Copyright © 2020-2021 W3C® (MIT, ERCIM, Keio, Beihang). W3C liability, trademark and permissive document license rules apply.
The WoT Profile Specification defines a Profiling Mechanism and a WoT Core Profile, which enables out of the box interoperability among things and devices. Out of the box interoperability implies, that devices can be integrated into various application scenarios without deep level adaptations. Typically only minor configuration operations are necessary (such as entering a network key, or IP address) to use the device in a certain scenario. These actions can be done by anyone without specific training.
The WoT Core Profile defines a set of constraints and rules, which compliant thing descriptions have to adopt to guarantee interoperability.These rules are prescriptive, to ensure that compliant implementations satisfy the semantic guarantees implied by them. We call this set of rules a Profile.
The WoT Profile Specification as defined in this document serves two purposes:
This document incudes a binding of the core data model to HTTP(S) and selected notification sub-protocols. The core data model can be bound to other protocols - it is expected that bindings to other protocols (e.g. MQTT, CoAP) will be defined in the near future.
A TD that is compliant to the core profile MUST adhere to both the constraints on the data model and the protocol binding.
Devices that constrain their use of the Thing Description to the WoT Core Profile can interoperate with each other out-of-the-box.
Note that the core profile is not exclusive. Device implementers are free to adopt other features of the thing description that go beyond the constraints of the core profile, however the interoperability guarantees of the core profile hold only for the WoT Core Profile subset.
The W3C WoT Thing Architecture [wot-architecture] and WoT Thing Description [wot-thing-description] define a powerful description mechanism and a format to describe myriads of very different devices, which may be connected over various protocols. The format is very flexible and open and puts very few normative requirements on devices that implement it.
However, this flexibility de-facto prevents interoperability, since, without additional rules, it allows implementers to make many choices that do not provide guarantees of common behavior between implementations.
This section describes the status of this document at the time of its publication. Other documents may supersede this document. A list of current W3C publications and the latest revision of this technical report can be found in the W3C technical reports index at https://www.w3.org/TR/.
This document was published by the Web of Things Working Group as an Editor's Draft.
Comments regarding this document are welcome. Please send them to public-wot-wg@w3.org (subscribe, archives).
Publication as an Editor's Draft does not imply endorsement by the W3C Membership.
This is a draft document and may be updated, replaced or obsoleted by other documents at any time. It is inappropriate to cite this document as other than work in progress.
This document was produced by a group operating under the 1 August 2017 W3C Patent Policy. W3C maintains a public list of any patent disclosures made in connection with the deliverables of the group; that page also includes instructions for disclosing a patent. An individual who has actual knowledge of a patent which the individual believes contains Essential Claim(s) must disclose the information in accordance with section 6 of the W3C Patent Policy.
This document is governed by the 15 September 2020 W3C Process Document.
The W3C WoT Architecture [wot-architecture] and the WoT Thing Description [wot-thing-description] have been developed as a versatile format, that allows describing the interactions between multiple devices and protocols.
This flexibility permits an easy integration of new device types and protocols, however it risks interoperability, since there are no guarantees that two devices which are formally spec-compliant, will be able to communicate.
To increase adoption of the WoT specifications, interoperability between on premise devices, edge devices and the cloud is essential. Even if every manufacturer is implementing the current Thing Description specification in full flexibility, there is no interoperability guarantee; many choices are still left to the implementations and there are very few normative requirements that a device has to fulfill.
A Thing Description can be used in two fundamentally different deployment scenarios:
For green field deployments, where the implementations are being carried out and corresponding thing descriptions are being created, it is easier to achieve full interoperability by using a small, extensible Core Profile.
In the brown field area, due to the nature of existing deployments and protocols, a broad spectrum of variations and potentially high complexity of thing descriptions inhibits interoperability and will most likely lead to additional profiles of the WoT Thing Description and domain-specific thing consumer implementations.
