minimum length of a string. Only applicable for associated string types. | optional |
unsignedInt
|
maxLength
| Specifies the maximum length of a string. Only applicable for associated string types. | optional |
unsignedInt
|
pattern
| Provides a regular expression to express constraints of the string value. The regular expression must follow the [ ECMA-262 ] dialect. | optional |
string
|
contentEncoding
| Specifies the encoding used to store the contents, as specified in [ RFC2045 ] (Section 6.1) and [ RFC4648 ]. | optional |
string
(e.g.,
7bit
,
8bit
,
binary
,
quoted-printable
,
base16
,
base32
,
or
base64
)
|
contentMediaType
| Specifies the MIME type of the contents of a string value, as described in [ RFC2046 ]. | optional |
string
(e.g.,
image/png
,
or
audio/mpeg
)
|
The
length
of
a
string
(i.e.,
minLength
and
maxLength
)
is
defined
as
the
number
of
Unicode
code
points,
as
defined
by
[
RFC8259
].
Note
that
some
user-perceived
characters
are
composed
of
more
than
one
Unicode
code
point.
Arbitrary
index
values
might
not
fall
on
these
grapheme
boundaries,
so
truncation
according
to
maxLength
might
alter
the
appearance
or
meaning
of
the
string.
Metadata
describing
data
of
type
null
.
This
subclass
is
indicated
by
the
value
null
assigned
to
type
in
DataSchema
instances.
This
Subclass
describes
only
one
acceptable
value,
namely
null
.
It
is
important
to
note
that
null
does
not
mean
the
absence
of
a
value.
It
is
analogous
to
null
in
JavaScript,
None
in
Python,
null
in
Java
and
nil
in
Ruby
programming
languages.
It
can
be
used
as
part
of
a
oneOf
declaration,
where
it
is
used
to
indicate,
that
the
data
can
also
be
null
.
This specification provides a selection of well-established security mechanisms that are directly built into protocols eligible as Protocol Bindings for W3C WoT or are widely in use with those protocols. The current set of HTTP security schemes is partly based on OpenAPI 3.0.1 (see also [ OPENAPI ]). However while the HTTP security schemes, Vocabulary , and syntax given in this specification share many similarities with OpenAPI, they are not compatible.
Generally, security schemes require some form of secure transport to be effective, such as TLS or DTLS. Requirements for the use of secure transport are given in Section 10. Security Considerations in this document and in the Security Considerations section of [ wot-architecture11 ].
Metadata
describing
the
configuration
of
a
security
mechanism.
The
value
assigned
to
the
name
scheme
MUST
be
defined
within
a
Vocabulary
included
in
the
Thing
Description
,
either
in
the
standard
Vocabulary
defined
in
§
5.
TD
Information
Model
or
in
a
TD
Context
Extension
.
For all security schemes, any keys, passwords, or other sensitive information directly providing access MUST NOT be stored in the TD and should instead be shared and stored out-of-band via other mechanisms. The purpose of a TD is to describe how to access a Thing if and only if a Consumer already has authorization, and is not meant be used to grant that authorization.
Each security scheme object used in a TD defines a set of requirements to be met before access can be granted. We say a security scheme is satisfied when all its requirements are met. In some cases requirements from multiple security schemes will have to be met before access can be granted.
Security
schemes
generally
may
require
additional
authentication
parameters,
such
as
a
password
or
key.
The
location
of
this
information
is
indicated
by
the
value
associated
with
the
name
in
,
often
in
combination
with
the
value
associated
with
name
.
The
value
associated
with
in
can
take
one
of
the
following
values:
header
:
name
.
query
:
name
.
body
:
name
.
When
used
in
the
context
of
a
body
security
information
location,
the
value
of
name
MUST
be
in
the
form
of
a
JSON
pointer
[
RFC6901
]
relative
to
the
root
of
the
input
DataSchema
for
each
interaction
it
is
used
with.
Since
this
value
is
not
a
fragment
identifier,
and
is
not
relative
to
the
root
of
the
TD
but
to
whichever
data
schemas
the
security
scheme
is
bound
to,
this
value
should
not
start
with
#
;
it
is
a
"pure"
JSON
pointer.
Since
this
value
is
not
a
fragment
identifier,
it
also
does
not
need
to
URL-encode
special
characters.
The
targeted
element
may
or
may
not
already
exist
at
the
specified
location
in
the
referenced
object
or
array
schema
(consequently
the
mechanism
is
not
applicable
to
simple
types).
If
it
does
not,
it
will
be
inserted.
This
avoids
having
to
duplicate
definitions
in
the
data
schemas
of
every
interaction.
When
an
element
of
a
data
schema
indicated
by
a
JSON
pointer
indicated
in
a
body
locator
does
not
already
exist
in
the
indicated
schema,
it
MUST
be
possible
to
insert
the
indicated
element
at
the
location
indicated
by
the
pointer.
The
JSON
pointer
used
in
the
body
locator
MAY
use
the
"
-
"
character
to
indicate
a
non-existent
array
element
when
it
is
necessary
to
insert
an
element
after
the
last
element
of
an
existing
array.
The
element
referenced
(or
created)
by
a
body
security
information
location
MUST
be
required
and
of
type
"
string
".
If
name
is
not
given,
it
is
assumed
the
entire
body
is
to
be
used
as
the
security
parameter.
cookie
:
name
.
uri
:
name
.
This
is
more
general
than
the
query
mechanism
but
more
complex.
The
value
uri
SHOULD
be
specified
for
the
name
in
in
a
security
scheme
only
if
query
is
not
applicable.
The
URIs
provided
in
interactions
where
a
security
scheme
using
uri
as
the
value
for
in
MUST
be
a
URI
template
including
the
defined
variable.
auto
:
auto
is
set
for
the
in
field
of
a
SecurityScheme
,
then
the
name
field
SHOULD
NOT
be
set.
In
this
case,
the
application
of
the
SecurityScheme
is
subject
to
the
respective
specification
for
the
given
protocol
(e.g.
[
RFC8288
]
when
using
the
BasicSecurityScheme
with
HTTP).
If
multiple
parameters
are
needed
for
a
security
scheme,
repeat
the
security
scheme
definition
for
each
parameter
and
combine
them
using
a
combo
security
scheme
and
allOf
.
In
some
cases
parameters
may
not
actually
be
secret
but
a
user
may
wish
to
leave
them
out
of
the
TD
to
help
protect
privacy.
As
an
example
of
this,
some
security
mechanisms
require
both
a
client
identifier
and
a
secret
key.
In
theory,
the
client
identifier
is
public
however
it
may
be
hard
to
update
and
pose
a
tracking
risk.
In
such
a
case
it
can
be
provided
as
an
additional
security
parameter
so
it
does
not
appear
in
the
TD.
The
names
of
URI
variables
declared
in
a
SecurityScheme
MUST
be
distinct
from
all
other
URI
variables
declared
in
the
TD.
Vocabulary term | Description | Assignment | Type |
---|---|---|---|
@type
| JSON-LD keyword to label the object with semantic tags (or types). | optional |
string
or
Array
of
string
|
description
| Provides additional (human-readable) information based on a default language. | optional |
string
|
descriptions
| Can be used to support (human-readable) information in different languages. Also see MultiLanguage . | optional |
Map
of
MultiLanguage
|
proxy
| URI of the proxy server this security configuration provides access to. If not given, the corresponding security configuration is for the endpoint. | optional |
anyURI
|
scheme
| Identification of the security mechanism being configured. | mandatory |
string
(e.g.,
nosec
,
combo
,
basic
,
digest
,
bearer
,
psk
,
oauth2
,
apikey
,
or
auto
)
|
The
class
SecurityScheme
has
the
following
subclasses:
A
security
configuration
corresponding
to
identified
by
the
Vocabulary
Term
nosec
(i.e.,
"scheme":
"nosec"
),
indicating
there
is
no
authentication
or
other
mechanism
required
to
access
the
resource.
An
automatic
authentication
security
configuration
identified
by
the
term
auto
(i.e.,
"scheme":
"auto"
).
This
scheme
indicates
that
the
security
parameters
are
going
to
be
negotiated
by
the
underlying
protocols
at
runtime,
subject
to
the
respective
specifications
for
the
protocol
(e.g.
[
RFC8288
]
for
Basic
Authentication
when
using
HTTP).
This section is at risk.
A
combination
of
other
security
schemes
identified
by
the
Vocabulary
Term
combo
(i.e.,
"scheme":
"combo"
).
Elements
of
this
scheme
define
various
ways
in
which
other
named
schemes
defined
in
securityDefinitions
,
including
other
ComboSecurityScheme
definitions,
are
to
be
combined
to
create
a
new
scheme
definition.
Exactly
one
of
either
oneOf
or
allOf
vocabulary
terms
MUST
be
included.
Only
security
scheme
definitions
which
can
be
used
together
can
be
combined
with
allOf
.
For
example,
it
is
not
possible
in
general
to
combine
different
OAuth
2.0
flows
together
using
allOf
unless
one
applies
to
a
proxy
and
one
to
the
endpoint.
Note
that
when
multiple
named
security
scheme
definitions
are
listed
in
a
security
field
the
same
semantics
apply
as
in
an
allOf
combination
(and
the
same
limitations
on
allowable
combinations).
The
oneOf
combination
is
equivalent
to
using
different
security
schemes
on
forms
that
are
otherwise
identical.
In
this
sense
a
oneOf
scheme
is
not
an
essential
feature
but
it
does
avoid
redundancy
in
such
cases.
Vocabulary term | Description | Assignment | Type |
---|---|---|---|
oneOf
| Array of two or more strings identifying other named security scheme definitions, any one of which, when satisfied, will allow access. Only one may be chosen for use. | mandatory |
Array
of
string
|
allOf
| Array of two or more strings identifying other named security scheme definitions, all of which must be satisfied for access. | mandatory |
Array
of
string
|
Basic
Authentication
[
RFC7617
]
security
configuration
identified
by
the
Vocabulary
Term
basic
(i.e.,
"scheme":
"basic"
),
using
an
unencrypted
username
and
password.
Vocabulary term | Description | Assignment | Type |
---|---|---|---|
name
| Name for query, header, cookie, or uri parameters. | optional |
string
|
in
| Specifies the location of security authentication information. | with default |
string
(one
of
header
,
query
,
body
,
cookie
,
or
auto
)
|
Digest
Access
Authentication
[
RFC7616
]
security
configuration
identified
by
the
Vocabulary
Term
digest
(i.e.,
"scheme":
"digest"
).
This
scheme
is
similar
to
basic
authentication
but
with
added
features
to
avoid
man-in-the-middle
attacks.
Vocabulary term | Description | Assignment | Type |
---|---|---|---|
name
| Name for query, header, cookie, or uri parameters. | optional |
string
|
in
| Specifies the location of security authentication information. | with default |
string
(one
of
header
,
query
,
body
,
cookie
,
or
auto
)
|
qop
| Quality of protection. | with default |
string
(one
of
auth
,
or
auth-int
)
|
API
key
authentication
security
configuration
identified
by
the
Vocabulary
Term
apikey
(i.e.,
"scheme":
"apikey"
).
This
scheme
is
to
be
used
when
the
access
token
is
opaque,
for
example
when
a
key
in
an
unknown
or
proprietary
format
is
provided
by
a
cloud
service
provider.
In
this
case
the
key
may
not
be
using
a
standard
token
format.
This
scheme
indicates
that
the
key
provided
by
the
service
provider
needs
to
be
supplied
as
part
of
service
requests
using
the
mechanism
indicated
by
the
"in"
field.
Vocabulary term | Description | Assignment | Type |
---|---|---|---|
name
| Name for query, header, cookie, or uri parameters. | optional |
string
|
in
| Specifies the location of security authentication information. | with default |
string
(one
of
header
,
query
,
body
,
cookie
,
uri
,
or
auto
)
|
Bearer
Token
[
RFC6750
]
security
configuration
identified
by
the
Vocabulary
Term
bearer
(i.e.,
"scheme":
"bearer"
)
for
situations
where
bearer
tokens
are
used
independently
of
OAuth2.
If
the
oauth2
scheme
is
specified
it
is
not
generally
necessary
to
specify
this
scheme
as
well
as
it
is
implied.
For
format
,
the
value
jwt
indicates
conformance
with
[
RFC7519
],
jws
indicates
conformance
with
[
RFC7797
],
cwt
indicates
conformance
with
[
RFC8392
],
and
jwe
indicates
conformance
with
[
RFC7516
],
with
values
for
alg
interpreted
consistently
with
those
standards.
Other
formats
and
algorithms
for
bearer
tokens
MAY
be
specified
in
vocabulary
extensions
.
Vocabulary term | Description | Assignment | Type |
---|---|---|---|
authorization
| URI of the authorization server. | optional |
anyURI
|
name
| Name for query, header, cookie, or uri parameters. | optional |
string
|
alg
| Encoding, encryption, or digest algorithm. | with default |
string
(e.g.,
ES256
,
or
ES512-256
)
|
format
| Specifies format of security authentication information. | with default |
string
(e.g.,
jwt
,
cwt
,
jwe
,
or
jws
)
|
in
| Specifies the location of security authentication information. | with default |
string
(one
of
header
,
query
,
body
,
cookie
,
or
auto
)
|
Pre-shared
key
authentication
security
configuration
identified
by
the
Vocabulary
Term
psk
(i.e.,
"scheme":
"psk"
).
This
is
meant
to
identify
that
a
standard
is
used
for
pre-shared
keys
such
as
TLS-PSK
[
RFC4279
],
and
that
the
ciphersuite
used
for
keys
will
be
established
during
protocol
negotiation.
Vocabulary term | Description | Assignment | Type |
---|---|---|---|
identity
| Identifier providing information which can be used for selection or confirmation. | optional |
string
|
OAuth
2.0
authentication
security
configuration
for
systems
conformant
with
[
RFC6749
]
and
[
RFC8252
],
identified
by
the
Vocabulary
Term
oauth2
(i.e.,
"scheme":
"oauth2"
).
Vocabulary term | Description | Assignment | Type |
---|---|---|---|
authorization
| URI of the authorization server. | optional |
anyURI
|
token
| URI of the token server. | optional |
anyURI
|
refresh
| URI of the refresh server. | optional |
anyURI
|
scopes
|
Set
of
authorization
scope
identifiers
provided
as
an
array.
These
are
provided
in
tokens
returned
by
an
authorization
server
and
associated
with
forms
in
order
to
identify
what
resources
a
client
may
access
and
how.
The
values
associated
with
a
form
SHOULD
be
chosen
from
those
defined
in
an
OAuth2SecurityScheme
active
on
that
form.
| optional |
string
or
Array
of
string
|
flow
| Authorization flow. | mandatory |
string
(e.g.,
code
,
or
client
)
|
For
the
code
flow
both
authorization
and
token
vocabulary
terms
MUST
be
included.
For
the
client
flow
token
vocabulary
term
MUST
be
included.
For
the
client
flow
authorization
vocabulary
term
MUST
NOT
be
included.
The
mandatory
elements
for
each
flow
are
summarized
in
the
following
table:
Element |
code
|
client
|
---|---|---|
authorization
| mandatory | omit |
token
| mandatory | mandatory |
refresh
| optional | optional |
The
present
model
provides
a
representation
for
(typed)
Web
links
and
Web
forms
exposed
by
a
Thing
.
The
Link
class
definition
reflects
a
very
common
subset
of
the
terms
defined
in
Web
Linking
[
RFC8288
].
The
defined
terms
can
be
used,
e.g.,
to
describe
the
relation
to
another
Thing
such
as
a
Lamp
Thing
is
controlled
by
a
Switch
Thing
.
The
Form
class
corresponds
to
a
newly
introduced
form
of
hypermedia
control
to
manipulate
the
state
of
Things
(and
other
Web
resources).
A link can be viewed as a statement of the form " link context has a relation type resource at link target ", where the optional target attributes may further describe the resource.
Vocabulary term | Description | Assignment | Type |
---|---|---|---|
href
| Target IRI of a link or submission target of a form. | mandatory |
anyURI
|
type
| Target attribute providing a hint indicating what the media type [ RFC2046 ] of the result of dereferencing the link should be. | optional |
string
|
rel
| A link relation type identifies the semantics of a link. | optional |
string
|
anchor
|
Overrides
the
link
context
(by
default
the
Thing
itself
identified
by
its
id
)
with
the
given
URI
or
IRI.
| optional |
anyURI
|
sizes
| Target attribute that specifies one or more sizes for the referenced icon. Only applicable for relation type "icon". The value pattern follows {Height}x{Width} (e.g., "16x16", "16x16 32x32"). | optional |
string
|
hreflang
| The hreflang attribute specifies the language of a linked document. The value of this must be a valid language tag [ BCP47 ]. | optional |
string
or
Array
of
string
|
The
hreflang
attribute
is
allowed
to
be
a
string
or
array
in
this
version
of
the
spec.
Depending
on
the
result
of
[
LINKSET-MEDIA-TYPES
]
the
values
of
hrefLang
can
be
restricted
to
array
only.
Link relations can be used to describe relations such as to other Things (e.g., a Switch Thing controls a Lamp Thing), to a specific kind of Thing Models (e.g., a Thing Description is an instance of a specific Thing Model), or to further documentations information (e.g., device manual of a Thing). It is recommended to reuse existing and established Link Relation definitions from IANA.
In the following a best practice relation type table is introduced that is recommended to use within WoT Thing Description or Thing Model instances.
Value | Occurrence | Explanation | Source of value origin |
---|---|---|---|
icon
| 0..* | Imports an icon associated to the Thing (e.g., for UI purposes). | IANA Link Relation |
service-doc
| 0..* | Relation to a resource that provide (human-readable) documentation or descriptions. | IANA Link Relation |
alternate
| 0..* | Point to alternative representation of the Thing (i.e. RDF-Turtle, human-readable HTML document, ...). | IANA Link Relation |
type
| 0..1 | Indicate that the Thing is an instance of the target resource such as to a Thing Model . | IANA Link Relation |
tm:extends
| 0..1 | Extends an existing definition of the target resource such as a Thing Model . Only applicable for Thing Model definitions. | W3C WoT Thing Model |
tm:submodel
| 0..* | Used to compose one or multiple Thing Models . Only applicable for Thing Model definitions. | W3C WoT Thing Model |
manifest
| 0..* | Point to the web app manifest of a web application which provides, e.g., a user interface with which a user can interact with the Thing (also see [ APPMANIFEST ]). | IANA Link Relation |
proxy-to
| 0..* |
Target
resource
provide
the
address
of
a
proxy.
Additional
security
metadata
can
be
provided
using
the
proxy
field
in
a
SecurityScheme
. | W3C WoT Security and WoT Binding Template |
collection
| 0..1 | Points to a collections of Things . | IANA Link Relation |
item
| 0..* | Points to a Thing that is member of the current Thing collections. | IANA Link Relation |
predecessor-version
| 0..1 | Points to a previous Thing Description or Thing Model version. | IANA Link Relation |
controlledBy
| 0..* | Refers to a Thing that controls the context Thing . | W3C Thing Description |
A form can be viewed as a statement of "To perform an operation type operation on form context , make a request method request to submission target " where the optional form fields may further describe the required request. In Thing Descriptions, the form context is the surrounding Object, such as Properties, Actions, and Events or the Thing itself for meta-interactions.
Vocabulary term | Description | Assignment | Type |
---|---|---|---|
href
| Target IRI of a link or submission target of a form. | mandatory |
anyURI
|
contentType
|
Assign
a
content
type
based
on
a
media
type
(e.g.,
text/plain
)
and
potential
parameters
(e.g.,
charset=utf-8
)
for
the
media
type
[
RFC2046
].
| with default |
string
|
contentCoding
| Content coding values indicate an encoding transformation that has been or can be applied to a representation. Content codings are primarily used to allow a representation to be compressed or otherwise usefully transformed without losing the identity of its underlying media type and without loss of information. Examples of content coding include "gzip", "deflate", etc. . | optional |
string
|
security
|
Set
of
security
definition
names,
chosen
from
those
defined
in
securityDefinitions
.