The WoT Core Profile can be used by green field deployments and gives guidance to new implementers of the WoT specifications. It has already proved in brown-field scenarios in the PlugFests, where existing devices, that already existed as products, prototypes or demonstrators, were described with Thing Descriptions that are constrained to the Core Profile.
During the recent WoT PlugFests there were many de-facto agreements on the use of a small constrained subset of interaction patterns and protocol choices. These de-facto agreements select a common subset of the WoT Thing Description, based on proven interoperability among manufacturers.
The aim of this specification is to formalize these agreements by defining a WoT Core Profile based on the choices that were made by the implementers of PlugFest devices.
The WoT Core Profile contains additional normative requirements that MUST be satisfied by devices to be compliant to the profile.
Adoption of the WoT Core Profile will significantly limit the implementation burden of device and cloud implementors.
The WoT Core Profile was defined with the following main goals:
It makes choices on the required metadata fields as well as the supported interactions and protocol endpoints. It introduces some constraints on data schemas for properties and actions which are required for resource constrained devices in real-world deployments. The format does not forbid the use of additional elements of the WoT Thing Description for vendor specific extensions, however this will impact interoperability.
Devices, which implement the Core Profile, are out-of-the-box interoperable with other Core Profile compliant devices. Furthermore, the Core Profile simplifies device validation and compliance testing since a corresponding conformance test suite can be defined.
As well as sections marked as non-normative, all authoring guidelines, diagrams, examples, and notes in this specification are non-normative. Everything else in this specification is normative.
The key words MAY, MUST, MUST NOT, NOT RECOMMENDED, RECOMMENDED, and SHOULD in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.
A device or consumer implementation complies with this specification if it follows the normative statements in the present document.
A JSON Schema [JSON-SCHEMA] to validate the compliance of a Thing Description with the core profile is provided in Appendix § 5.5 JSON Schema of the Core Profile.
This specification uses the same terminology as the WoT Architecture and Thing Description specifications.
For convenience of the reader, we use the terms keyword and field for the linguistic notion vocabulary term as defined in the Thing Description Specification.
We use the terms device and thing in an interchangeable manner.
This section describes a generic mechanism to define a profile of the WoT Thing Description in a unambiguous way.
The W3C WoT Thing Description specification defines a formal language, i.e. a set of vocabulary terms (keywords), a set of classes that are built from these keywords, and a set of additional rules, that define constraints on permitted values and keyword presence (mandatory / optional) dependent on the context where the keyword is used. In addition the WoT Thing Description specification defines relationships and corresponding cardinalities between these classes.
The WoT Thing Description specification already has some constraints, but there is a wide variety of variations that are left to the interpretation or the discretion of an implementer. The rationale for the Core Profile is not to forbid complex things, rather to enable statements like:
A profile is a set of constraints and rules, which provide additional semantic guarantees that are applied to the WoT Thing Description specification. These constraints define a subset of valid WoT Thing Descriptions by defining additional rules on various aspects of the WoT Thing Description specification.
Constraints on | Rationale | Example |
---|---|---|
vocabulary of Thing Description classes | guaranteed set of metadata fields | Make specific vocabulary terms mandatory, remove others |
class relationships | unambiguous structure | limited cardinality, e.g. only one form per operation per interaction affordance. |
values of vocabulary terms | simplified processing | Limit the length of characters per string. Always use arrays, where the spec permits a string or an array of strings. |
data schemas | simplified processing | No arbitrary nested objects or arrays of arrays |
security | reduced implementation effort | Only a restricted set of security mechanisms |
protocol binding | guaranteed protocol semantics | limited protocol(s) and protocol features, Example: predefined mapping of http verbs (GET/PUT) to operation verbs, similar constraints for other protocols. |
These constraints and rules fall into two categories:
These two categories are orthogonal to each other, i.e. a data model that conforms to a profile can be mapped to different protocols. The protocol binding for each protocol may contain additional (protocol-specific) constraints.