These
must
all
be
satisfied
for
access
to
resources.
| optional |
string
or
Array
of
string
|
scopes
|
Set
of
authorization
scope
identifiers
provided
as
an
array.
These
are
provided
in
tokens
returned
by
an
authorization
server
and
associated
with
forms
in
order
to
identify
what
resources
a
client
may
access
and
how.
The
values
associated
with
a
form
SHOULD
be
chosen
from
those
defined
in
an
OAuth2SecurityScheme
active
on
that
form.
| optional |
string
or
Array
of
string
|
response
| This optional term can be used if, e.g., the output communication metadata differ from input metadata (e.g., output contentType differ from the input contentType). The response name contains metadata that is only valid for the primary response messages. | optional |
ExpectedResponse
|
additionalResponses
| This optional term can be used if additional expected responses are possible, e.g. for error reporting. Each additional response needs to be distinguished from others in some way (for example, by specifying a protocol-specific error code), and may also have its own data schema. | optional |
Array
of
AdditionalExpectedResponse
|
subprotocol
|
Indicates
the
exact
mechanism
by
which
an
interaction
will
be
accomplished
for
a
given
protocol
when
there
are
multiple
options.
For
example,
for
HTTP
and
Events,
it
indicates
which
of
several
available
mechanisms
should
be
used
for
asynchronous
notifications
such
as
long
polling
(
longpoll
),
WebSub
[
websub
]
(
websub
),
Server-Sent
Events
(
sse
)
[
html
]
(also
known
as
EventSource).
Please
note
that
there
is
no
restriction
on
the
subprotocol
selection
and
other
mechanisms
can
also
be
announced
by
this
subprotocol
term.
| optional |
string
(e.g.,
longpoll
,
websub
,
or
sse
)
|
op
| Indicates the semantic intention of performing the operation(s) described by the form. For example, the Property interaction allows get and set operations. The protocol binding may contain a form for the get operation and a different form for the set operation. The op attribute indicates which form is for which and allows the client to select the correct form for the operation required. op can be assigned one or more interaction verb(s) each representing a semantic intention of an operation. | with default |
string
or
Array
of
string
(one
of
readproperty
,
writeproperty
,
observeproperty
,
unobserveproperty
,
invokeaction
,
queryaction
,
cancelaction
,
subscribeevent
,
unsubscribeevent
,
readallproperties
,
writeallproperties
,
readmultipleproperties
,
writemultipleproperties
,
observeallproperties
,
unobserveallproperties
,
subscribeallevents
,
unsubscribeallevents
,
or
queryallactions
)
|
Possible
values
for
the
contentCoding
property
can
be
found,
e.g.,
in
the
IANA
HTTP
content
coding
registry
.
The list of possible operation types of a form is fixed. As of this version of the specification, it only includes the well-known types necessary to implement the WoT interaction model described in [ wot-architecture11 ]. Future versions of the standard may extend this list but operations types SHOULD NOT be arbitrarily set by servients and be restricted to the values in the table below.
Operation Type | Description |
---|---|
readproperty | Identifies the read operation on Property Affordances to retrieve the corresponding data. |
writeproperty | Identifies the write operation on Property Affordances to update the corresponding data. |
observeproperty | Identifies the observe operation on Property Affordances to be notified with the new data when the Property is updated. |
unobserveproperty | Identifies the unobserve operation on Property Affordances to stop the corresponding notifications. |
invokeaction | Identifies the invoke operation on Action Affordances to perform the corresponding action. |
queryaction | Identifies the querying operation on Action Affordances to get the status of the corresponding action. |
cancelaction | Identifies the cancel operation on Action Affordances to cancel the ongoing corresponding action. |
subscribeevent | Identifies the subscribe operation on Event Affordances to be notified by the Thing when the event occurs. |
unsubscribeevent | Identifies the unsubscribe operation on Event Affordances to stop the corresponding notifications. |
readallproperties | Identifies the readallproperties operation on a Thing to retrieve the data of all Properties in a single interaction. |
writeallproperties | Identifies the writeallproperties operation on a Thing to update the data of all writable Properties in a single interaction. |
readmultipleproperties | Identifies the readmultipleproperties operation on a Thing to retrieve the data of selected Properties in a single interaction. |
writemultipleproperties | Identifies the writemultipleproperties operation on a Thing to update the data of selected writable Properties in a single interaction. |
observeallproperties | Identifies the observeallproperties operation on Properties to be notified with new data when any Property is updated. |
unobserveallproperties | Identifies the unobserveallproperties operation on Properties to stop notifications from all Properties in a single interaction. |
queryallactions | Identifies the queryallactions operation on a Thing to get the status of all Actions in a single interaction. |
subscribeallevents | Identifies the subscribeallevents operation on Events to subscribe to notifications from all Events in a single interaction. |
unsubscribeallevents | Identifies the unsubscribeallevents operation on Events to unsubscribe from notifications from all Events in a single interaction. |
A Thing Description of a WoT producer may have multiple forms entries with, e.g., different protocol and/or content types declarations that a Consumer could possibly support. In that case the Consumer may choose any form entry that works (e.g., the protocol and content type is supported) for them. When one form is chosen, it is expected that the Consumer will continue to use it as long as possible for every new interaction with the WoT producer .
This section is non-normative.
Protocols
that
can
be
used
with
TDs
follow
request-response
or
eventing
mechanisms.
The
Data
Schema
of
an
affordance
generally
correlates
with
the
op
keywords
used
in
forms
.
The
table
below
informatively
summarizes
the
available
data
schema
related
terms
with
the
op
keywords.
Operation Type | Consumer to Thing DataSchema Correlation | Thing to Consumer DataSchema Correlation |
---|---|---|
readproperty | No correlation. |
All
fields
in
the
Property
Affordance
without
"writeOnly":true
. |
writeproperty |
All
fields
in
the
Property
Affordance
without
"readOnly":true
. |
No
correlation.
additionalResponses
can
be
used
in
the
form
level.
|
observeproperty | No correlation. |
All
fields
in
the
Property
Affordance
without
"writeOnly":true
. |
unobserveproperty | No correlation. | No correlation. |
invokeaction |
Value
of
the
input
key.
|
Value
of
the
output
key.
|
queryaction | No correlation. |
No
correlation.
additionalResponses
can
be
used
in
the
form
level.
|
cancelaction | No correlation. |
No
correlation.
additionalResponses
can
be
used
in
the
form
level.
|
subscribeevent |
Value
of
the
subscription
key
with
all
fields
without
"readOnly":true
|
Value
of
the
subscription
key
with
all
fields
without
"writeOnly":true
|
unsubscribeevent |
Value
of
the
subscription
key
with
all
fields
without
"readOnly":true
|
Value
of
the
subscription
key
with
all
fields
without
"writeOnly":true
|
Writing to a property does not necessarily mean that a new value will be sent to the Consumer observing the property. It depends on the protocol and implementation.
Further
specification
of
how
to
map
operations
to
data
schemas,
as
well
as
mapping
meta
operations
such
as
readallproperties
can
be
found
in
the
respective
protocol
specification
of
the
[
WOT-BINDING-TEMPLATES
].
The
optional
response
name-value
pair
can
be
used
to
provide
metadata
for
the
expected
response
message.
With
the
core
vocabulary,
it
only
includes
content
type
information,
but
TD
Context
Extensions
could
be
applied.
If
no
response
name-value
pair
is
provided,
it
MUST
be
assumed
that
the
content
type
of
the
response
is
equal
to
the
content
type
assigned
to
the
Form
instance.
Note
that
contentType
within
an
ExpectedResponse
Class
does
not
have
a
Default
Value
.
For
instance,
if
the
value
of
the
content
type
of
the
form
is
application/xml
the
assumed
value
of
the
content
type
of
the
response
will
be
also
application/xml
.
In
some
cases
additional
responses
might
be
possible.
One
example
of
this
is
error
responses
but
in
some
cases
there
might
also
be
additional
successful
responses.
In
this
case,
the
response
name-value
pair
is
still
used
for
the
primary
response
but
additionalResponses
may
also
be
provided,
whose
value
is
an
array
of
AdditionalExpectedResponse
objects.
Each
additional
response
must
be
distinguished
in
some
way
from
the
primary
response,
either
by
contentType
or
by
protocol-specific
settings
such
as
error
code
header
values.
Each
additional
response
may
also
have
a
data
schema
which
can
differ
from
the
normal
output
data
schema
for
the
interaction.
In
some
use
cases,
input
and
output
data
might
be
represented
in
a
different
form,
for
instance
an
Action
that
accepts
JSON,
but
returns
an
image.
In
such
a
case,
the
optional
response
name-value
pair
can
describe
the
content
type
of
the
expected
response.
If
the
content
type
of
the
expected
response
differs
from
the
content
type
of
the
form,
the
Form
instance
MUST
include
a
name-value
pair
with
the
name
response
.
For
instance,
an
ActionAffordance
could
only
accept
application/json
for
its
input
data,
while
it
will
respond
with
an
image/jpeg
content
type
for
its
output
data.
In
that
case
the
content
types
differ
and
the
response
name-value
pair
has
to
be
used
to
provide
response
content
type
(
image/jpeg
)
information
to
the
Consumer
.
Similar
considerations
apply
to
additional
responses,
although
in
this
case
the
contentType
is
optional
if
it
is
the
same
as
the
input
content
Type
(e.g.
JSON).
If
the
content
type
of
an
additional
expected
response
differs
from
the
content
type
of
the
form,
the
Form
instance
MUST
include
an
entry
in
the
array
associated
with
the
name
additionalResponses
that
includes
a
value
for
the
name
contentType
.
If
the
data
schema
of
an
additional
expected
response
differs
from
the
output
data
schema
of
the
interaction,
the
Form
instance
MUST
include
an
entry
in
the
array
associated
with
the
name
additionalResponses
that
includes
a
value
for
the
name
schema
.
The different cases on the variation of request and response are explained above. The tables at C. contentType usage in Thing Descriptions summarize these cases in a concise manner.
Communication metadata describing the expected response message for the primary response.
Vocabulary term | Description | Assignment | Type |
---|---|---|---|
contentType
|
Assign
a
content
type
based
on
a
media
type
(e.g.,
text/plain
)
and
potential
parameters
(e.g.,
charset=utf-8
)
for
the
media
type
[
RFC2046
].
| mandatory |
string
|
Communication metadata describing the expected response message for additional responses.
Vocabulary term | Description | Assignment | Type |
---|---|---|---|
success
| Signals if an additional response should not be considered an error. | with default |
boolean
|
contentType
|
Assign
a
content
type
based
on
a
media
type
(e.g.,
text/plain
)
and
potential
parameters
(e.g.,
charset=utf-8
)
for
the
media
type
[
RFC2046
].
| with default |
string
|
schema
|
Used
to
define
the
output
data
schema
for
an
additional
response
if
it
differs
from
the
default
output
data
schema.
Rather
than
a
DataSchema
object,
the
name
of
a
previous
definition
given
in
a
schemaDefinitions
map
must
be
used.
| optional |
string
|
When assignments in a TD are missing, a TD Processor MUST follow the Default Value assignments expressed in the table of Default Value Definitions .
The following table gives all Default Values defined in the TD Information Model .
Class | Vocabulary Term | Default Value | Comment |
---|---|---|---|
PropertyAffordance
|
readOnly
|
false
|
The
default
value
for
this
vocabulary
term
applies
only
to
the
PropertyAffordance
level
definition.
In
other
contexts,
such
as
DataSchema
definitions,
the
vocabulary
term
is
optional.
|
PropertyAffordance
|
writeOnly
|
false
|
The
default
value
for
this
vocabulary
term
applies
only
to
the
PropertyAffordance
level
definition.
In
other
contexts,
such
as
DataSchema
definitions,
the
vocabulary
term
is
optional.
|
PropertyAffordance
|
observable
|
false
| |
ActionAffordance
|
safe
|
false
| |
ActionAffordance
|
idempotent
|
false
| |
AdditionalExpectedResponse
|
success
|
false
| |
AdditionalExpectedResponse
|
contentType
|
value
of
the
contentType
of
the
Form
element
it
belongs
to.
| |
Form
|
contentType
|
application/json
| |
Form
|
op
|
Array
of
string
with
the
elements
readproperty
and
writeproperty
when
readOnly
and
writeOnly
are
set
to
false
or
Array
of
string
with
the
element
readproperty
when
readOnly
is
set
to
true
or
Array
of
string
with
the
element
writeproperty
when
writeOnly
is
set
to
true
. |
If
defined
within
an
instance
of
PropertyAffordance
|
Form
|
op
|
invokeaction
|
If
defined
within
an
instance
of
ActionAffordance
|
Form
|
op
|
Array
of
string
with
the
elements
subscribeevent
and
unsubscribeevent
|
If
defined
within
an
instance
of
EventAffordance
|
BasicSecurityScheme
|
in
|
header
| |
DigestSecurityScheme
|
in
|
header
| |
DigestSecurityScheme
|
qop
|
auth
| |
APIKeySecurityScheme
|
in
|
query
| |
BearerSecurityScheme
|
in
|
header
| |
BearerSecurityScheme
|
alg
|
ES256
| |
BearerSecurityScheme
|
format
|
jwt
|
WoT
Thing
Descriptions
represent
Things
and
are
modeled
and
structured
based
on
5.
TD
Information
Model
.
This
section
defines
a
JSON-based
representation
format
for
Things
,
a
serialization
of
instances
of
the
Class
Thing
defined
by
the
TD
Information
Model
.
A TD Processor MUST be able to serialize Thing Descriptions into the JSON format [ RFC8259 ] and/or deserialize Thing Descriptions from that format, according to the rules noted in 6.1 Mapping to JSON Types and 6.3 Information Model Serialization .
The JSON serialization of the TD Information Model is aligned with the syntax of JSON-LD 1.1 [ json-ld11 ] in order to streamline semantic evaluation. Hence, the TD representation format can be processed either as raw JSON or with a JSON-LD 1.1 processor (for details about semantic processing, please refer to D. JSON-LD Context Usage and the documentation under the namespace IRIs, e.g., https://www.w3.org/2019/wot/td ).
In order to support interoperable internationalization, TDs MUST be serialized according to the requirements defined in Section 8.1 of RFC8259 [ RFC8259 ] for open ecosystems. In summary, this requires the following:
The TD Information Model is constructed, so that there is an easy mapping between model Objects and JSON types. Every Class instances maps to a JSON object, where each name-value pair of the Class instance is a member of the JSON object.
Every
Simple
Type
mentioned
in
5.3
Class
Definitions
(i.e.,
string
,
anyURI
,
dateTime
,
integer
,
unsignedInt
,
double
,
and
boolean
)
maps
to
a
primitive
JSON
type
(string,
number,
boolean),
as
per
the
rules
listed
below.
These
rules
apply
to
values
in
name-value
pairs:
string
or
anyURI
MUST
be
serialized
as
JSON
strings.
dateTime
MUST
be
serialized
as
JSON
strings
following
the
"date-time"
format
specified
by
[
RFC3339
].
Examples
would
include
2019-05-24T13:12:45Z
and
2015-07-11T09:32:26+08:00
.
Values
that
are
of
type
dateTime
SHOULD
use
the
literal
Z
representing
the
UTC
time
zone
instead
of
an
offset.
integer
or
unsignedInt
MUST
be
serialized
as
JSON
numbers
without
a
fraction
or
exponent
part.
double
MUST
be
serialized
as
JSON
number.
boolean
MUST
be
serialized
as
JSON
boolean.
Every complex type of the TD Information Model (i.e., Arrays , Maps , and Class instances) maps to a structured JSON type (array and object), as per the rules listed below:
A Thing Description serialization may omit Vocabulary Term for which Default Values are defined, as listed in the table given in 5.4 Default Value Definitions .
The following example shows the TD instance from Example 1 with a checkbox to also include the members with Default Values (=checkbox checked). These members can be omitted (=checkbox unchecked) to simplify the TD serialization. Note that a TD Processor interprets these omitted members identically as if they were explicitly present with a given Default Value .
Please note that, depending on the Protocol Binding used, additional protocol-specific Vocabulary Terms may apply. They may also have associated Default Values , and hence can also be omitted as explained in this subsection. Further information can be found in 8.3 Protocol Bindings .
A
Thing
Description
is
a
data
structure
rooted
at
an
Object
of
type
Thing
.
In
turn,
a
JSON
serialization
of
the
Thing
Description
is
a
JSON
object,
which
is
the
root
of
a
syntax
tree
constructed
from
the
TD
Information
Model
.
The
root
element
of
a
TD Serialization
MUST
be
a
JSON
object
that
includes
a
member
with
the
name
@context
and
a
value
of
type
string
or
array
that
equals
or
respectively
contains
https://www.w3.org/2022/wot/td/v1.1
.
In
general,
this
URI
is
used
to
identify
the
TD
representation
format
version
defined
by
this
specification.
For
JSON-LD
processing
[
json-ld11
],
this
URI
specifies
the
Thing
Description
context
file.
An
@context
of
type
array
indicates
TD
Context
Extensions
(see
7.
TD
Context
Extensions
for
details).
{ "@context":
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1",
// ...
}
All
name-value
pairs
of
an
instance
of
Thing
,
where
the
name
is
a
Vocabulary
Term
in
the
Signature
of
Thing
,
MUST
be
serialized
as
JSON
members
of
the
root
object.
A TD snippet for a serialized root object including all mandatory and optional members is given below:
{ "@context":
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1",
"@type":
"hljs-string">"Thing",
"id":
"hljs-string">"urn:uuid:1b37933b-3212-4dad-9c2c-74c6042c3e2b",
"title":
"hljs-string">"MyThing",
"titles": {
"hljs-comment">/*...*/},
"description":
"hljs-string">"Human readable information.",
"descriptions": {
"hljs-comment">/*...*/},
"support":
"hljs-string">"mailto:support@example.com",
"version": {
"hljs-comment">/*...*/},
"created":
"hljs-string">"2018-11-14T19:10:23.824Z",
"modified":
"hljs-string">"2019-06-01T09:12:43.124Z",
"hljs-attr">"securityDefinitions": {/*...*/},
"security":
"hljs-comment">/*...*/,
"base":
"hljs-string">"https://servient.example.com/",
"properties": {
"hljs-comment">/*...*/},
"actions": {
"hljs-comment">/*...*/},
"events": {
"hljs-comment">/*...*/},
"links": [...], "forms": [...]
}
All
values
assigned
to
version
,
securityDefinitions
,
descriptions
,
schemaDefinitions
,
uriVariables
,
properties
,
actions
,
and
events
in
an
instance
of
the
Class
Thing
MUST
be
serialized
as
JSON
objects.
All
values
assigned
to
links
,
and
forms
in
an
instance
of
the
Class
Thing
MUST
be
serialized
as
JSON
arrays
containing
JSON
objects
as
defined
in
6.3.8
links
and
6.3.9
forms
, respectively.
The
value
assigned
to
security
in
an
instance
of
Class
Thing
MUST
be
serialized
as
JSON string
or
as
JSON
array
whose
elements
are
JSON
strings.
JSON
members
named
title
and
description
are
used
within
a
TD
document
to
provide
human-readable
metadata.
They
can
be
used
as
comments
for
developers
inspecting
a
TD
document
or
as
display
texts
for
user
interface.
As
defined
in
5.3.1.1
Thing
,
the
base
text
direction
used
to
display
human-readable
metadata
can
either
be
estimated
using
heuristics
such
as
the
first-strong
rule
or
inferred
from
language
information.
In
TD
documents
the
default
language
is
defined
by
a
value
assigned
to
@language
in
the
@context
,
and
this,
along
with
a
script
subtag
if
necessary,
can
be
used
to
determine
a
base
text
direction.
However,
when
interpreting
human-readable
text,
each
human-readable
string
value
MUST
be
processed
independently.
In
other
words,
a
TD
Processor
cannot
carry
forward
changes
in
direction
from
one
string
to
another,
or
infer
direction
for
one
string
from
another
one
elsewhere
in
the
TD.
A
TD
snippet
using
title
and
description
is
shown
below.
The
default
language
is
set
to
en
through
the
definition
of
the
@language
member
within
a
JSON
object
in
the
@context
array.
{ "@context": [
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1",
{ "@language": "en" }
],
"title":
"hljs-string">"MyThing",
"description":
"hljs-string">"Human readable information.",
// ... "properties": { "on": { "title":
"hljs-string">"On/Off",
"type":
"hljs-string">"boolean",
"forms": [...]
},
"status": { "title":
"hljs-string">"Status",
"type":
"hljs-string">"object",
// ... "forms": [...]
}
},
// ...
}
Strings
on
the
Web
[
STRING-META
]
recommends
the
use
of
metadata
to
determine
the
base
direction
of
string
values.
Given
that
the
Thing
Description
format
is
based
on
JSON-LD
1.1
[
json-ld11
],
@direction
with
the
string
values
"ltr"
,
"rtl"
and
null
value
null
MAY
be
used
inside
the
@context
to
indicate
the
default
text
direction
for
the
human
readable
strings
in
the
entire
TD
document.
When
metadata
such
as
@direction
is
not
present,
TD
Consumers
SHOULD
use
first-strong
detection
as
a
fallback.
For
the
MultiLanguage
Map
,
TD
Consumers
MAY
infer
the
base
direction
from
the
language
tag
of
the
individual
strings.
The
example
below
illustrates
the
use
of
the
@direction
term.
See
[
json-ld11
]
and
[
string-meta
]
for
more
detailed
information.
{ "@context": [
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1",
{
"@language":
"hljs-string">"ar-EG",
"hljs-attr">"@direction": "rtl"
}
],
"title":
"hljs-string">"شيء يخصني يقيس درجة الحرارة",
"description":
"hljs-string">"شيء يقيس درجة الحرارة و يظهر حالته",
// ... "properties": { "temp": { "title":
"hljs-string">"درجة الحرارة",
"type":
"hljs-string">"boolean",
"forms": [...]
},
"status": { "title":
"hljs-string">"حالة",
"type":
"hljs-string">"object",
// ... "forms": [...]
}
},
// ...
}
The
JSON
members
named
titles
and
descriptions
are
used
within
the
TD
document
to
provide
human-readable
metadata
in
multiple
languages
within
a
single
TD
document.
All
name-value
pairs
of
a
MultiLanguage
Map
MUST
be
serialized
as
members
of
a
JSON
object,
where
the
name
is
a
valid
language
tag
as
defined
by
[
BCP47
]
(also
see
W3C
I18N
Glossary
)
and
the
value
is
a
human-readable
string
in
the
language
indicated
by
the
tag.
See
5.3.1.7
MultiLanguage
for
details.
All
MultiLanguage
object
within
a
TD
document
SHOULD
contain
the
same
set
of
language
members.
A
TD
snippet
using
titles
and
descriptions
at
different
levels
is
given
below:
{ "@context":
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1",
"title":
"hljs-string">"MyThing",
"titles": { "en":
"hljs-string">"MyThing",
"de":
"hljs-string">"MeinDing",
"ja":
"hljs-string">"私の物",
"zh-Hans":
"hljs-string">"我的东西",
"zh-Hant":
"hljs-string">"我的東西"
},
"descriptions": { "en":
"hljs-string">"Human readable information.",
"de":
"hljs-string">"Menschenlesbare Informationen.",
"ja":
"hljs-string">"人間が読むことができる情報",
"zh-Hans":
"hljs-string">"人们可阅读的信息",
"zh-Hant":
"hljs-string">"人們可閱讀的資訊"
},
// ... "properties": { "on": { "titles": { "en":
"hljs-string">"On/Off",
"de":
"hljs-string">"An/Aus",
"ja":
"hljs-string">"オンオフ",
"hljs-attr">"zh-Hans": "开关",
"hljs-attr">"zh-Hant": "開關" },
"type":
"hljs-string">"boolean",
"forms": [...]
},
"status": { "titles": { "en":
"hljs-string">"Status",
"de":
"hljs-string">"Zustand",
"ja":
"hljs-string">"状態",
"hljs-attr">"zh-Hans": "状态",
"hljs-attr">"zh-Hant": "狀態" },
"type":
"hljs-string">"object",
// ... "forms": [...]
}
},
// ...
}
TD
instances
may
also
combine
the
use
of
title
and
description
with
titles
and
descriptions
.
When
title
and
titles
or
description
and
descriptions
are
present
within
the
same
JSON
object,
the
values
of
title
and
description
MAY
be
seen
as
the
default
text.
When
title
and
titles
or
description
and
descriptions
are
present
in
a
TD
document,
each
title
and
description
member
SHOULD
have
a
corresponding
titles
and
descriptions
member,
respectively.
The
language
of
the
default
text
is
indicated
by
the
default
language,
which
is
usually
set
by
the
creator
of
the
Thing
Description
instance.
{ "@context": [
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1",
{ "@language": "de" }
],
"title":
"hljs-string">"MeinDing",
"titles": { "en":
"hljs-string">"MyThing",
"de":
"hljs-string">"MeinDing",
"ja":
"hljs-string">"私の物",
"zh-Hans":
"hljs-string">"我的东西",
"zh-Hant":
"hljs-string">"我的東西"
},
"description":
"hljs-string">"Menschenlesbare Informationen.",
"descriptions": { "en":
"hljs-string">"Human readable information.",
"de":
"hljs-string">"Menschenlesbare Informationen.",
"ja":
"hljs-string">"人間が読むことができる情報",
"zh-Hans":
"hljs-string">"人们可阅读的信息",
"zh-Hant":
"hljs-string">"人們可閱讀的資訊"
},
// ... "properties": { "on": { "title":
"hljs-string">"An/Aus",
"titles": { "en":
"hljs-string">"On/Off",
"de":
"hljs-string">"An/Aus",
"ja":
"hljs-string">"オンオフ",
"hljs-attr">"zh-Hans": "开关",
"hljs-attr">"zh-Hant": "開關" },
"type":
"hljs-string">"boolean",
"forms": [...]
},
"status": { "title":
"hljs-string">"Zustand",
"titles": { "en":
"hljs-string">"Status",
"de":
"hljs-string">"Zustand",
"ja":
"hljs-string">"状態",
"hljs-attr">"zh-Hans": "状态",
"hljs-attr">"zh-Hant": "狀態" },
"type":
"hljs-string">"object",
// ... "forms": [...]
}
},
// ...
}
Another
possibility
to
set
the
default
language
is
through
a
language
negotiation
mechanism,
such
as
the
Accept-Language
header
field
of
HTTP.
In
cases
where
the
default
language
has
been
negotiated,
an
@language
member
MUST
be
present
to
indicate
the
result
of
the
negotiation
and
the
corresponding
default
language
of
the
returned
content.
When
the
default
language
has
been
negotiated
successfully,
TD
documents
SHOULD
include
the
appropriate
matching
values
for
the
members
title
and
description
in
preference
to
MultiLanguage
objects
in
titles
and
descriptions
members.
Note
however
that
Things
MAY
choose
to
not
support
such
dynamically-generated
TDs
nor
to
support
language
negotiation
(e.g.,
because
of
resource
constraints).
There is no guarantee that strings in TDs will be displayed in an HTML rendering context. In fact, to mitigate the XSS security risk described in 10.5 Script Injection , HTML tags embedded in strings sourced from TDs should be sanitized (and so not interpreted as HTML) in applications embedding these strings in web pages or web applications. Therefore HTML embedded in strings is not an appropriate mechanism for specifying text rendering direction.
All
name-value
pairs
of
an
instance
of
VersionInfo
,
where
the
name
is
a
Vocabulary
Term
included
in
the
Signature
of
VersionInfo
,
MUST
be
serialized
as
JSON
members
with
the
Vocabulary
Term
as
name.
A TD snippet of a version information object is given below:
{ // ... "version": {
"hljs-attr">"instance": "1.2.1" },
// ...
}
The
version
member
is
intended
as
container
for
additional
application-
and/or
device-specific
version
information
based
on
TD
Context
Extensions
.
See
7.1
Semantic
Annotations
for
details.
In
a
Thing
instance,
the
value
assigned
to
securityDefinitions
is
a
Map
of
instances
of
SecurityScheme
.
All
name-value
pairs
of
a
Map
of
SecurityScheme
instances
MUST
be
serialized
as
members
of
the
JSON
object
that
results
from
serializing
the
Map
;
the
name
of
a
pair
MUST
be
serialized
as
a
JSON
string
and
the
value
of
the
pair,
an
instance
of
SecurityScheme
,
MUST
be
serialized
as
a
JSON
object.
All
name-value
pairs
of
an
instance
of
one
of
the
Subclasses
of
SecurityScheme
,
where
the
name
is
a
Vocabulary
Term
included
in
the
Signature
of
that
Subclass
or
in
the
Signature
of
SecurityScheme
,
MUST
be
serialized
as
members
of
the
JSON
object
that
results
from
serializing
the
SecurityScheme
Subclass
's
instance,
with
the
Vocabulary
Term
as
name.
The
following
TD
snippet
shows
a
simple
security
configuration
specifying
basic
username/password
authentication
in
the
header.
The
value
given
for
in
is
actually
the
Default
Value
(
header
)
and
could
be
omitted.
A
named
security
configuration
(
basic_sc
)
is
given
in
the
securityDefinitions
map.
In
this
example,
that
definition
is
activated
by
including
its
JSON
name
in
the
security
member.
{ // ... "securityDefinitions": { "basic_sc": { "scheme":
"hljs-string">"basic",
"in":
"hljs-string">"header"
}
},
"security":
"hljs-string">"basic_sc",
// ...
}
Security
configuration
in
the
TD
is
mandatory.
At
least
one
security
definition
MUST
be
activated
through
the
security
member
at
the
Thing
level
(i.e.,
in
the
TD
root
object).
This
configuration
can
be
seen
as
the
default
security
mechanism
required
to
interact
with
the
Thing
.
Security
definitions
MAY
also
be
activated
at
the
level
of
the
form
elements
by
including
a
security
member
in
form
objects,
which
overrides
(i.e.,
completely
replace)
all
definitions
activated
at
the
Thing
level
.
The
nosec
security
scheme
is
provided
for
the
case
that
no
security
is
needed.
The
minimal
security
configuration
for
a
Thing
is
activation
of
the
nosec
security
scheme
at
the
Thing
level
,
as
shown
in
the
following
example:
{ "@context":
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1",
"id":
"hljs-string">"urn:uuid:e9ecb6ad-cd4c-481b-96ce-5b4c57ddb844",
"title":
"hljs-string">"MyThing",
"description":
"hljs-string">"Human readable information.",
"support":
"hljs-string">"https://servient.example.com/contact",
"hljs-attr">"securityDefinitions": { "nosec_sc": { "scheme": "nosec" }},
"security":
"hljs-string">"nosec_sc",
"properties": {
"hljs-comment">/*...*/},
"actions": {
"hljs-comment">/*...*/},
"events": {
"hljs-comment">/*...*/},
"links": [
"hljs-comment">/*...*/]
}
To
give
a
more
complex
example,
suppose
we
have
a
Thing
where
all
Interaction
Affordances
require
basic
authentication
except
for
one,
for
which
no
authentication
is
required.
For
the
status
Property
and
the
toggle
Action,
basic
authentication
is
required
and
defined
at
the
Thing
level
.
For
the
overheating
Event,
however,
no
authentication
is
required,
and
hence
the
security
configuration
is
overridden
at
the
form
level.
{ // ... "securityDefinitions": { "basic_sc": {
"hljs-attr">"scheme": "basic"},
"nosec_sc": {
"hljs-attr">"scheme": "nosec"}
},
"security":
"hljs-string">"basic_sc",
// ... "properties": { "status": { // ... "forms": [{ "href":
"hljs-string">"https://mylamp.example.com/status"
}]
}
},
"actions": { "toggle": { // ... "forms": [{ "href":
"hljs-string">"https://mylamp.example.com/toggle"
}]
}
},
"events": { "overheating": { // ... "forms": [{ "href":
"hljs-string">"https://mylamp.example.com/oh",
"hljs-attr">"security": "nosec_sc"
}]
}
}
}
TDs
can
specify
a
combination
of
security
schemes
as
well.
Below
is
a
TD
snippet
showing
digest
authentication
on
a
proxy
combined
with
bearer
token
authentication
on
the
Thing
.
In
the
digest
scheme,
the
Default
Value
of
in
(i.e.,
header
)
is
omitted,
but
still
applies.
Note
that
the
corresponding
private
security
configuration
such
as
username/password
and
tokens
need
to
be
configured
in
the
Consumer
to
interact
successfully.
When
activating
multiple
security
definitions,
the
security
member
becomes
an
array.
{ // ... "securityDefinitions": { "proxy_sc": { "scheme":
"hljs-string">"digest",
"proxy":
"hljs-string">"https://portal.example.com/"
},
"bearer_sc": { "scheme":
"hljs-string">"bearer",
"in":
"hljs-string">"header",
"format":
"hljs-string">"jwt",
"alg":
"hljs-string">"ES256",
"hljs-attr">"authorization": "https://servient.example.com:8443/"
}
},
"security": [
"hljs-string">"proxy_sc", "bearer_sc"],
// ...
}
However,
the
use
of
an
array
with
multiple
elements
to
combine
security
schemes
in
a
security
element
is
now
deprecated,
instead
a
ComboSecurityScheme
SHOULD
be
used.
In
the
following
example,
which
is
exactly
equivalent
to
the
one
above,
this
is
demonstrated:
{ // ... "securityDefinitions": { "proxy_sc": { "scheme":
"hljs-string">"digest",
"proxy":
"hljs-string">"https://portal.example.com/"
},
"bearer_sc": { "scheme":
"hljs-string">"bearer",
"in":
"hljs-string">"header",
"format":
"hljs-string">"jwt",
"alg":
"hljs-string">"ES256",
"hljs-attr">"authorization": "https://servient.example.com:8443/"
},
"combo_sc": { "scheme":
"hljs-string">"combo",
"allOf": [
"hljs-string">"proxy_sc", "bearer_sc"]
}
},
"security":
"hljs-string">"combo_sc",
// ...
}
Security
configurations
can
also
be
specified
for
different
forms
within
the
same
Interaction
Affordance
.
This
may
be
required
for
devices
that
support
multiple
protocols,
for
example
HTTP
and
CoAP
[
RFC7252
],
which
support
different
security
mechanisms.
This
is
also
useful
when
alternative
authentication
mechanisms
are
allowed.
Here
is
a
TD
snippet
demonstrating
three
possible
ways
to
activate
a
Property
affordance:
via
HTTPS
with
basic
authentication,
with
digest
authentication,
with
bearer
token
authentication.
In
other
words,
the
use
of
different
security
configurations
within
multiple
forms
provides
a
way
to
combine
security
mechanisms
in
an
"OR"
fashion.
In
contrast,
putting
multiple
security
configurations
in
the
same
security
member
combines
them
in
an
"AND"
fashion,
since
in
that
case
they
would
all
need
to
be
satisfied
to
allow
activation
of
the
Interaction
Affordance
.
Note
that
activating
one
(default)
configuration
at
the
Thing
level
is
still
mandatory.
{ // ... "securityDefinitions": { "basic_sc": {
"hljs-attr">"scheme": "basic" },
"digest_sc": {
"hljs-attr">"scheme": "digest" },
"bearer_sc": {
"hljs-attr">"scheme": "bearer" }
},
"security":
"hljs-string">"basic_sc",
// ... "properties": { "status": { // ... "forms": [{ "href":
"hljs-string">"https://mylamp.example.com/status"
}, {
"href":
"hljs-string">"https://mylamp.example.com/status",
"hljs-attr">"security": "digest_sc"
}, {
"href":
"hljs-string">"https://mylamp.example.com/status",
"hljs-attr">"security": "bearer_sc"
}]
}
},
// ...
}
To
avoid
redundancy
in
this
case,
e.g.
repeating
the
details
of
the
form
elements,
a
ComboSecurityScheme
with
oneOf
can
be
used
instead.
{ // ... "securityDefinitions": { "basic_sc": {
"hljs-attr">"scheme": "basic" },
"digest_sc": {
"hljs-attr">"scheme": "digest" },
"bearer_sc": {
"hljs-attr">"scheme": "bearer" },
"combo_sc": { "scheme":
"hljs-string">"combo",
"oneOf": [
"hljs-string">"basic_sc", "digest_sc", "bearer_sc" ]
}
},
"security":
"hljs-string">"combo_sc",
// ... "properties": { "status": { // ... "forms": [{ "href":
"hljs-string">"https://mylamp.example.com/status"
}]
}
},
// ...
}
As
another
more
complex
example,
OAuth
2.0
makes
use
of
scopes.
These
are
identifiers
that
may
appear
in
tokens
and
must
match
with
corresponding
identifiers
in
a
resource
to
allow
access
to
that
resource
(or
Interaction
Affordance
in
the
case
of
W3C
WoT).
For
example,
in
the
following,
the
status
Property
can
be
read
by
Consumers
using
bearer
tokens
containing
the
scope
limited
,
but
the
configure
Action
can
only
be
invoked
with
a
token
containing
the
special
scope.
Scopes
are
not
identical
to
roles,
but
are
often
associated
with
them;
for
example,
perhaps
only
those
in
an
administrative
role
are
authorized
to
perform
"special"
interactions.
Tokens
can
have
more
than
one
scope
and
are
issued
by
dedicated
web
services
to
users.
In
this
example,
an
administrator
could
be
issued
tokens
with
both
the
limited
and
special
scopes,
while
ordinary
users
could
be
provided
with
tokens
with
the
limited
scope.
{ // ... "securityDefinitions": { "oauth2_sc": { "scheme":
"hljs-string">"oauth2",
"flow":
"hljs-string">"client",
"token":
"hljs-string">"https://example.com/token",
"scopes": [
"hljs-string">"limited", "special"]
}
},
"security":
"hljs-string">"oauth2_sc",
// ... "properties": { "status": { // ... "forms": [{ "href":
"hljs-string">"https://scopes.example.com/status",
"hljs-attr">"scopes": ["limited"]
}]
}
},
"actions": { "configure": { // ... "forms": [{ "href":
"hljs-string">"https://scopes.example.com/configure",
"hljs-attr">"scopes": ["special"]
}]
}
},
// ...
}
A Thing can require an onboarding process that results in the Consumer requiring an API key to interact with the Thing. This API key can be included in the request to the Thing in different ways as the API key scheme specifies. Below is an example of how it can be used as a URI template where the API key should be replaced in the URI by the Consumer when sending an HTTPS request.
{ // ... "securityDefinitions": { "apikey_key": { "scheme":
"hljs-string">"apikey",
"in":
"hljs-string">"uri",
"name":
"hljs-string">"adminKey"
}
},
"security":
"hljs-string">"apikey_key",
"properties": { "status": { // ... "forms": [{ "href":
"hljs-string">"https://example.com/{adminKey}/status",
// ...
}]
}
},
// ...