A profile is not exclusive, i.e. a thing may conform to multiple profiles. Profiles can build on top of each other or overlap, extended profiles can be built on top of the core profile.
This specification does not put any requirements on the scope and contents of other profiles.
In the present document, we define a Core Profile by defining a Core Data Model and a set of Protocol Binding Rules for selected protocols.
The core data model incorporates the data model defined by chapter 5 of the Thing Description specification. The normative rules defined by that data model are the baseline for the definition of the core data model and are normative for the core data model. A core profile compliant implementation MUST additionally satisfy the requirements of this chapter.
The following rules are applicable to multiple classes of the WoT Thing Description Specification, as they provide clearer semantics, improved readability and simplified processing on resource constrained devices.
One of the primary benefits of the WoT Thing Description over a typical IoT format is the additional documentation for a human reader.
Therefore, the fields
title
and
description
are MANDATORY for Things, Property Affordances,
Action Affordances, Event Affordances and Data
Schemas.
It is possible to have empty values for these fields, if, for specific purposes it is not desired to provide documentation, however this is NOT RECOMMENDED and the conscious decision is obvious from the TD.
The length of
id
,
description
and
descriptions
values is limited to 512 characters.
The length of
title
and
titles
values is limited to 64 characters.
Where a type permits using an
array of string
or a
string
, an
array of string
MUST be used.
TODO: decide if multiple types and contexts are required.
In this case the following section could be added:
The only exception to this rule are @context
and @type
annotations,
where both string
or array of string
MAY be used.
Where a type permits using an
array of DataSchema
or a
DataSchema
, an
array of DataSchema
MUST be used.
All elements of an
enum
MUST be either
string
or
number
. Different types in a single
enum
are NOT PERMITTED.
To provide minimum interoperability, the following metadata fields of a Thing MUST be contained in a compliant Thing Description:
keyword | type | remarks |
---|---|---|
title | string | human readable documentation |
id | urn_type | a globally unique urn of the thing |
description | string | human readable documentation |
created | date | human readable documentation |
modified | date | human readable documentation |
support | urn_type | human readable documentation |
security | array of string | simplified handling |
version | VersionInfo | clear versioning, easy to compare different TDs |
It is RECOMMENDED to use the value "" for strings, where the value cannot be determined.
If a Thing Description is used solely within a company, the email address of the developer SHOULD be used in the support field, if the Thing Description is provided externally, a support email address SHOULD be used.
It will be evaluated whether the profile also recommends some new TD terms that may be introduced in TD 1.1. Currently the following terms are discussed: serialNumber, hardwareRevision, softwareRevision, loc_latitude, loc_longitude loc_altitude, loc_height, and loc_depth. If these, or some of them, are defined in the TD 1.1 model, they may be recommended here in one of the next draft updates.
Data Schemas are used for the values of Properties, Action input and output parameters and Event message payloads. The value of a Data Schema can be a simple type (boolean, integer, number, string) or an instance of a structured type (array and object).
The Core Data Model applies the following constraints and rules to theDataSchema
class of section 5.3.2.1 of the WoT Thing Description
Specification.
This section defines a subset of the class
DataSchema
that can be processed on resource-constrained
devices.
The Core Data Model restricts the use of
arrays and objects to the top level
of Data Schemas, i.e. only a one-level hierarchy is
permitted. The members of a top level
object
or
array
MUST NOT be array or object types.
This may appear as a severe limitation, however it is motivated by integrating with multiple cloud services. Many enterprise services and applications are based on (relational) databases, where individual property values are stored. Of course databases can also store objects (e.g. encoded as a JSON string), however this will prevent processing by other enterprise applications.
If a property conceptually has a deeper structure, such as grid of lamps with RGB colors, the structure can be represented in the keyword of the property, i.e. lamp1_color_r, lamp1_color_g and lamp1_color_b. A similar mapping can be done for arrays and hierarchical objects. This constraint leads to simpler Thing Descriptions that can be handled by very limited devices.