}
To
give
another
example
of
the
use
of
the
ComboSecurityScheme
in
addition
to
the
use
of
URI
templates
example
shown
above,
suppose
there
is
a
security
scheme
where
a
client
ID
and
a
"secret"
key
provided
by
a
cloud
service
provider
must
both
be
embedded
in
the
URL.
Technically,
only
the
key
is
actually
secret
and
must
be
handled
out-of-band,
and
the
client
ID,
which
is
not
secret,
could
be
embedded
in
the
TD.
However,
if
the
client
ID
cannot
be
easily
rotated
we
may
want
to
avoid
embedding
it
in
the
TD
to
enhance
privacy.
In
this
case
we
can
combine
two
instances
of
APIKeySecurityScheme
,
both
using
the
uri
value
for
the
in
location
specifier,
to
declare
two
URI
variables.
These
can
then
(in
fact,
they
must)
be
used
in
the
href
in
a
Form
where
the
security
scheme
is
active.
An
example
follows:
{ // ... "securityDefinitions": { "apikey_key": { "scheme":
"hljs-string">"apikey",
"in":
"hljs-string">"uri",
"name":
"hljs-string">"secKey"
},
"apikey_id": { "scheme":
"hljs-string">"apikey",
"in":
"hljs-string">"uri",
"name":
"hljs-string">"secClientID"
},
"apikey_combo": { "scheme":
"hljs-string">"combo",
"allOf": [
"hljs-string">"apikey_key","apikey_id"]
}
},
"security":
"hljs-string">"apikey_combo",
// ... "properties": { "status": { // ... "forms": [{ "href":
"hljs-string">"https://example.com/{secClientID}/status/{secKey}",
// ...
}]
}
},
// ...
}
While
not
shown
in
this
example,
it
is
legal
to
declare
additional
URI
template
variables
using
uriVariables
and
include
them
in
the
same
URI
template,
although
the
names
cannot
conflict
with
those
declared
in
security
schemes.
Using
a
specific
prefix
as
in
the
above
example
for
URI
variables
declared
in
security
schemes
can
make
it
easier
to
avoid
name
conflicts.
API
Key
in
Body:
Security
parameters
might
also
be
included
along
with
the
payload
in
some
systems.
For
example,
suppose
a
system
requires
every
payload
to
be
a
JSON
object
including
a
member
named
auth
whose
value
is
an
object
containing
a
member
called
key
containing
an
access
key.
Depending
on
the
interaction,
however,
other
elements
of
the
JSON
object
might
vary.
This
situation
can
be
dealt
with
using
the
body
security
information
location.
Note
that
for
this
location,
the
name
parameter
is
actually
a
JSON
pointer
evaluated
relative
to
the
root
of
the
DataSchema
for
each
interaction
it
is
bound
with,
which
allows
it
to
be
used
with
payloads
that
vary
in
other
respects.
As
an
example,
here
is
a
light
that
has
a
property
to
set
its
brightness
and
color
and
two
separate
actions
to
turn
it
on
and
off.
Although
the
JSON
payloads
are
different
for
these
actions
the
/auth/key
element
occurs
in
the
same
relative
location
so
single
JSON
pointer
can
be
used.
Note:
if
the
security
key
occurs
in
different
inconsistent
locations,
it
will
be
necessary
to
use
multiple
security
scheme
definitions.
{ // ... "securityDefinitions": { "apikey_body": { "scheme":
"hljs-string">"apikey",
"in":
"hljs-string">"body",
"name":
"hljs-string">"/auth/key"
}
},
"security":
"hljs-string">"apikey_body",
// ... "properties": { "color": { // ... "type":
"hljs-string">"object",
"properties": { "brightness": {
"hljs-attr">"type": "number",
// ...
},
"rgb": {
"hljs-attr">"type": "array",
// ...
},
"auth": {
"hljs-attr">"type": "object",
"properties": { "key": {
"hljs-attr">"type": "string"
}
},
"hljs-attr">"required": ["key"]
}
},
"hljs-attr">"required": ["brightness", "rgb", "auth"],
"forms": [{ "href":
"hljs-string">"https://example.com/color",
// ...
}]
}
},
"action": { "on": { // ... "input": { "auth": {
"hljs-attr">"type": "object",
"properties": { "key": {
"hljs-attr">"type": "string"
}
},
"hljs-attr">"required": ["key"]
}
},
"hljs-attr">"required": ["auth"],
"forms": [{ "href":
"hljs-string">"https://example.com/on",
// ...
}]
},
"off": { // ... "input": { "auth": {
"hljs-attr">"type": "object",
"properties": { "key": {
"hljs-attr">"type": "string"
}
},
"hljs-attr">"required": ["key"]
}
},
"hljs-attr">"required": ["auth"],
"forms": [{ "href":
"hljs-string">"https://example.com/off",
// ...
}]
}
},
// ...
}
body
location
will
be
automatically
inserted
if
it
does
not
exist.
In
this
case
the
above
example
can
be
simplified
to
the
following.
Note
that
in
fact
a
data
schema
will
effectively
be
created
for
the
actions
on
and
off
to
hold
just
the
security
information.
{ // ... "securityDefinitions": { "apikey_body": { "scheme":
"hljs-string">"apikey",
"in":
"hljs-string">"body",
"name":
"hljs-string">"/auth/key"
}
},
"security":
"hljs-string">"apikey_body",
// ... "properties": { "color": { // ... "type":
"hljs-string">"object",
"properties": { "brightness": {
"hljs-attr">"type": "number",
// ...
},
"rgb": {
"hljs-attr">"type": "array",
// ...
}
},
"hljs-attr">"required": ["brightness", "rgb"],
"forms": [{ "href":
"hljs-string">"https://example.com/color",
// ...
}]
}
},
"action": { "on": { // ...
"hljs-attr">"required": ["auth"],
"forms": [{ "href":
"hljs-string">"https://example.com/on",
// ...
}]
},
"off": { // ... "forms": [{ "href":
"hljs-string">"https://example.com/off",
// ...
}]
}
},
// ...
}
The
value
assigned
to
properties
in
a
Thing
instance
is
a
Map
of
instances
of
PropertyAffordance
.
All
name-value
pairs
of
a
Map
of
PropertyAffordance
instances
MUST
be
serialized
as
members
of
the
JSON
object
that
results
from
serializing
the
Map
;
the
name
of
a
pair
MUST
be
serialized
as
a
JSON
string
and
the
value
of
the
pair,
an
instance
of
PropertyAffordance
,
MUST
be
serialized
as
a
JSON
object.
All
name-value
pairs
of
an
instance
of
PropertyAffordance
,
where
the
name
is
a
Vocabulary
Term
included
in
(one
of)
the
Signatures
of
PropertyAffordance
,
InteractionAffordance
,
or
DataSchema
,
MUST
be
serialized
as
members
of
the
JSON
object
that
results
from
serializing
the
PropertyAffordance
instance,
with
the
Vocabulary
Term
as
name.
See
6.3.10
Data
Schemas
for
details
on
serializing
DataSchema
instances.
The
value
assigned
to
forms
in
an
instance
of
PropertyAffordance
MUST
be
serialized
as
a
JSON
array
containing
one
or
more
JSON
object
serializations
as
defined
in
6.3.9
forms
.
A snippet for two Property affordances is given below:
In
a
Thing
instance,
the
value
assigned
to
actions
is
a
Map
of
instances
of
ActionAffordance
.
All
name-value
pairs
of
a
Map
of
ActionAffordance
instances
MUST
be
serialized
as
members
of
the
JSON
object
that
results
from
serializing
the
Map
;
the
name
of
a
pair
MUST
be
serialized
as
a
JSON
string
and
the
value
of
the
pair,
an
instance
of
ActionAffordance
,
MUST
be
serialized
as
a
JSON
object.
All
name-value
pairs
of
an
instance
of
ActionAffordance
,
where
the
name
is
a
Vocabulary
Term
included
in
(one
of)
the
Signatures
of
ActionAffordance
or
InteractionAffordance
,
MUST
be
serialized
as
members
of
the
JSON
object
that
results
from
serializing
the
ActionAffordance
instance,
with
the
Vocabulary
Term
as
name.
The
values
assigned
to
input
and
output
in
an
instance
of
ActionAffordance
MUST
be
serialized
as
JSON
objects.
They
rely
on
the
Class
DataSchema
,
whose
serialization
is
defined
in
6.3.10
Data
Schemas
.
The
value
assigned
to
forms
in
an
instance
of
ActionAffordance
MUST
be
serialized
as
a
JSON
array
containing
one
or
more
JSON
object
serializations
as
defined
in
6.3.9
forms
.
A TD snippet of an Action affordance is given below:
In
a
Thing
instance,
the
value
assigned
to
events
is
a
map
of
instances
of
EventAffordance
.
All
name-value
pairs
of
a
Map
of
EventAffordance
instances
MUST
be
serialized
as
members
of
the
JSON
object
that
results
from
serializing
the
Map
;
the
name
of
a
pair
MUST
be
serialized
as
a
JSON
string
and
the
value
of
the
pair,
an
instance
of
EventAffordance
,
MUST
be
serialized
as
a
JSON
object.
All
name-value
pairs
of
an
instance
of
EventAffordance
,
where
the
name
is
a
Vocabulary
Term
included
in
(one
of)
the
Signatures
of
EventAffordance
or
InteractionAffordance
,
MUST
be
serialized
as
members
of
the
JSON
object
that
results
from
serializing
the
EventAffordance
instance,
with
the
Vocabulary
Term
as
name.
The
values
assigned
to
subscription
,
data
,
and
cancellation
in
an
instance
of
EventAffordance
MUST
be
serialized
as
JSON
objects.
They
rely
on
the
Class
DataSchema
,
whose
serialization
is
defined
in
6.3.10
Data
Schemas
.
The
value
assigned
to
forms
in
an
instance
of
EventAffordance
MUST
be
serialized
as
a
JSON
array
containing
one
or
more
JSON
object
serializations
as
defined
in
6.3.9
forms
.
A TD snippet of an Event object is given below:
Event
affordances
have
been
defined
in
a
flexible
manner,
in
order
to
adopt
existing
(e.g.,
WebSub
[
websub
])
or
customer-oriented
event
mechanisms
(e.g.,
Webhooks).
For
this
reason,
subscription
and
cancellation
can
be
defined
according
to
the
desired
mechanism.
Please
find
further
details
in
[
WOT-BINDING-TEMPLATES
].
Example
A.3
Webhook
Event
Example
illustrates
how
Events
can
use
subscription
and
cancellation
to
describe
Webhooks.
All
name-value
pairs
of
an
instance
of
Link
,
where
the
name
is
a
Vocabulary
Term
included
in
the
Signature
of
Link
,
MUST
be
serialized
as
members
of
the
JSON
object
that
results
from
serializing
the
Link
instance,
with
the
Vocabulary
Term
as
name.
It
is
recommended
to
follow
the
link
relation
values
as
provided
in
Section
5.3.4.1
Link
.
The
examples
provided
below
demonstrate
the
use
of
different
link
relation
types.
A
reference
can
be
provided
that
points
to
a
Thing
(e.g.,
a
controller)
that
controls
the
underlying
unit
(e.g.,
a
lamp).
For
this
controlledBy
can
be
used:
To
point
to
a
developer
documentation
of
a
Thing
the
value
service-doc
can
be
used:
{ // ... "links": [{ "rel":
"hljs-string">"service-doc",
"href":
"hljs-string">"https://example.com/howTo",
"type":
"hljs-string">"application/pdf",
"hreflang":
"hljs-string">"en"
}]
// ...
}
A
superordinate
Thing
can
collect
a
group
of
Things
and
refer
to
them
by
using
the
item
value:
{ "title":
"hljs-string">"Electric Drive",
// ... "links": [{ "rel":
"hljs-string">"item",
"href":
"hljs-string">"coaps://motor1.example.com",
"type":
"hljs-string">" application/td+json"
},
{
"rel":
"hljs-string">"item",
"href":
"hljs-string">"coaps://motor2.example.com",
"type":
"hljs-string">" application/td+json"
}]
// ...
}
A
Thing
refers
to
a
group
in
which
it
is
collected
with
the
collection
value:
{ "title":
"hljs-string">"Electric Motor 1",
"base":
"hljs-string">"coaps://motor1.example.com",
// ... "links": [{ "rel":
"hljs-string">"collection",
"href":
"hljs-string">"coaps://drive.example.com",
"type":
"hljs-string">" application/td+json"
}]
// ...
}
All
name-value
pairs
of
an
instance
of
Form
,
where
the
name
is
a
Vocabulary
Term
included
in
the
Signature
of
Form
,
MUST
be
serialized
as
members
of
the
JSON
object
that
results
from
serializing
the
Form
instance,
with
the
Vocabulary
Term
as
name.
If required, form objects MAY be supplemented with protocol-specific Vocabulary Terms identified with a prefix. See also 8.3 Protocol Bindings .
A
TD
snippet
of
a
form
object
in
the
forms
array
is
given
below:
href
may
also
carry
a
URI
that
contains
dynamic
variables
such
as
lat
and
lon
in
http://example.org/weather/?lat=35&lon=139
.
In
that
case
the
URI
can
be
defined
as
template
as
defined
in
[
RFC6570
]:
http://example.org/weather/{?lat,long}
.
In
such
a
case,
the
URI
Template
variables
MUST
be
collected
in
the
JSON-object
based
uriVariables
member
either
in
the
Thing
level
or
in
Interaction
Affordance
level
with
the
associated
(unique)
variable
names
as
JSON
names.
The
serialization
of
each
value
in
the
map
assigned
to
uriVariables
in
an
instance
of
Form
MUST
rely
on
the
Class
DataSchema
,
whose
serialization
is
defined
in
6.3.10
Data
Schemas
.
A
TD
snippet
using
a
URI
Template
for
query
parameters
and
uriVariables
in
the
Interaction
Affordance
level
is
given
below:
{ "@context":
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1",
// ... "properties": { "weather": { // ... "uriVariables": { "lat": {
"hljs-attr">"type": "number",
"hljs-attr">"minimum": 0,
"hljs-attr">"maximum": 90,
"hljs-attr">"description": "Latitude for the desired location in the world" },
"long": {
"hljs-attr">"type": "number",
"hljs-attr">"minimum": -180,
"hljs-attr">"maximum": 180,
"hljs-attr">"description": "Longitude for the desired location in the world" }
},
"forms": [{ "href":
"hljs-string">"http://example.org/weather/{?lat,long}",
"hljs-attr">"htv:methodName": "GET"
}]
},
// ...
},
// ...
}
Alternatively,
as
defined
in
[
RFC6570
],
uriVariables
can
be
used
for
replacing
the
href
structure.
An
example
TD
is
provided
below
where
a
valid
request
to
get
the
forecast
of
Bogota,
Colombia
would
be
an
HTTP
GET
request
to
http://example.org/weather/bogota
:
{ "@context":
"hljs-string">"http://www.w3.org/2022/wot/td/v1.1",
// ... "properties": { "weather": { // ... "uriVariables": { "city": {
"hljs-attr">"type": "string",
"hljs-attr">"description": "City name to find the weather information for"
}
},
"forms": [{ "href":
"hljs-string">"http://example.org/weather/{city}",
"hljs-attr">"htv:methodName": "GET"
}]
},
// ...
},
// ...
}
The
two
examples
below
can
be
also
combined,
while
using
the
same
uriVariables
feature.
An
HTTP
GET
request
to
http://example.org/weather/bogota/?unit=Celsius
can
be
described
as
follows:
{ "@context":
"hljs-string">"http://www.w3.org/2022/wot/td/v1.1",
// ... "properties": { "weather": { // ... "uriVariables": { "city": {
"hljs-attr">"type": "string",
"hljs-attr">"description": "City name to find the weather information for"
},
"unit": {
"hljs-attr">"type": "string",
"hljs-attr">"enum": ["fahrenheit_value","celsius_value"],
"hljs-attr">"description": "Desired unit for the temperature value"
}
},
"forms": [{ "href":
"hljs-string">"http://example.org/weather/{city}/{?unit}",
"hljs-attr">"htv:methodName": "GET"
}]
},
// ...
},
// ...
}
uriVariables
are
mainly
for
properties
and
events.
When
retrofitting
an
existing
system,
it
may
be
necessary
to
use
uriVariables
for
actions.
In
general,
it
is
recommended
to
avoid
uriVariables
as
much
as
possible
when
a
new
WoT-based
system
is
designed.
The
contentType
member
is
used
to
assign
a
media
type
[
RFC2046
]
including
media
type
parameters
as
attribute-value
pairs
separated
by
a
;
character.
Example:
{ // ... "contentType":
"hljs-string">"text/plain; charset=utf-8",
// ...
}
In
some
use
cases,
the
form
metadata
of
the
Interaction
Affordance
not
only
describes
the
request,
but
also
provides
metadata
for
the
expected
response.
For
instance,
an
Action
takePhoto
defines
an
input
schema
to
submit
parameter
settings
of
a
camera
(aperture
priority,
timer,
etc.)
using
JSON
for
the
request
payload
(i.e.,
"contentType":
"application/json"
).
The
output
of
this
action
is
the
photo
taken,
which
is
available
in
JPEG
format,
for
example.
In
such
cases,
the
response
member
is
used
to
indicate
the
representation
format
of
the
response
payload
(e.g.,
"contentType":
"image/jpeg"
).
Here
no
output
schema
is
required,
as
the
content
type
fully
specifies
the
representation
format.
If
present,
the
value
assigned
to
response
in
an
instance
of
Form
MUST
be
a
JSON
object.
If
present,
the
response
object
MUST
contain
a
contentType
member
as
defined
in
the
Class
definition
of
ExpectedResponse
.
A
form
snippet
with
the
response
member
is
shown
below
based
on
the
takePhoto
Action
described
above:
{ // ... "actions": { "takePhoto": { // ... "forms": [{ "op":
"hljs-string">"invokeaction",
"href":
"hljs-string">"http://camera.example.com/api/snapshot",
"hljs-attr">"contentType": "application/json",
"response": {
"hljs-attr">"contentType": "image/jpeg"
}
}]
}
},
// ...
}
In
some
cases,
the
message
received
from
the
Thing
as
part
of
an
Interaction
Affordance
can
differ
due
to
different
reasons.
Such
reasons
could
be
error
cases
or
alternative
responses
for
a
valid
response.
In
these
cases,
additionalResponses
terms
can
be
used
to
describe
this
behavior.
For example, an Action Affordance to turn on a car engine may not work in bad weather conditions or in case the engine needs maintenance. In such a case, the Thing needs to reply with payloads that are not usually used.
A
TD
snippet
with
the
additionalResponses
member
in
an
Action
Affordance
is
shown
below.
It
describes
the
case
mentioned
above
when
an
error
response
can
be
sent
with
another
payload
than
what
is
described
in
the
output
.
The
success
with
the
value
false
refers
to
the
fact
that
this
payload
refers
to
an
error
case
and
schema
allows
linking
to
the
payload
description
used
at
schemaDefinitions
:
{ // ... "schemaDefinitions": { "actionErrorPayload": { "type":
"hljs-string">"object",
"properties": { "reason": { "type":
"hljs-string">"string",
"enum": [
"hljs-string">"cold","hot","maintenance"]
},
"timeStamp": {
"hljs-attr">"description": "UNIX time in numbers indicating when the error happened",
"type":
"hljs-string">"number"
}
}
}
},
// ... "actions": { "startEngine": { "output": { "type":
"hljs-string">"string"
},
"forms": [{ "op":
"hljs-string">"invokeaction",
"href":
"hljs-string">"http://mycar.example.com/api/engine",
"hljs-attr">"contentType": "application/json",
"hljs-attr">"additionalResponses": [{
"hljs-attr">"success": false,
"hljs-attr">"contentType": "application/json",
"hljs-attr">"schema": "actionErrorPayload"
}]
}]
}
},
// ...
}
The
additionalResponses
term
can
be
used
in
non-error
cases
as
well.
In
that
case,
success
is
set
to
true
and
another
schema
can
be
used
to
describe
the
payload.
In
some
cases
binary
data
is
embedded
in
text-based
values,
e.g.,
a
JSON
string-based
value
embeds
a
base64
encoded
image.
The
terms
contentMediaType
and
contentEncoding
can
be
used
to
clarify
the
context
and
encoding
format
of
such
name-value
pairs.
A
sample
usage
of
contentMediaType
and
contentEncoding
is
shown
below:
{ // ... "properties": { "image": {
"hljs-attr">"description": "Provides latest image",
"type":
"hljs-string">"string",
"hljs-attr">"contentMediaType": "image/png",
"hljs-attr">"contentEncoding": "base64",
"forms": [{
"hljs-attr">"op": "readproperty",
"hljs-attr">"href": "coaps://mylamp.example.com/lastPicture",
"hljs-attr">"cov:methodName": "GET",
"hljs-attr">"contentType": "application/json"
}]
}
},
// ...
}
When
forms
is
present
at
the
top
level,
it
can
be
used
to
describe
meta
interactions
offered
by
a
Thing
.
For
example,
the
operation
types
readallproperties
and
writeallproperties
are
for
meta
interactions
with
a
Thing
by
which
Consumers
can
read,
write
or
observe
all
properties
at
once.
In
the
example
below,
a
forms
member
is
included
in
the
TD
root
object
and
the
Consumer
can
use
the
submission
target
https://mylamp.example.com/properties
both
to
read
or
write
all
Properties
(i.e.,
on
,
brightness
,
and
timer
)
of
the
Thing
in
a
single
protocol
transaction.
{ // ... "properties": { "on": { "type":
"hljs-string">"boolean",
"forms": [...]
},
"brightness": { "type":
"hljs-string">"number",
"forms": [...]
},
"timer": { "type":
"hljs-string">"integer",
"forms": [...]
}
},
// ... "forms": [{ "op":
"hljs-string">"readallproperties",
"href":
"hljs-string">"https://mylamp.example.com/properties",
"contentType":
"hljs-string">"application/json",
"hljs-attr">"htv:methodName": "GET"
},
{
"op":
"hljs-string">"writeallproperties",
"href":
"hljs-string">"https://mylamp.example.com/properties",
"contentType":
"hljs-string">"application/json",
"hljs-attr">"htv:methodName": "PUT"
}]
}
Thing-level
uriVariables
can
be
used
here
to
supply
further
variables
to
the
operation
or
to
specify
a
list
of
Property
Affordance
names
for
a
readmultipleproperties
operation.
In
the
example
below,
the
unit
for
the
properties
can
be
set
via
such
a
variable
and
the
desired
list
of
properties
can
be
set:
{ // ... "properties": { "temperature": { "type":
"hljs-string">"number",
"forms": [...]
},
"brightness": { "type":
"hljs-string">"number",
"forms": [...]
},
"humidity": { "type":
"hljs-string">"integer",
"forms": [...]
}
},
"uriVariables": { "propertyNames": { "type":
"hljs-string">"string",
"hljs-attr">"description": "Comma separated list of property names to select."
},
"unitSystem": { "type":
"hljs-string">"string",
"enum": [
"hljs-string">"metric_value","imperial_value","uscustomary_value"],
"hljs-attr">"description": "System of Measurement that will be used for the values"
}
},
"forms": [{ "op":
"hljs-string">"readallproperties",
"href":
"hljs-string">"https://mything.example.com/properties{?unitSystem}",
"contentType":
"hljs-string">"application/json",
"hljs-attr">"htv:methodName": "GET"
},
{
"op":
"hljs-string">"readmultipleproperties",
"href":
"hljs-string">"https://mylamp.example.com/properties{?propertyNames,unitSystem}",
"contentType":
"hljs-string">"application/json",
"hljs-attr">"htv:methodName": "GET"
}]
}
For
a
readmultipleproperties
operation,
an
example
HTTP
GET
request
to
the
URI
https://mylamp.example.com/properties?propertyNames=humidity,temperature&unitSystem=metric
would
return
the
values
humidity
and
temperature
Property
Affordances,
with
the
metric
System
of
Measurement.
In
the
case
of
operation
type
writeallproperties
,
it
is
expected
that
the
Consumer
provides
all
writable
(non
readOnly
)
properties
and
the
(new)
assigned
values
(e.g.,
within
payload).
Similarly,
for
the
writemultipleproperties
operation
type,
it
is
expected
that
the
Consumer
provides
writable
(non
readOnly
)
properties.
On
the
Thing
side,
Thing
is
expected
to
return
readable
(non
writeOnly
)
properties
in
the
case
of
readmultipleproperties
and
readallproperties
operation
types.
The
data
schemas
of
the
WoT
Thing
Description
defined
through
the
DataSchema
Class
are
based
on
a
subset
of
the
JSON
Schema
terms
[
JSON-SCHEMA
].
Thus,
serializations
of
the
TD
data
schemas
can
be
fed
directly
into
JSON
Schema
validator
implementations
to
validate
the
data
exchanged
with
Things
.
Data
schema
serialization
applies
to
PropertyAffordance
instances,
the
values
assigned
to
input
and
output
in
ActionAffordance
instances,
the
values
assigned
to
subscription
,
data
,
and
cancellation
in
EventAffordance
instances,
and
the
value
assigned
to
uriVariables
in
instances
of
Subclasses
of
InteractionAffordance
(when
a
form
object
uses
a
URI
Template).
All
name-value
pairs
of
an
instance
of
one
of
the
Subclasses
of
DataSchema
,
where
the
name
is
a
Vocabulary
Term
included
in
the
Signature
of
that
Subclass
or
in
the
Signature
of
DataSchema
,
MUST
be
serialized
as
members
of
the
JSON
object
that
results
from
serializing
the
DataSchema
Subclass
's
instance,
with
the
Vocabulary
Term
as
name.
The
value
assigned
to
properties
in
an
instance
of
ObjectSchema
MUST
be
serialized
as
a
JSON
object.
The
values
assigned
to
enum
,
required
,
and
oneOf
in
an
instance
of
DataSchema
MUST
be
serialized
as
a
JSON
array.
The
value
assigned
to
items
in
an
instance
of
ArraySchema
MUST
be
serialized
as
a
JSON
object
or
a
JSON
array
containing
JSON
objects.
A
TD
snippet
data
schema
members
is
given
below.
Note
that
the
surrounding
object
may
be
a
data
schema
object
(e.g.,
for
input
and
output
)
or
a
Property
object,
which
would
contain
additional
members.
The
terms
readOnly
and
writeOnly
can
be
used
to
signal
which
data
items
are
exchanged
in
read
interactions
(i.e.,
when
reading
a
Property)
and
which
in
write
interactions
(i.e.,
when
writing
a
Property).
This
can
be
used
as
a
workaround
when
Properties
of
an
unconventional
Thing
exhibit
different
data
for
reading
and
writing,
which
can
be
the
case
when
augmenting
an
existing
device
or
service
with
a
Thing
Description.
A
TD
snippet
with
the
usage
of
readOnly
and
writeOnly
is
given
below:
{ // ... "properties": { "status": {
"hljs-attr">"description": "Read or write On/Off status.",
"type":
"hljs-string">"object",
"properties": { "latestStatus": {
"hljs-attr">"type": "string",
"hljs-attr">"enum": ["on_value", "off_value"],
"hljs-attr">"readOnly": true
},
"newStatusValue": {
"hljs-attr">"type": "string",
"hljs-attr">"enum": ["on_value", "off_value"],
"hljs-attr">"writeOnly": true
}
},
"forms": [...]
}
}
// ...
}
When
the
status
Property
is
read,
the
status
data
is
returned
using
a
latestStatus
member
in
the
payload.
To
update
the
status
Property,
the
new
value
must
be
provided
through
a
newStatusValue
member
in
the
payload.
As
an
additional
feature,
a
Thing
Description
instance
allows
the
usage
of
a
unit
member
within
data
schemas.
This
can
be
used
to
associate
a
unit
of
measure
to
a
data
item.
Its
string
value
can
be
selected
freely.
However,
it
is
recommended
to
select
units
defined
in
well-known
Vocabularies
.
See
7.
TD
Context
Extensions
for
an
example.
The
JSON-based
serialization
of
Thing
Descriptions
is
identified
by
the
media
type
application/td+json
or
the
CoAP
Content-Format
ID
432
(see
12.
IANA
Considerations
).
In several contexts automatic validation of a JSON-based serialization of a Thing Description is useful. Formally, a valid TD satisfies all the assertions in this specification, but not all assertions can be validated given only the JSON serialization, for instance, the assertions listed under 8. Behavioral Assertions that relate a TD to the behavior of a Thing that it describes. Extensions are also problematic, in that even if formal metadata is given for validating an extension, dynamically fetching this metadata in a deployment might pose a privacy risk. In this section, therefore, we name and define various levels of validation appropriate for different contexts.
This level of validation includes all assertions implied by normative tables in this document, and those that can be checked by looking only at the TD itself.
Minimal Validation is appropriate where validation needs to be self-contained (e.g. devices on isolated networks). It does not attempt to validate context extensions and vocabularies.
In practice, these assertions can be validated using a JSON Schema in combination with a few spot checks, for example to check that security schema names have matching definitions.
This level of validation includes all those covered by 6.5.1 Minimal Validation as well as basic validation of semantic definitions.
Basic validation is appropriate in situations where network access is possible and does not pose a privacy risk, and for relatively unconstrained computing requirements. It is suitable for gateways, for example, but not for endpoints, since semantic processing is required. It can do basic validation of extensions, specfically that the vocabulary used is defined.
In this case, context definition files and SHACL definitions can be used to validate additional assertions and check TDs for semantic consistency. In addition, if context definitions and SHACL constraints for extension vocabularies can be fetched, then these can be used to validate extensions.
Full validation confirms that all the assertions in this document are satisfied, including the assertions given in 8. Behavioral Assertions that confirm the TD is consistent with the Thing it describes.
This level of validation is appropriate during development, before release, and possibly after installation. Validation during development would have to be on test Things. Actual installation of instances of such Things requires updating the TD with appropriate per-instance identifiers and URLs and so for maximum assurance, in-field validation would have to take place after installation.
This section is non-normative.
In addition to the standard Vocabulary definitions in 5. TD Information Model , the WoT Thing Description offers the possibility to add context knowledge from additional namespaces. This mechanism can be used to enrich the Thing Description instances with additional (e.g., domain-specific) semantics. It can also be used to import additional Protocol Bindings or new security schemes in the future.
For
such
TD
Context
Extensions
,
the
Thing
Descriptions
use
the
@context
mechanism
known
from
JSON-LD
[
json-ld11
].
When
using
TD
Context
Extensions
,
the
value
of
@context
of
the
Class
Thing
is
an
Array
with
additional
elements
of
type
anyURI
identifying
JSON-LD
context
files
or
Map
containing
namespace
IRIs
as
defined
in
5.3.1.1
Thing
.
The
serialization
rules
for
complex
types
in
6.1
Mapping
to
JSON
Types
define
the
serialization
of
an
extended
@context
name-value
pair.
A
snippet
with
TD
Context
Extensions
is
given
below:
{ "@context": [
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1",
{
"eg":
"hljs-string">"http://example.org/iot#",
"cov":
"hljs-string">"http://www.example.org/coap-binding#"
},
"https://schema.org/"
],
// ...
}
TD
Context
Extensions
allow
for
the
use
of
additional
Vocabulary
Terms
in
a
Thing
Description
instance.
If
the
included
namespaces
are
based
on
Class
definitions
such
as
those
provided
by
the
RDF
Schema
or
OWL,
they
can
be
used
to
annotate
any
Class
instance
of
a
Thing
Description
semantically
by
associating
the
instance
to
a
such
an
external
Class
definition.
This
is
done
by
assigning
a
Class
name
to
the
@type
name-value
pair
or
including
Class
name
in
its
Array
value
for
multiple
associations/annotations.
Following
the
serialization
rules
in
6.1
Mapping
to
JSON
Types
,
@type
is
either
serialized
as
a
JSON
string
or
as
a
JSON
array.
@type
is
the
JSON-LD
keyword
[
json-ld11
]
used
to
set
the
type
of
a
node.
TD Context Extensions also allow the inclusion of additional name-value pairs and well-defined values within any Class instance of a Thing Description. These pairs and values are defined through the included Vocabulary Terms and are serialized as additional members in the corresponding JSON objects or values of existing members, respectively. Examples are additional version metadata for the Thing or units of measure for data items.
The next subsections show some sample usage of different kind of ontologies in Thing Descriptions.
The
sample
TD
snippet
below
provides
additional
metadata
terms
from
different
external
context
files
as
provided
in
@context
.
The
version
information
container
is
extended
by
adding
additional
version
information
about
the
used
software
(
s:softwareVersion
).
schema.org
is
used
for
providing
serial
number
and
organisation
information
such
as
the
company
name
of
the
Thing
.
The
SAREF
ontology
is
used
to
provide
a
semantic
context
of
the
Thing
(
saref:TemperatureSensor
),
and
for
the
unit
assignment
for
the
temperature
property
the
Ontology
of
Units
of
Measure
(OM)
is
used.
Please note that these Vocabularies and ontologies are used as examples. Others can be used based on application domain and use case.
{ "@context": [
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1",
{
"saref":
"hljs-string">"https://w3id.org/saref#",
"om":
"hljs-string">"http://www.ontology-of-units-of-measure.org/resource/om-2/",
"schema":
"hljs-string">"https://schema.org"
}
],
"version": { "instance":
"hljs-string">"1.2.1",
"hljs-attr">"schema:softwareVersion": "1.0.1"
},
"hljs-attr">"schema:serialNumber": "4CE0460D0G",
"hljs-attr">"schema:manufacturer": {"name": "CompanyName"},
// ... "@type":
"hljs-string">"saref:TemperatureSensor",
"properties": { "temperature": {
"hljs-attr">"description": "Temperature value of the weather station",
"type":
"hljs-string">"number",
"minimum":
"hljs-number">-32.5,
"maximum":
"hljs-number">55.2,
"unit":
"hljs-string">"om:degree_Celsius",
"forms": [...]
},
// ...
},
// ...
}
In many cases, TD Context Extensions may be used to annotate pieces of a data schema, to be able to semantically process the state information of the physical world object, which is represented by the data exchanged during an interaction (e.g., in the payload of a response). For example, a semantic description of this state information in RDF can be embedded in the TD Document and pieces of a data schema can be individually annotated as referring to specific parts of that RDF-modeled state of the physical world object.
The
TD
snippet
below
uses
SAREF
to
describe
the
state
of
a
lamp.
The
external
Vocabulary
Term
ssn:forProperty
,
taken
from
SSN
,
the
Semantic
Sensor
Network
Ontology
[
VOCAB-SSN
],
is
being
used
to
link
the
data
schema
of
the
status
Property
with
the
actual
on/off
state
of
the
physical
world
object.
{ "@context": [
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1",
{
"saref":
"hljs-string">"https://w3id.org/saref#",
"ssn":
"hljs-string">"http://www.w3.org/ns/ssn/"
}
],
"id":
"hljs-string">"urn:uuid:67c9122b-2680-4e1a-b41c-5af07edba1f4",
"@type":
"hljs-string">"saref:LightSwitch",
"saref:hasState": { "@id":
"hljs-string">"urn:uuid:67c9122b-2680-4e1a-b41c-5af07edba1f4/state",
"@type":
"hljs-string">"saref:OnOffState"
},
// ... "properties": { "status": {
"hljs-attr">"ssn:forProperty": "urn:uuid:67c9122b-2680-4e1a-b41c-5af07edba1f4/state",
"type":
"hljs-string">"string",
"forms": [{
"hljs-attr">"href": "https://mylamp.example.com/status"}]
},
"fullStatus": {
"hljs-attr">"ssn:forProperty": "urn:uuid:67c9122b-2680-4e1a-b41c-5af07edba1f4/state",
"type":
"hljs-string">"object",
"properties": {
"hljs-attr">"statusString": { "type": "string" },
"hljs-attr">"statusCode": { "type": "number" },
"hljs-attr">"statusDescription": { "type": "string" }
},
"forms": [{
"hljs-attr">"href": "https://mylamp.example.com/status?full=true"}]
},
// ...
},
// ...
}
In
Example
2
,
the
state
of
the
Thing
is
given
by
the
status
affordance
itself
and
possible
state
changes
are
given
by
the
toggle
affordance.
In
other
words,
the
state
of
the
physical
world
object
directly
provides
the
Interaction
Affordances
of
the
Thing
.
This
design
is
satisfactory
for
simple
cases.
In
more
elaborate
cases,
however,
several
affordances
may
be
available
for
the
same
physical
state.
In
the
example
above,
the
fullStatus
Property
provides
an
alternative,
more
verbose
representation
for
the
state
of
the
lamp.
For many use cases like in building, agriculture, or smart city location based data is required. This information can be provided in the Thing Description in different ways and can be relied on different kind of location ontologies (e.g.,[ w3c-basic-geo ], schema.org) depending on purpose (e.g., indoor, outdoor). Also see [ sdw-bp ].
The
TD
snippet
below
uses
lat
and
long
from
the
[
w3c-basic-geo
]
ontology
to
provide
static
latitude
and
longitude
metadata
at
Thing's
top
level.
{ "@context": [
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1",
{
"geo":
"hljs-string">"http://www.w3.org/2003/01/geo/wgs84_pos#"
}
],
"@type":
"hljs-string">"Thing",
"geo:lat":
"hljs-string">"26.58",
"geo:long":
"hljs-string">"297.83",
// ... "properties": { // ...
}
}
In
some
use
cases
location
based
metadata
have
to
be
provided
at
the
interaction
level,
e.g.,
as
provided
as
a
Property
that
returns
the
latest
longitude
,
latitude
,
and
elevation
values
based
on
schema.org:
{ "@context": [
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1",
{
"schema":
"hljs-string">"https://schema.org#"
}
],
// ... "properties": { "position": { "type":
"hljs-string">"object",
"@type":
"hljs-string">"schema:GeoCoordinates",
"properties": {
"hljs-attr">"longitude": { "type": "number" },
"hljs-attr">"latitude": { "type": "number" },
"hljs-attr">"elevation": { "type": "number" }
},
"forms": [{
"hljs-attr">"href": "https://robot.example.com/position"}]
},
// ...
},
// ...
}
In
case
a
different
name
is
desired
for,
e.g.,
longitude
,
latitude
,
and
elevation
in
the
data
model,
the
jsonld:context
can
be
used
to
link
terms
to
specific
vocabulary
from
an
ontology
(also
see
[
JSON-SCHEMA-ONTOLOGY
],
Section
3.3
Defining
a
JSON-LD
context
for
data
instances):
{ "@context": [
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1",
{
"schema":
"hljs-string">"https://schema.org#"
}
],
// ... "properties": { "position": { "jsonld:context": { "schema":
"hljs-string">"https://schema.org/",
"long":
"hljs-string">"schema:longitude",
"lat":
"hljs-string">"schema:latitude",
"height":
"hljs-string">"schema:elevation"
},
"type":
"hljs-string">"object",
"properties": { "long": {
"hljs-attr">"type": "number" },
"lat": {
"hljs-attr">"type": "number" },
"height": {
"hljs-attr">"type": "number" }
}
}
},
// ...
}
With
the
TD
Context
Extensions
in
a
Thing
Description,
the
communication
metadata
can
be
supplemented
or
new
Protocol
Bindings
added
through
additional
Vocabulary
Terms
serialized
into
JSON
objects
representing
a
Form
instance.