The following fields MUST be contained in a DataSchema:
keyword | type | constraints |
---|---|---|
description | human readable description | |
type | string | one of boolean, integer, number, string, array or object |
The values
object
,
array
MAY only be used at the top level of a Data Schema.
The type value MUST NOT be null
.
PropertyAffordance
class of section 5.3.1.3 of the WoT Thing Description Specification.
The following property fields MUST be contained
in the
properties
element of a Profile compliant TD:
keyword | type | constraints |
---|---|---|
title | string | unique name among all properties |
description | string | human readable description |
type | string | one of boolean ,
string ,
number , integer
, object or
array . The type value
null MUST NOT be used.
|
The Thing Description permits arbitrary
object depths for properties. Parsing of a
deeply nested structure is not possible on
resource constrained devices. Therefore each
property MUST NOT exceed a maximum depth
of 5 levels of nested
array
or
object
elements. It is RECOMMENDED to keep the nesting
of these elements below 4.
The following additional constraints MUST be applied to the Property Affordances of a Thing Description conforming to the Core Profile:
keyword | type | constraint |
---|---|---|
const | anyType | MUST NOT be used |
enum | array of simple type | Values of enums MAY only be simple types. Handling of any type is too complex to implement on resource constrained devices |
forms | array of Forms | The Array of Form
of each property MUST contain only a
single endpoint for each
operation readproperty
, writeproperty , observeproperty
, unobserveproperty .
|
format | string | If the field format
is used, only formats defined in
section 7.3.1-7.3.6 of
[JSON-SCHEMA] MAY be used.
|
oneOf | string | The DataSchema field oneOf
does not make sense for properties
and MUST NOT be used.
|
uriVariables | Map of DataSchema | uriVariables MUST NOT be used. |
It is highly RECOMMENDED to always specify a
unit
, if a value has a metric. Authors of Thing
Descriptions should be aware, that units
that are common in their geographic region are
not globally applicable and may lead to
misinterpretation with drastic consequences.
The field
unit
could be used for non-decimal numeric types as
well, e.g. a string value with binary or hex
data (
0xCAFEBABE
,
0b01000010
), where the unit is
hex
or
bin
, to indicate how the value should be
interpreted. It is strongly RECOMMENDED to use
the values
hex
,
oct
or
bin
in this case to achieve interoperability.
ActionAffordance
class of section 5.3.1.4 of the WoT Thing Description Specification.
The following fields MUST be contained in an action element of an Core Profile compliant TD:
keyword | type | constraints |
---|---|---|
title | string | unique name among all actions |
input | array of DataSchema | all elements of the subclasses objectSchema and dataSchema MUST only contain simple types. |
output | array of DataSchema | all elements of the subclasses objectSchema and dataSchema MUST only contain simple types. |
The elements of the DataSchema subclasses
ArraySchema and ObjectSchema for the fields
input
and
output
are restricted to simple types in a Thing
Description conforming to the Core
Data Model. Without this limitation a higher
implementation burden would be put on resource
constrained devices (arbitrary cascaded arrays
and multi-level objects) which cannot be
satisfied by all consuming devices.
The following additional constraints MUST be applied to the Interaction Affordances of a Thing Description conforming to the Core Data Model:
keyword | type | constraint |
---|---|---|
forms | array of Forms | The Array of Form
of each action MUST contain only a single
endpoint.
|
format | string | If the field format
is used, only formats defined in
section 7.3.1-7.3.6 of
[JSON-SCHEMA] MAY be used.
|
oneOf | string | The DataSchema field oneOf
does not make sense for properties
and MUST NOT be used.
|
uriVariables | Map of DataSchema | uriVariables MUST NOT be used. |
TODO:
- no optional parameters
- timeout
EventAffordance
class of section 5.3.1.5 of the WoT Thing Description Specification.
A Thing may provide more