Please
see
8.3
Protocol
Bindings
for
additional
details.
Finally,
new
security
schemes
that
are
not
included
in
5.3.3
Security
Vocabulary
Definitions
can
be
imported
using
the
TD
Context
Extension
mechanism.
This
example
uses
a
fictional
ACE
security
scheme
based
on
[
RFC9200
]
that
is,
for
this
example,
defined
by
the
namespace
at
http://www.example.org/ace-security#
.
Additional
security
schemes
MUST
be
Subclasses
of
the
Class
SecurityScheme
.
{ "@context": [
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1",
{
"cov":
"hljs-string">"http://www.example.org/coap-binding#",
"ace":
"hljs-string">"http://www.example.org/ace-security#"
}
],
// ... "securityDefinitions": { "ace_sc": { "scheme":
"hljs-string">"ace:ACESecurityScheme",
// ... "ace:as":
"hljs-string">"coaps://as.example.com/token",
"hljs-attr">"ace:audience": "coaps://rs.example.com",
"hljs-attr">"ace:scopes": ["limited", "special"],
"hljs-attr">"ace:cnonce": true
}
},
"security": [
"hljs-string">"ace_sc"],
"properties": { "status": { // ... "forms": [{ "op":
"hljs-string">"readproperty",
"href":
"hljs-string">"coaps://rs.example.com/status",
"hljs-attr">"contentType": "application/cbor",
"hljs-attr">"cov:methodName": "GET",
"hljs-attr">"ace:scopes": ["limited"]
}]
}
},
"actions": { "configure": { // ... "forms": [{ "op":
"hljs-string">"invokeaction",
"href":
"hljs-string">"coaps://rs.example.com/configure",
"hljs-attr">"contentType": "application/cbor",
"hljs-attr">"cov:methodName": "POST",
"hljs-attr">"ace:scopes": ["special"]
}]
}
},
// ...
}
Note that all security schemes defined in 5.3.3 Security Vocabulary Definitions are already part of the TD context and need not to be included through a TD Context Extension .
The following assertions relate to the behavior of components of a WoT system, as opposed to the representation or information model of the TD. However, note that TDs are descriptive, and may in particular be used to describe pre-existing network interfaces. In these cases, assertions cannot be made that constrain the behavior of such pre-existing interfaces. Instead, the assertions are to be interpreted as constraints on the TD to accurately represent such interfaces.
To enable secure interoperation, security configurations need to accurately reflect the requirements of the Thing :
Some security protocols may ask for authentication information dynamically, including required encoding or encryption schemes. One consequence of the above is that if a protocol asks for a form of security credentials or an encoding or encryption scheme not declared in the Thing Description then the Thing Description is to be considered invalid.
The data schemas provided in the TD should accurately represent the data payloads returned and accepted by the described Thing in the interactions specified in the TD. In general, Consumers should follow the data schemas strictly, not generating anything not given in the WoT Thing Description, but should accept additional data from the Thing not given explicitly in the WoT Thing Description. In general, Things are described by WoT Thing Descriptions, but Consumers are constrained to follow WoT Thing Descriptions when interacting with Things .
ObjectSchema
and
ArraySchema
(when
items
is
an
Array
of
DataSchema
)
where
there
can
be
additional
properties
or
items
in
the
data
returned.
This
behaves
as
if
"additionalProperties":true
or
"additionalItems":true
as
defined
in
[
JSON-SCHEMA
].
ObjectSchema
and
ArraySchema
(when
items
is
an
Array
of
DataSchema
)
where
there
can
be
additional
properties
or
items
in
the
data
returned.
This
behaves
as
if
"additionalProperties":true
or
"additionalItems":true
as
defined
in
[
JSON-SCHEMA
].
A
Protocol
Binding
is
the
mapping
from
an
Interaction
Affordance
to
concrete
messages
of
a
specific
protocol
such
as
HTTP
[
RFC7231
],
CoAP
[
RFC7252
],
or
MQTT
[
MQTT
].
Protocol
Bindings
of
Interaction
Affordances
are
serialized
as
forms
as
defined
in
6.3.9
forms
.
Every
form
in
a
WoT
Thing
Description
needs
to
have
a
submission
target,
given
by
the
href
member,
as
indicated
in
Form
.
The
URI
scheme
[
RFC3986
]
of
this
submission
target
indicates
what
Protocol
Binding
the
Thing
implements
[
wot-architecture11
].
For
instance,
if
the
target
starts
with
http
or
https
,
a
Consumer
can
then
infer
the
Thing
implements
the
Protocol
Binding
based
on
HTTP
and
it
should
expect
HTTP-specific
terms
in
the
form
instance
(see
next
section,
8.3.1
Protocol
Binding
based
on
HTTP
).
href
member.
Optimally, the protocols used are listed as a scheme in the IANA registry [ IANA-URI-SCHEMES ]). This guarantees a unique Protocol Binding assignment. In case the desired protocol is not yet registered with IANA, it is recommended to follow the scheme value of the protocol specifications, if available. In principle, to avoid ambiguity in the identification of the protocol via the scheme, the Protocol Binding document will provide a recommended scheme value to enable unique protocol identification in the context of WoT.
Per
default
the
Thing
Description
supports
the
Protocol
Binding
based
on
HTTP
by
including
the
HTTP
RDF
vocabulary
definitions
from
HTTP
Vocabulary
in
RDF
1.0
[
HTTP-in-RDF10
].
This
vocabulary
can
be
directly
used
within
TD
instances
by
the
usage
of
the
prefix
htv
,
which
points
to
http://www.w3.org/2011/http#
.
Further
details
of
Protocol
Binding
based
on
HTTP
can
be
found
in
[
WOT-BINDING-TEMPLATES
].
To
interact
with
a
Thing
that
implements
the
Protocol
Binding
based
on
HTTP,
a
Consumer
needs
to
know
what
HTTP
method
to
use
when
submitting
a
form.
In
the
general
case,
a
Thing
Description
can
explicitly
include
a
term
indicating
the
method,
i.e.,
htv:methodName
.
For
the
sake
of
conciseness,
the
Protocol
Binding
based
on
HTTP
defines
Default
Values
for
the
operation
types
listed
below,
which
also
aims
at
convergence
of
the
methods
expected
by
Things
(e.g.,
GET
to
read,
PUT
to
write).
When
no
method
is
indicated
in
a
form
representing
an
Protocol
Binding
based
on
HTTP,
a
Default
Value
MUST
be
assumed
as
shown
in
the
following
table.
Vocabulary term | Default value | Context |
---|---|---|
htv:methodName
|
GET
|
Form
with
operation
type
readproperty
,
readallproperties
,
readmultipleproperties
|
htv:methodName
|
PUT
|
Form
with
operation
type
writeproperty
,
writeallproperties
,
writemultipleproperties
|
htv:methodName
|
POST
|
Form
with
operation
type
invokeaction
|
For example, the Example 1 in 1. Introduction does not contain operation types and HTTP methods in the forms. The following Default Values should be assumed for the forms in the Example 1 :
In
the
case
of
a
forms
entry
that
has
multiple
op
values
the
usage
of
the
htv:methodName
is
not
permitted.
A
TD
Processor
will
extend
the
multiple
op
values
to
separate
forms
entries
and
associates
a
single
operation
with
the
default
assumption.
The
address
information
(e.g.
href
)
and
other
metadata
are
taken
over
in
the
extended
version.
The number of Protocol Bindings a Thing can implement is not restricted. Other Protocol Bindings (e.g., for CoAP, MQTT, or OPC UA) are intended to be standardized in separate documents such as a protocol Vocabulary similar to HTTP Vocabulary in RDF 1.0 [ HTTP-in-RDF10 ] or specifications including Default Value definitions. Such protocols can be simply integrated into the TD by the usage of the TD Context Extension mechanism (see 7. TD Context Extensions ).
Please refer to [ WOT-BINDING-TEMPLATES ] for information on how to describe IoT platforms and ecosystems.
The figure below illustrates the relation of the Thing Model and Thing Description . A Thing Model mainly describes interaction affordances such as the Properties , Actions , and Events and common metadata. When a Thing Descriptions is instantiated by relying on a Thing Model, it SHOULD be valid according to that Thing Model. This paradigm can be compared with abstract class or interface definition (~Thing Model) in object-oriented programming to create objects (~Thing Descriptions).
The Thing Model is a logical description of the interface and possible interaction with Thing 's Properties , Actions , and Events , however it does not contain Thing instance-specific information, such as concrete protocol usage (e.g., IP address), or even a serial number and GPS location. However, Thing Models allows to include, e.g., security schemes if they apply to the entire class of instances the model describes. They might have URLs (e.g., like token servers) that might need to be omitted or parameterized (with templates) although in a lot of cases these might also be given.
Thing
Model
can
be
serialized
in
the
same
JSON-based
format
as
a
Thing
Description
which
also
allows
JSON-LD
processing.
Note
that
a
Thing
Model
cannot
be
validated
in
the
same
way
as
Thing
Description
instances
due
to
some
missing
mandatory
terms.
This
means
that
any
term
that
is
not
using
the
placeholder
type,
still
uses
the
types
declared
in
TD
Information
Model
.
For
example,
the
value
of
minimum
needs
to
be
an
integer
,
unless
a
placeholder
is
used.
You can use the JSON Schema in the GitHub repository to validate TM instances that are serialized as JSON.
The link for the TM needs to be updated to a permanent one before publication.
A
Thing
Model
is
recognized
by
the
top
level
@type
.
Thing
Model
definitions
MUST
use
the
keyword
@type
at
top
level
and
a
value
of
type
string
or
array
that
equals
or
respectively
contains
tm:ThingModel
.
Additionally,
in
order
to
identify
it
as
a
JSON-LD
document,
Thing
Model
definitions
MUST
use
the
keyword
@context
at
top
level
with
same
rules
as
a
Thing
Description.
The
prefix
tm
is
defined
within
Thing
Descriptions
'
context
and
points
to
the
Thing
Model
namespace
as
defined
in
4.
Namespaces
.
It
is
intended
that
vocabulary
from
the
tm
context
only
be
used
in
Thing
Model
definitions
and
are
removed
or
replaced
when
Thing
Descriptions
are
generated
(also
see
9.4
Derivation
of
Thing
Description
Instances
).
A Thing Model MAY NOT contain instance specific Protocol Binding and security information such as endpoint addresses. Consequently, Thing Model definitions will also be valid if there are no JSON members like forms , base , securityDefinitions , and security . Thing Models are also valid even if these JSON members are used (e.g., as template), however, the nested mandatory members like href are omitted.
Example 3 shows a valid sample lamp Thing Model without any protocol and security information.
In the context of Thing Model definitions specific features are introduced that can be used for Thing modelling.
When
the
Thing
Model
definitions
change
over
time,
this
SHOULD
be
reflected
in
the
version
container.
The
string-based
term
model
is
used
within
the
version
container
to
provide
such
versioning
information,
like
[
SEMVER
].
The
following
snippet
shows
the
usage
of
model
in
a
Thing
Model
instance.
{ // ... "@type":
"hljs-string">"tm:ThingModel",
"title":
"hljs-string">"Lamp Thing Model",
"description":
"hljs-string">"Lamp Thing Description Model",
"version" : {
"hljs-attr">"model": "1.0.0"},
// ...
}
Due
to
the
definition
of
Thing
Model
the
term
instance
MUST
be
omitted
within
the
version
container.
When Thing Models are updated and have a new version, this may affect other Thing Models that use the extension and import features (see Section 9.3.2 Extension and Import ). In some cases it is also useful to reflect a new version in the file name and/or in a corresponding URL to identify the version.
A
Thing
Model
can
extend
an
existing
Thing
Model
by
using
the
tm:extends
mechanism
announced
in
the
links
definition:
When
a
Thing
Model
extends
another
Thing
Model,
at
least
one
links
entry
with
"rel":
"tm:extends"
that
targets
a
Thing
Model
that
is
be
extended
MUST
be
used.
The
Thing
Model
will
inherit
all
definitions
from
the
extended
Thing
Model
.
There
is
the
opportunity
to
extend
the
existing
definition
with
further
metadata
by
providing
further
JSON
name-value
pairs
from
the
existing
TD
information
model
(
5.
TD
Information
Model
)
or
using
the
context
extension
concept
(
7.
TD
Context
Extensions
).
A
Thing
Model
can
also
overwrite
existing
definitions
such
as
title(s)
and
maximum
etc..
For
this
there
exist
two
limitations:
A
Thing
Model
SHOULD
NOT
overwrite
the
JSON
names
defined
within
the
properties
,
actions
,
and/or
events
Map
of
the
extended
Thing
Model
.
Definitions
SHOULD
NOT
be
overwritten
in
such
a
way
that
possible
instance
values
are
no
longer
valid
compared
to
the
origin
extended
definitions.
Those
assertions
preserve
the
semantics
throughout
of
the
extended
Thing
Model
.
E.g.,
it
is
not
allowed
that
a
"minimum":2
from
a
extended
Thing
Model
can
be
overwritten
with
"minimum":0
.
Meanwhile,
overwriting
with
"minimum":5
would
work
since
all
instances
values
will
always
fulfill
the
restrictions
of
the
extended
Thing
Model
(also
see
Figure
Figure
6
for
further
explanation).
Lets assume we have a basic model description as provided in the following example:
{ "@context": [
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1"],
"@type":
"hljs-string">"tm:ThingModel",
"title":
"hljs-string">"Basic On/Off Thing Model",
"properties": { "onOff": { "type":
"hljs-string">"boolean"
}
}
}
Now
a
new
device
class
model
called
'Smart
Lamp
Control'
that
will
be
used
as
template
for
creating
TD
instances
is
designed.
This
model
will
reuse
the
existing
definition
of
the
'Basic
On/Off
Thing
Model'
and
extend
it
with
a
dim
property:
{ "@context": [
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1"],
"@type":
"hljs-string">"tm:ThingModel",
"title":
"hljs-string">"Smart Lamp Control with Dimming",
"links" : [{ "rel":
"hljs-string">"tm:extends",
"href":
"hljs-string">"http://example.com/BasicOnOffTM",
"type":
"hljs-string">"application/tm+json"
}],
"properties" : { "dim" : { "title":
"hljs-string">"Dimming level",
"type":
"hljs-string">"integer",
"minimum":
"hljs-number">0,
"maximum":
"hljs-number">100
}
}
}
Please
note
that
the
title
is
overwritten
and
will
be
used
when
TD
instances
are
created
(also
see
in
the
next
subsection
9.4
Derivation
of
Thing
Description
Instances
).
The
tm:extends
feature
only
permits
inheriting
all
definitions
of
one
Thing
Model
.
In
many
use
cases,
however,
it
is
desired
only
to
import
pieces
of
definitions
of
one
or
more
existing
Thing
Models
.
For
importing
pieces
of
definitions
of
one
or
more
existing
Thing
Models
,
the
tm:ref
term
is
introduced
that
provides
the
location
of
an
existing
(sub-)definition
that
SHOULD
be
reused.
The
tm:ref
value
MUST
follow
the
pattern
that
starts
with
the
file
location
as
URI
[
RFC3986
](Section
4.1)),
followed
by
#
character,
and
followed
by
JSON
Pointer
[
RFC6901
]
definition.
Note
that
the
URI
can
also
be
empty,
indicating
a
same-document
reference
[
RFC3986
](Section
4.4)).
In
this
case,
the
tm:ref
is
supposed
to
be
interpreted
as
a
relative
reference.
Every
time
tm:ref
is
used,
the
referenced
pre-definition
and
its
dependencies
(e.g.,
by
context
extension)
MUST
be
assumed
at
the
new
defined
definition.
Portions
of
the
tm:ref
value
might
contain
non-ASCII
characters
that
require
URL
("percent")
encoding
before
use.
Before
applying
escapes
to
a
tm:ref
value,
implementations
should
check
that
the
value
is
not
already
encoded.
The
following
example
shows
a
new
TM
definition
that
imports
the
existing
definition
of
the
property
onOff
from
Example
53
into
the
new
property
definition
switch
.
{ "@context": [
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1"],
"@type":
"hljs-string">"tm:ThingModel",
"title":
"hljs-string">"Smart Lamp Control",
"properties" : { "switch" : { "tm:ref":
"hljs-string">"http://example.com/BasicOnOffTM.tm.jsonld#/properties/onOff"
}
}
}
As
an
example
for
relative
imports
using
tm:ref
,
the
following
Thing
Model
re-uses
and
augments
(see
below)
a
genericTemperature
property
in
two
more
specific
properties,
which
describe
an
inner
and
an
outer
temperature
value,
respectively.
{ "@context":
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1",
"@type":
"hljs-string">"tm:ThingModel",
"title":
"hljs-string">"Multi Sensor",
"properties": { "genericTemperature": { "type":
"hljs-string">"number",
"unit":
"hljs-string">"C"
},
"innerTemperature": { "tm:ref":
"hljs-string">"#/properties/genericTemperature",
"title":
"hljs-string">"The inner temperature",
"minimum":
"hljs-number">10
},
"outerTemperature": { "tm:ref":
"hljs-string">"#/properties/genericTemperature",
"title":
"hljs-string">"The outer temperature",
"hljs-attr">"description": "The outer temperature is measured in Kelvin",
"unit":
"hljs-string">"K"
}
},
"tm:optional": [
"hljs-string">"/properties/genericTemperature"
]
}
At
the
place
the
"tm:ref"
is
defined,
additional
name-value
pairs
can
be
added.
It
is
also
permitted
to
override
name-value
pairs
from
the
referenced
definition.
If
the
intention
is
to
override
an
existing
JSON
name-value
pair
definition
from
tm:ref
,
the
same
JSON
name
MUST
be
used
at
the
same
level
of
the
tm:ref
declaration
that
provides
a
new
value.
The
process
to
overwrite
MUST
follow
the
JSON
Merge
Patch
algorithm
as
defined
in
[RFC7396]
where
the
content
of
the
referenced
definition
is
patched
with
the
new
provided
JSON
name-value
pairs.
It
is
noted
that
the
values
can
also
be
based
on
a
JSON
object
or
array
,
or
simply
be
a
null
value.
null
would
result
to
a
removal
of
existing
JSON
name-value
pair
in
the
target.
Similar
to
tm:extends
and
to
keep
the
semantic
meaning,
definitions
SHOULD
NOT
be
overwritten
in
such
a
way
that
possible
instance
values
are
no
longer
valid
compared
to
the
origin
referenced
definition.
The
following
example
shows
a
new
TM
definition
that
overwrites
(
maximum
),
enhances
(
unit
),
and
removes
(
title
)
existing
definitions
from
Example
54
.
{ "@context": [
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1"],
"@type":
"hljs-string">"tm:ThingModel",
"title":
"hljs-string">"Smart Lamp Control",
"properties" : { "dimming" : { "tm:ref":
"hljs-string">"http://example.com/SmartLampControlwithDimming.tm.jsonld#/properties/dim",
"title":
"hljs-literal">null,
"maximum":
"hljs-number">80,
"unit":
"hljs-string">"%"
}
}
}
Based
on
the
JSON
Merge
Patch
algorithm
the
{"title":
null,"maximum":
80,"unit":
"%"}
would
act
as
a
patch
for
the
referenced
origin
content
{"title":
"Dimming
level",
"type":
"integer",
"minimum":
0,
"maximum":
100}
.
The
tm:extends
and
the
import
mechanism
based
on
tm:ref
can
also
be
used
at
the
same
time
in
a
TM
definition.
The
following
example
extends
the
TM
from
Example
53
and
imports
the
status
and
dim
definitions
from
Example
3
and
Example
54
respectively.
{ "@context": [
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1"],
"@type":
"hljs-string">"tm:ThingModel",
"title":
"hljs-string">"Smart Lamp Control",
"links" : [{ "rel":
"hljs-string">"extends",
"href":
"hljs-string">"http://example.com/BasicOnOffTM",
"type":
"hljs-string">"application/tm+json"
}],
"properties" : { "status" : { "tm:ref":
"hljs-string">"http://example.com/LampTM.tm.jsonld#/properties/status"
},
"dimming" : { "tm:ref":
"hljs-string">"http://example.com/LampWithDimmingTM.tm.jsonld#/properties/dim"
}
}
}
The
tm:extends
and
the
import
mechanism
based
on
tm:ref
explicitly
supports
transitive
extension
(a
hierarchy
of
extensions).
For
example,
assuming
there
are
3
TMs:
"A"
which
defines
a
tm:extends
of
the
TM
"B"
which
itself
defines
a
tm:extends
of
the
TM
"C".
Consequently,
the
"A"
TM
extends
all
definitions
of
both
"B"
and
"C".
Recursive
extensions
leading
to
an
infinite
loop
MUST
NOT
be
defined.
The
following
figure
summarizes
the
allowable
override
behaviour
of
the
extension
and
imports
TM
functions
presented
in
this
section.
Three
Thing
Models
use
the
tm:ref
or
tm:extends
feature
to
reuse
TM
definitions
of
the
Smart
Lamp
Control
Thing
Model
.
The
first
Thing
Model
imports
and
overwrites
the
maximum
value
to
120
within
the
dimmer
property.
However,
this
results
in
possible
instance
values
(at
runtime)
that
may
not
be
in
the
range
of
the
original
dim
definition
between
0
and
100
of
the
dim
definition
of
the
Smart
Lamp
Control
Thing
Model.
Thus,
such
a
Thing
Model
definition
is
not
allowed.
The
second
model
overwrites
the
property
type
value
by
number
.
Again,
this
will
potentially
result
in
numeric
dim
values
that
are
not
accepted
by
the
definition
of
the
origin
dim
type
definition
(integer)
of
the
Smart
Lamp
Control
Thing
Model
.
The
last
model
is
defined
in
a
correct
way.
The
new
ranges
of
dim
produce
potential
instance
values
that
are
also
fulfilled
by
the
original
dim
definition.
In
some
applications,
it
is
beneficial
to
reuse
existing
Thing
Model
definitions
and
compose
them
into
a
new
IoT
system.
An
example
would
be
that
a
new
Smart
Ventilator
is
designed
to
consist
of
two
sub/child
Thing
Model
definitions
such
as
a
Ventilation
Thing
Model
that
provides
on/off
and
adjustRpm
capabilities,
and
an
LED
Thing
Model
that
provides
dimmable
and
RGB
capabilities.
Such
composition
can
be
introduced
by
the
usage
of
the
links
container.
If
it
is
desired
to
provide
information
that
a
Thing
Model
consists
of
one
or
more
(sub-)
Thing
Models
,
the
links
entries
MUST
use
the
"rel":
"tm:submodel"
that
targets
to
the
(sub-)
Thing
Models
.
Optionally
an
instanceName
MAY
be
provided
to
associate
an
individual
name
to
the
composed
(sub-)
Thing
Model
.
This
is
useful
when
multiple
similar
Thing
Model
definitions
are
composed
and
needs
to
be
distinguished.
Different
strategies
can
be
followed
to
generate
Thing
Descriptions
from
composed
Thing
Model
definitions.
The
default
recommendation
is
to
generate
from
each
parent
and
sub/child
Thing
Model
a
corresponding
Thing
Descriptions
(also
see
9.4
Derivation
of
Thing
Description
Instances
).
The
composition
relation
can
be
reflected
by
the
collection
and
item
relation
types
in
the
links
container
of
the
Thing
Descriptions
.
An
example
based
on
Smart
Ventilation
is
given
here:
A single TD can also be generated which contains the interaction definitions of the top level/parent Thing Model and all interaction definitions of all sub/child Thing Models . Thereby the generation process MUST avoid possible name collisions. The following example shows a potential generated (self-contained) Thing Description of the Smart Ventilator Thing Model.
{ "@context":
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1",
"title":
"hljs-string">"Smart Ventilator",
"securityDefinitions": { "basic_sc": { "scheme":
"hljs-string">"basic",
"in":
"hljs-string">"header"
}
},
"security":
"hljs-string">"basic_sc",
"links": [
{
"rel":
"hljs-string">"type",
"href":
"hljs-string">"./SmartVentilator.tm.jsonld",
"type":
"hljs-string">"application/tm+json"
}
],
"properties": { "status": { "type":
"hljs-string">"string",
"enum": [ "on_value", "off_value", "error_value"
],
"forms": [
{
"hljs-attr">"href": "http://127.0.13.232:4563/status"
}
]
},
"switch": { "type":
"hljs-string">"boolean",
"hljs-attr">"description": "True=On; False=Off",
"forms": [
{
"hljs-attr">"href": "http://127.0.13.212:4563/switch"
}
]
},
"adjustRpm": { "type":
"hljs-string">"number",
"minimum":
"hljs-number">200,
"maximum":
"hljs-number">1200,
"forms": [
{
"hljs-attr">"href": "http://127.0.13.212:4563/adjustRpm"
}
]
},
"R": { "type":
"hljs-string">"number",
"hljs-attr">"description": "Red color",
"forms": [
{
"hljs-attr">"href": "http://127.0.13.211:4563/R"
}
]
},
"G": { "type":
"hljs-string">"number",
"hljs-attr">"description": "Green color",
"forms": [
{
"hljs-attr">"href": "http://127.0.13.211:4563/G"
}
]
},
"B": { "type":
"hljs-string">"number",
"hljs-attr">"description": "Blue color",
"forms": [
{
"hljs-attr">"href": "http://127.0.13.211:4563/B"
}
]
}
},
"actions": { "fadeIn": { "title":
"hljs-string">"fadeIn",
"input": { "type":
"hljs-string">"number",
"hljs-attr">"description": "fadeIn in ms"
},
"forms": [
{
"hljs-attr">"href": "http://127.0.13.211:4563/fadeIn"
}
]
},
"fadeOut": { "title":
"hljs-string">"fadeOut",
"input": { "type":
"hljs-string">"number",
"hljs-attr">"description": "fadeOut in ms"
},
"forms": [
{
"hljs-attr">"href": "http://127.0.13.211:4563/fadeOut"
}
]
}
}
}
In
some
cases
it
is
desirable
to
not
enforce
which
interaction
affordances
are
mandatory
and
do
not
necessarily
need
to
be
implemented
in
a
Thing
Description
instance.
If
interaction
models
are
not
mandatory
to
be
implemented
in
a
Thing
Description
instance,
Thing
Model
definitions
MUST
use
the
JSON
member
name
tm:optional
.
tm:optional
MUST
be
a
JSON
array
at
the
top
level.
The
value
of
tm:optional
MUST
provide
JSON
Pointer
[
RFC6901
]
references
to
the
required
interaction
model
definitions.
The
JSON
Pointers
of
tm:optional
MUST
resolve
to
an
entire
interaction
affordance
Map
definition.
The
following
sample
shows
the
usage
of
tm:optional
for
the
Event
interaction
overheating
.
{ "@context": [
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1"],
"@type":
"hljs-string">"tm:ThingModel",
"title":
"hljs-string">"Lamp Thing Model",
"description":
"hljs-string">"Lamp Thing Model Description",
"tm:optional": [ "/events/overheating"
],
"properties": { "status": {
"hljs-attr">"description": "current status of the lamp (on|off)",
"type":
"hljs-string">"string",
"readOnly":
"hljs-literal">true
}
},
"actions": { "toggle": {
"hljs-attr">"description": "Turn the lamp on or off"
}
},
"events": { "overheating": {
"hljs-attr">"description": "Lamp reaches a critical temperature (overheating)",
"data": {
"hljs-attr">"type": "string"}
}
}
}
Since
the
Event
overheating
is
not
mandatory
it
may
not
be
available
in
a
Thing
Description
instance.
Please
note
that
an
optional
definition
in
a
Thing
Model
definition
can
be
overwritten
in
the
case
it
is
extended
by
another
Thing
Model
through
the
use
of
tm:ref
:
{ "@context": [
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1"],
"@type":
"hljs-string">"tm:ThingModel",
"title":
"hljs-string">"Lamp Thing Model (All Mandatory)",
"description":
"hljs-string">"Lamp Thing Model description expects all interaction affordances (status, toggle, and overheating)",
"links": [
{
"rel":
"hljs-string">"tm:extends",
"href":
"hljs-string">"./lampThingModel.tm.jsonld",
"type":
"hljs-string">"application/tm+json"
}
],
"events": { "overheating": { "tm:ref":
"hljs-string">"./lampThingModel.tm.jsonld#/events/overheating"
}
}
}
A
Thing
Model
can
specify
which
terms
should
be
used
in
a
TD
instance,
but
their
values
are
unspecific
and
are
first
known
during
TD
instantiation.
In
a
case
where
TD
instance
terms,
but
not
their
values,
are
known
in
advance,
the
placeholder
labeling
MAY
be
used
in
a
Thing
Model.
The
placeholder
labeling
MUST
be
substituted
with
a
concrete
value
(e.g.,
as
JSON
number,
JSON
string,
JSON
object,
etc)
when
TD
instance
is
created
from
the
Thing
Model.
The
string-based
pattern
of
the
placeholder
MUST
follow
a
valid
pattern
based
on
the
regular
expression
{{2}[
-~]+}{2}
(e.g.,
{{
PLACEHOLDER_IDENTIFIER
}}
).
The
characters
between
{{
and
}}
are
used
as
identifier
name
of
the
placeholder.
The
identifier
name
can
be
used
to
identify
the
placeholder
for
the
substitution
process.
A
placeholder
MUST
be
applied
within
the
value
of
the
JSON
name-value
pair.
If
a
non
string-based
value
of
a
JSON
name-value
pair
has
a
placeholder,
the
value
MUST
be
(temporarily)
typed
as
string.
After
replacing
the
placeholder,
e.g.
when
creating
a
Thing
Description
instance,
the
original
type
is
applied
with
the
corresponding
replaced
value.
The following Thing Model example defines different placeholders. The placeholder map is used to apply the replacement and to transform the intended value type.
Thing Models can be used as templates to generate a Thing Description based on the restrictions defined in Sections 5. TD Information Model and 6. TD Representation Format . During this process missing data such as communication and security metadata have to be complemented to create valid Thing Description instances. A Thing Model MUST be defined in such a way that there are no inconsistencies that would result in a Thing Description not being able to meet the requirements as described in Section 5. TD Information Model and 6. TD Representation Format . A TM-to-TD generator to derive a Thing Description instance from a Thing Model transforms it to a Partial TD using the following steps:
links
element
entry
with
"rel":"tm:extends"
MUST
be
removed
from
the
current
Partial
TD
tm:ThingModel
value
of
the
top-level
@type
MUST
be
removed
in
the
Partial
TD
instance.
tm:optional
)
MUST
be
taken
over
to
the
Partial
TD
instance.
tm:optional
)
MAY
be
taken
over
to
the
Partial
TD
instance.
Finally, a TM-to-TD generator will take the resulting Partial TD and transform it into a Thing Description with this last step
securityDefinitions
and
security
and/or
6.3.9
forms
.
It
is
recommended
that
the
id
value
of
a
Thing
Model
provides
a
placeholder
such
as
"id":
"urn:example:
{{
RANDOM_ID_PATTERN
}}
"
for
the
TD
generation
process.
Please
avoid
including
metadata
in
the
id
pattern.
Thing
Description
instances
that
follow
a
Thing
Model
can
carry
the
information
regarding
which
type
of
Thing
Model
is
derived.
In
this
context,
the
linking
concept
can
be
used
with
"rel":
"type"
(also
see
Section
5.3.4.1
Link
),
as
shown
in
the
following
example:
Please
note
that
a
TD
can
only
be
an
instance
of
one
TM
at
a
time.
That
means
for
Thing
Descriptions:
The
links
array
MUST
use
the
entry
with
"rel":
"type"
a
maximum
of
once.
If
it
is
desired
to
reflect
all
relationships
to
other
Things
in
a
Thing
Description,
the
composition
mechanism
in
TMs
can
be
considered
(see
Section
9.3.3
Composition
).
The
following
Thing
Model
extends
the
model
as
shown
in
Example
54
and
overwrites
the
maximum
value
of
the
dim
property
{ "@context": [
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1"],
"@type":
"hljs-string">"tm:ThingModel",
"links" : [{ "rel":
"hljs-string">"tm:extends",
"href":
"hljs-string">"http://example.com/SmartControlLampTM",
"type":
"hljs-string">"application/tm+json"
}],
"properties" : { "dim" : { "maximum":
"hljs-number">200
}
}
}
The expected Thing Description that is derived from this Thing Model would be (with HTTP Binding and basic security applied):
{ "@context": [
"hljs-string">"https://www.w3.org/2022/wot/td/v1.1"],
"@type":
"hljs-string">"Thing",
"title":
"hljs-string">"Smart Lamp Control",
"securityDefinitions": { "basic_sc": {
"hljs-attr">"scheme": "basic", "in": "header"}
},
"security":
"hljs-string">"basic_sc",
"links" : [{ "rel":
"hljs-string">"type",
"href":
"hljs-string">"url/to/SmartLampControlModifiedDimTM",
"type":
"hljs-string">"application/tm+json"
}
],
"properties" : { "onOff": { "type":
"hljs-string">"boolean",
"forms": [{
"hljs-attr">"href": "https://smartlamp.example.com/onoff"}]
},
"dim" : { "type":
"hljs-string">"integer",
"minimum":
"hljs-number">0,
"maximum":
"hljs-number">200,
"forms": [{
"hljs-attr">"href": "https://smartlamp.example.com/dim"}]
}
}
}
In general the security measures taken to protect a WoT system will depend on the threats and attackers that system may face and the value of the assets that need to be protected. A detailed discussion of security (and privacy) considerations for the Web of Things, including a threat model that can be adapted to various circumstances, is presented in the informative document [ WOT-SECURITY-GUIDELINES ]. Many WoT Things are similar to and use the same technologies as web services. In addition to the specific security considerations below, the security risks and mitigations discussed in guides such as the OWASP Top 10 [ OWASP-Top-10 ] for web services should be evaluated, and if applicable, addressed. This section discusses only security risks and possible mitigations directly relevant to the WoT Thing Description.
A WoT Thing Description can describe both secure and insecure network interfaces. When a Thing Description is retro-fitted to an existing network interface, no change in the security status of the network interface is to be expected.
The use of a WoT Thing Description introduces the security risks given in the following sections. After each risk, we suggest some possible mitigations.
Intercepting and tampering with TDs can be used to launch man-in-the-middle attacks, for example by rewriting URLs in TDs to redirect accesses to a malicious intermediary that can capture or manipulate data.
Intercepting and tampering with context definition files can be used to facilitate attacks by modifying the interpretation of vocabulary. Context extensions (see 7. TD Context Extensions ) that are loaded from the Web over non-secure connections, such as HTTP, run the risk of being altered by an attacker, and may modify the TD Information Model in ways that could compromise security.
As recommended in 11.1 Context Fetching , on constrained implementations context definition files should be pre-installed and managed using a secure software update process and the context URLs only used to identify known contexts, not to fetch them. This consideration therefore applies only when fetching context definition files dynamically is otherwise unavoidable, for example in a directory service supporting general semantic processing.
In some scenarios, it may be desirable to limit the scope and duration of access to a set of Things by some users. For example, if A is visiting B's house, B may want to provide A with temporary and limited access to the garage door opener and car charger so A can use them. The scope however may be limited so that A cannot access certain administrative functions of these Things (for example, to change how long the garage door can remain open, or to change the charging rate). In addition, the access should expire after A is expected to have left, e.g. after one week.
An attacker with access to a set of TDs, for example those returned by WoT Discovery, may be able to use this information to identify vulnerable devices and plan attacks on them.
auto
security
scheme
MAY
be
used
if
vulnerability
scanning
is
a
concern.
Many
strings
given
in
TDs,
in
particular
the
values
carried
in
title
/
titles
and
description
/
descriptions
,
are
meant
to
be
human-readable.
An
application
may
take
such
strings
and
use
them
to
generate
a
user
interface,
for
example,
a
web
dashboard
listing
a
set
of
available
Things
with
their
titles
and
descriptions.
If
such
an
interface
is
naively
generated
using
string
substitution,
for
example
inserting
the
values
of
these
strings
into
marked
places
in
a
HTML
template
to
create
final
HTML,
any
HTML
markup
in
the
original
string
will
be
interpreted
in
the
context
of
the
browser
displaying
the
dashboard.
It
is
possible
for
an
attacker
to
embed
scripts
in
HTML
in
various
ways
and
have
these
scripts
executed
upon
user
interaction
or
even
automatically
(e.g.
upon
page
load,
or
upon
an
error,
which
can
be
done
intentionally).
Since
the
string
will
be
generated
by
the
TD
producer
and
the
dashboard
will
be
generated
by
a
different
origin,
this
is
a
form
of
cross-site-scripting
(XSS)
attack.
See
RFC 8259,
section
12
:
JSON
should
not
be
parsed
as
JavaScript
using
eval()
.
A
WoT
Thing
Description
is
intended
to
be
a
pure
data
exchange
format
for
Thing
metadata,
not
for
holding
executable
content.
An
(invalid)
TD
may,
however,
contain
JavaScript
code
that,
when
executed,
could
have
side
effects
compromising
the
security
of
a
system.
eval()
function
to
be
parsed.
There
are
additional
code
injection
risks
discussed
in
[
WOT-DISCOVERY
].
Other
strings
in
TDs,
such
as
the
values
given
for
title
and
description
,
should
be
sanitized
before
being
used
in
templates
for
SQL,
HTML,
or
other
executable
contexts.
This
risk,
however,
is
specifically
about
the
Javascript
injection
risk
when
parsing
JSON.
JSON-LD processing usually includes the replacement of short terms with longer IRIs [ RFC3987 ]. For this reason, WoT Thing Descriptions may expand considerably when processed using a JSON-LD 1.1 processor and, in the worst case, the resulting data might consume all of the recipient's resources or cause an exploitable buffer overflow.
Privacy risks will depend on the association of Things with identifiable people and both the direct information and the inferred information available from such an association. A detailed discussion of privacy (and security) considerations for the Web of Things, including a threat model that can be adapted to various circumstances, is presented in the informative document [ WOT-SECURITY-GUIDELINES ]. This section discusses only privacy risks and possible mitigations directly relevant to the WoT Thing Description.
The use of a WoT Thing Description introduces the privacy risks given in the following sections. After each risk, we suggest some possible mitigations.
WoT Thing Descriptions can be evaluated with a JSON-LD 1.1 processor [ json-ld11 ], which typically follows links to remote contexts (i.e., TD context extensions, see 7. TD Context Extensions ) automatically, resulting in the transfer of files without the explicit request of the Consumer for each one. If remote contexts are served by third parties, it may allow them to gather usage patterns or similar information leading to disclosure of private information, or information that can be used to infer private information. In the case of the WoT, an attacker can also observe the network traffic produced by such fetches and can use the metadata of the fetch, such as the destination IP address, to infer information about the device, especially if domain-specific vocabularies are used. This is a risk even if the connection is encrypted, and is related to DNS privacy leaks. See also 10.2 Context Interception and Tampering , which is a related security risk which can also be avoided with the following mitigations.
A
Thing
Description
containing
an
identifier
(
id
)
may
describe
a
Thing
that
is
associated
with
an
identifiable
person.
Such
identifiers
pose
various
risks
including
tracking.
However,
if
the
identifier
is
also
immutable,
then
the
tracking
risk
is
amplified,
since
a
device
may
be
sold
or
given
to
another
person
and
the
known
ID
used
to
track
that
person.
All
identifiers
used
in
a
TD
SHOULD
be
mutable,
and
in
particular
there
SHOULD
be
a
mechanism
to
update
the
id
of
a
Thing
when
necessary.
Specifically,
the
id
of
a
Thing
should
not
be
fixed
in
hardware.
This
does,
however,
conflict
with
the
Linked
Data
ideal
that
identifiers
are
fixed
URIs.
However,
as
a
matter
of
policy,
it
is
strongly
suggested
that
deployments
update
identifiers
upon
major
changes
in
configuration
or
reinitialization.
Examples
of
major
changes
in
configuration
include
moving
a
Thing
to
a
new
local
area
network,
assigning
a
new
domain
name,
or
unregistering
the
Thing
from
one
hub
and
registering
it
with
a
new
one.
Generally,
changes
in
configuration
indicating
a
potential
change
in
ownership
should
result
in
a
new
identifier
being
created.
If
more
frequent
changes
are
desired
during
the
operational
phase
of
a
device,
a
mechanism
can
be
put
into
place
to
notify
only
authorized
users
of
the
change
in
identifier
when
a
change
is
made.
Note
however
that
some
classes
of
devices,
e.g.,
medical
devices,
may
require
immutable
IDs
by
law
in
some
jurisdictions.
Ideally,
any
required
immutable
identifiers
should
only
be
made
available
via
affordances,
such
as
a
property,
whose
value
can
only
be
obtained
after
appropriate
authentication
and
authorization,
and
managed
separately
from
the
TD
identifier.
If
it
is
necessary
to
use
an
immutable
identifier
as
the
TD
identifier,
extra
attention
should
be
paid
to
secure
access
to
files,
such
as
Thing
Descriptions,
containing
such
immutable
identifiers.
As
noted
above,
the
id
member
in
a
TD
can
pose
a
privacy
risk.
However,
even
if
the
id
is
updated
as
described
to
mitigate
its
tracking
risk,
it
may
still
be
possible
to
associate
a
TD
with
a
particular
physical
device,
and
from
there
to
an
identifiable
person,
through
fingerprinting.
Even if a specific device instance cannot be identified through fingerprinting, it may be possible to infer the type of a device from the information in the TD, such as the set of interactions, and use this type to infer private information about an identifiable person, such as a medical condition.
id
can
be
omitted.
If
the
Consumer
does
not
need
certain
interactions
for
its
use
case,
they
can
be
omitted.
If
the
Consumer
is
not
authorized
to
use
certain
interactions,
they
can
likewise
be
omitted.
The
value
of
the
id
field
of
a
TD
might
become
available
to
entities
that
do
not
have
access
to
the
full
TD.
If
the
value
of
the
id
contains
embedded
metadata,
such
as
the
type
of
the
device
or
the
owner,
this
could
be
used
to
infer
personal
information.
id
of
a
TD
SHOULD
NOT
contain
metadata
describing
the
Thing
or
from
the
TD
itself.
Any
temporary
ID
generated
to
manage
TDs,
for
example
an
ID
for
a
database
or
directory
service,
SHOULD
NOT
contain
metadata
describing
the
Thing
or
from
the
TD
itself.
Using
random
UUIDs
as
recommended
in
11.5
Globally
Unique
Identifiers
also
mitigates
this
risk.
Globally unique identifiers pose a privacy risk if a centralized authority is needed to create and distribute them, since then a third party has knowledge of the identifiers.
id
field
in
TDs
is
intentionally
not
required
to
be
globally
unique.
There
are
several
cryptographic
mechanisms
(e.g.
random
UUIDs)
available
to
generate
suitable
IDs
in
a
distributed
fashion
that
do
not
require
a
central
registry.
These
mechanisms
typically
have
a
very
low
probability
of
generating
duplicate
identifiers,
and
this
needs
to
be
taken
into
account
in
the
system
design;
for
example,
by
detecting
duplicates
and
regenerating
IDs
when
necessary.
The
scope
of
IDs
also
does
not
need
to
be
global:
it
is
acceptable
to
use
identifiers
that
only
distinguish
Things
in
a
certain
context,
such
as
within
a
home
or
factory.
TD
identifiers
SHOULD
be
generated
using
a
distributed
mechanism
such
as
UUIDs
that
provides
a
high
probability
of
uniqueness.
TD
identifiers
SHOULD
NOT
be
generated
using
a
centralized
authority.
In many locales, in order to protect the privacy of users, there are legal requirements for the handling of personally identifiable information, that is, information that can be associated with a particular person. Such information can of course be generated by IoT devices directly. However, the existence and metadata of IoT devices (the kind of data stored in a Thing Description) can also contain or be used to infer personally identifiable information. This information can be as simple as the fact that a certain person owns a certain type of device, which can lead to additional inferences about that person.
The cited section allows UTF-16 and UTF-32. We probably should state that only UTF-8 is allowed (8-bit compatible, RFC2045).
Rules for processing both conforming and non-conforming content are defined in this specification.
This has been updated to point to the TD 1.1 specification. Should we note that versions (and TDs vs. TMs) can be distinguished using information interior to the content?
We
may
want
to
explictly
allow
use
of
JSON
Pointer
as
a
fragment
identifier
[
RFC6901
].
There
is
in
fact
an
assertion
requiring
them
in
TMs
for
tm:optional
.
These
are
internal
references,
however,
so
we
might
not
have
to
allow
them
for
external
references.
By
default
the
json
media
type
does
not
support
a
fragment
identifier
but
td+json
could.
We have been using .td.jsonld and .tm.jsonld in testing. Should we also define these formally? If we are using the same media type for TMs, should we still have a distinct filename extension? If so, should we (also?) define .jsontm for consistency? Note: the IANA Considerations for HTML allows multiple suffixes, html and htm.
Should the contact be updated?
Rules for processing both conforming and non-conforming content are defined in this specification.
IANA assigns compact CoAP Content-Format IDs for media types in the CoAP Content-Formats subregistry within the Constrained RESTful Environments (CoRE) Parameters registry [ RFC7252 ]. The Content-Format ID for WoT Thing Description is 432 and for the WoT Thing Model is - (tbd).
This section is non-normative.
Feature list of the Thing :
Feature list of the Thing :
/illuminance
by
the
MQTT
broker
running
behind
the
address
192.168.1.187:1883
.Feature list of the Thing :
temperature
which
periodically
pushes
the
latest
temperature
value
to
the
Consumer
using
a
Webhook
mechanism,
where
the
Thing
sends
POST
requests
to
a
callback
URI
provided
by
the
Consumer
.
To
describe
this,
the
subscription
member
defines
a
write-only
parameter
callbackURL
,
which
must
be
submitted
through
the
subscribeevent
form.
The
read-only
parameter
subscriptionID
is
returned
by
the
subscription.
The
WebhookThing
will
then
periodically
POST
to
this
callback
URI
with
a
payload
defined
by
data
.
To
unsubscribe,
the
Consumer
has
to
submit
the
unsubscribeevent
form
with
the
subscriptionID
as
described
in
cancellation
.
Alternatively,
uriVariables
approache
can
be
used
that
informs
the
Consumer
to
include
the
subscriptionID
string
into
the
URI
that
have
to
be
called
with
the
delete
method
(see
tab
'With
uriVariables').
In
such
setup,
the
cancellation
container
can
be
obmitted.
In
general,
this
example
can
be
further
automated
by
using
a
TD
Context
Extension
to
include
proper
semantic
annotations
.
Instead
of
a
periodic
POST
request
to
the
Thing,
the
Consumer
may
provide
response
data
with
information
when
the
next
POST
request
should
be
provided
by
the
Thing.
This
is
described
by
using
the
dataResponse
field.
This section is non-normative.
A JSON Schema [ JSON-SCHEMA ] document for syntactically validating Thing Description instances serialized in JSON based format is available in the GitHub repository . This JSON Schema does not require the terms with Default Values to be present. Thus, the terms with Default Values are optional. (see also 5.4 Default Value Definitions )
The
Thing
Description
defined
by
this
document
allows
for
adding
external
vocabularies
by
using
@context
mechanism
known
from
JSON-LD
[
json-ld11
],
and
the
terms
in
those
external
vocabularies
can
be
used
in
addition
to
the
terms
defined
in
5.
TD
Information
Model
.
For
this
reason,
the
below
JSON
schema
is
intentionally
non-strict
in
that
regard.
You
can
replace
the
value
of
additionalProperties
schema
property
true
with
false
in
different
scopes/levels
in
order
to
perform
a
stricter
validation
in
case
no
external
vocabularies
are
used.
The
$id
field
in
the
JSON
Schemas
need
to
be
updated
to
a
static
URL
before
publication,
as
well
as
the
actual
link
pointing
to
the
schema.
This section is non-normative.
The
different
cases
on
the
variation
of
request
and
response
are
explained
at
5.3.4.2.2
Response-related
Terms
Usage
.
The
tables
below
summarize
these
cases
in
a
concise
manner.
The
tables
start
from
simpler
cases,
such
as
single
contentType
,
and
go
for
more
complex
cases,
such
as
multiple
contentType
s.
In
all
the
tables,
the
messages
are
seen
from
the
Thing
point
of
view,
where
input
means
messages
sent
from
Consumer
to
the
Thing
(e.g.,
request)
and
output
means
messages
sent
from
Thing
to
the
Consumer
(e.g.,
response).
The cases are numbered, which can be used to associate them with examples after the tables.
Case | Needed Terms | Explanation | Consumer Behavior | Thing Behavior |
---|---|---|---|---|
Case 1A: Input present, output not present |
contentType
inside
the
form
|
contentType
refers
only
to
the
input
|
|
|
Case 1B: Input not present, output present. |
contentType
inside
the
form.
|
contentType
refers
only
to
the
output.
|
|
|
Case
1C:
Input
and
output
present,
same
contentType
for
messages.
|
contentType
inside
the
form.
|
contentType
refers
both
to
input
and
output.
|
|
|
The
following
table
takes
into
account
further
variations
that
are
relevant
for
cases
where
an
operation
input
can
accept
different
contentType
s
or
the
output
can
return
different
contentType
s.
There
can
be
cases
where
an
Interaction
Affordance
has
multiple
forms.
Such
cases
with
multiple
forms
should
be
treated
as
a
combination
of
the
cases
in
the
table
above
and
below.
Case | Needed Terms | Explanation | Consumer Behavior | Thing Behavior |
---|---|---|---|---|
Case
2A:
Single
input
and
single
output
present,
different
contentType
for
messages.
|
contentType
and
response
inside
the
form.
response
has
contentType
with
a
different
value.
|
contentType
in
the
form
level
refers
to
the
input
and
contentType
in
the
response
(response-level)
refers
to
the
output
|
|
|
Case
2B:
Input
and
multiple
possible
outputs
present,
same
contentType
for
messages
|
contentType
and
additionalResponses
inside
the
form.
schema
in
the
additionalResponses
array
items
can
be
needed.
|
contentType
in
the
form
level
refers
to
the
input
and
the
normal
output.
additionalResponses
does
not
need
contentType
since
the
default
value
rule
applies.
This
is
the
same
case
(Case
1C)
as
there
is
actually
a
single
contentType
.
However,
there
can
be
different
Data
Schemas
delivered
in
the
output,
requiring
the
additionalResponses
and
schema
terms
in
the
form.
| See Case 1C | See Case 1C |
Case
2C:
Input
and
multiple
possible
outputs
present,
different
contentType
for
output
messages
|
contentType
,
additionalResponses
and
possibly
response
inside
the
form.
additionalResponses
needs
contentType
for
output
the
messages
with
different
contentType
s.
|
This
the
most
complicated
case
that
can
have
different
ways
to
be
described
in
a
TD.
contentType
in
the
form
level
refers
to
the
input
and
to
the
expected
output
if
the
output
is
of
the
same
contentType
(like
in
case
1C).
contentType
inside
response
refers
to
the
expected
output
if
the
output
is
of
a
different
contentType
(like
in
case
2A).
contentType
inside
additionalResponses
refers
to
other
possible
outputs.
|
|
|
This section is non-normative.
The
present
specification
introduces
the
TD
Information
Model
as
a
set
of
constraints
over
different
Vocabularies
,
i.e.
sets
of
Vocabulary
Terms
.
This
section
briefly
explains
how
a
machine-readable
definition
of
these
constraints
can
be
integrated
into
client
applications,
by
making
use
of
the
mandatory
@context
of
a
TD
document.
Accessing the TD Information Model from a TD document is done in two steps. First, clients must retrieve a mapping from JSON strings to IRIs. This mapping is defined as a JSON-LD context, as explained later. Second, clients can access the constraints defined on these IRIs by dereferencing them. Constraints are defined as logical axioms in the RDF format, readily interpretable by client programs.
All
Vocabulary
Terms
referenced
in
5.
TD
Information
Model
are
serialized
as
(compact)
JSON
strings
in
a
TD
document.
However,
each
of
these
terms
is
unambiguously
identified
by
a
full
IRI,
as
per
the
first
Linked
Data
principle
[
LINKED-DATA
].
The
mappings
from
JSON
keys
to
IRIs
is
what
the
@context
value
of
a
TD
points
to.
For
instance,
the
file
at
https://www.w3.org/2022/wot/td/v1.1
includes the following mappings (among others):
properties
| → |
https://www.w3.org/2019/wot/td#hasPropertyAffordance
|
object
| → |
https://www.w3.org/2019/wot/json-schema#ObjectSchema
|
basic
| → |
https://www.w3.org/2019/wot/security#BasicSecurityScheme
|
href
| → |
https://www.w3.org/2019/wot/hypermedia#hasTarget
|
... |
This
JSON
file
follows
the
JSON-LD
1.1
syntax
[
JSON-LD11
].
Numerous
JSON-LD
libraries
can
automatically
process
the
@context
of
a
TD
and
expand
all
the
JSON
strings
it
includes.
Once every Vocabulary Term of a TD is expanded to a IRI, the second step consists in dereferencing this IRI to get fragments of the TD Information Model that refer to that Vocabulary Term . For instance, dereferencing the IRI
https://www.w3.org/2019/wot/json-schema#ObjectSchema
results
in
an
RDF
document
stating
that
the
term
ObjectSchema
is
a
Class
and
more
precisely,
a
sub-class
of
DataSchema
.
Such
logical
axioms
are
represented
in
RDF
using
formalisms
of
various
complexity:
here,
sub-class
relations
are
expressed
as
RDF
Schema
axioms
[
RDF-SCHEMA
].
Moreover,
these
axioms
may
be
serialized
in
various
formats.
Here,
they
are
serialized
in
the
Turtle
format
[
TURTLE
]:
"nohighlight"><https://www.w3.org/2019/wot/json-schema#ObjectSchema>
a rdfs:Class .
<https://www.w3.org/2019/wot/json-schema#ObjectSchema>
rdfs:subClassOf
<https://www.w3.org/2019/wot/json-schema#DataSchema>
.
By
default,
if
a
user
agent
does
not
perform
any
content
negotiation,
a
human-readable
HTML
documentation
is
returned
instead
of
the
RDF
document.
To
negotiate
content,
clients
must
include
the
HTTP
header
Accept:
text/turtle
in
their
request.
device
flow
in
OAuth2SecurityScheme
was
removed,
together
with
its
associated
assertions.
SecurityScheme
additionalResponses
has
been
newly
added.
tm:required
changed
to
9.3.4
tm:optional
Thing
the
rules
for
@context
were
clarified
by
stating
that
TD
1.1
consumers
must
accept
TD
1.0
TDs.
ActionAffordance
the
term
synchronous
was
added.
NullSchema
it
was
clarified
that
null
does
not
mean
the
absence
of
a
value.
AutoSecurityScheme
with
the
corresponding
"scheme":
"auto"
was
added
to
indicate
that
the
security
parameters
are
going
to
be
negotiated
by
the
underlying
protocols
at
runtime.
Link
the
vocabulary
term
hreflang
was
added
that
to
specify
the
language
of
a
linked
document.
op
keywords.
tm:extends
and
the
import
mechanism
based
on
tm:ref
supports
transitive
extension.
application/tm+json
Media
Type
Registration
was
added
to
provide
Thing
Model
registration
information.
titles
and
descriptions
members
that
appear
in
sub-sections
5.3.1.1
Thing
,
5.3.1.2
InteractionAffordance
,
5.3.2.1
DataSchema
and
5.3.3.1
SecurityScheme
were
clarified.
Thing
:
op
member
of
a
Form
were
expanded.
forms
term
was
clarified.
@context
has
changed
in
Thing
Description
1.1.
@context
for
Thing
Description
1.1
to
be
able
to
be
consumed
by
TD
1.0
consumers
are
specified.
PropertyAffordance
:
ActionAffordance
:
op
member
of
a
Form
were
expanded.
DataSchema
:
unit
term
was
clarified.
contentEncoding
and
contentMediaType
were
moved
to
section
5.3.2.7
StringSchema
.
BasicSecurityScheme
,
the
assignment
of
the
in
member
was
clarified.
DigestSecurityScheme
,
the
assignment
of
the
in
and
qop
member
was
clarified.
APIKeySecurityScheme
,
the
assignment
of
the
in
member
was
clarified.
BearerSecurityScheme
,
the
assignment
of
the
alg
,
format
and
in
member
was
clarified.
Link
,
a
new
value
tm:submodel
was
added
to
the
table
describing
the
values
used
for
relation
types.
Form
:
op
term
was
clarified.
Values
subscribeallevents
,
unsubscribeallevents
,
queryallactions
,
queryaction
and
cancelaction
were
added
to
the
type
definition
of
op
term.
op
term.
PropertyAffordance
class's
observable
member
and
AdditionalExpectedResponse
class's
contentType
member.
@context
has
changed
in
Thing
Description
1.1.
securityDefinitions
and
security
:
flow
that
appears
in
Example
18
now
uses
client
as
a
value.
uriVariables
,
more
examples
were
added.
href
semantics.
tm:ref
was
clarified.
Changes from First Public Working Draft 24 November 2020 are described in the Second Public Working Draft .
The editors would like to specially thank Cristiano Aguzzi, Thomas Jäckle, Jan Romann, Elodie Thiéblin, Michael Koster, Michael Lagally, Kazuyuki Ashimura, Daniel Peintner, Toru Kawaguchi, María Poveda, Dave Raggett, Kunihiko Toumura, Takeshi Yamada, Ben Francis, Manu Sporny, Klaus Hartke, Addison Phillips, Jose M. Cantera, Tomoaki Mizushima, Soumya Kanti Datta and Benjamin Klotz for providing contributions, guidance and expertise.
Also, many thanks to the W3C staff and all other current and former active Participants of the W3C Web of Things Interest Group (WoT IG) and Working Group (WoT WG) for their support, technical input and suggestions that led to improvements to this document.
Finally, special thanks to Joerg Heuer for leading the WoT IG for 2 years from its inception and guiding the group to come up with the concept of WoT building blocks including the Thing Description.
Temporary ReSpec fix regarding non-listed references: [ RFC6068 ], [ RFC3966 ], [ html ], [ RFC6750 ], [ RFC7519 ], [ RFC7797 ], [ RFC8392 ], [ RFC7516 ], [ LDML ], [ SEMVER ], [ RFC7617 ], [ RFC7616 ]
Referenced in:
Referenced in:
Referenced in:
Referenced in:
Referenced in:
Referenced in:
Referenced in:
Referenced in:
Referenced in:
Referenced in:
Referenced in:
Referenced in:
Referenced in:
Referenced in:
Referenced in:
Referenced in:
Referenced in:
Referenced in:
Referenced in:
Referenced in:
Referenced in:
Referenced in:
Referenced in:
Referenced in:
Referenced in:
Referenced in: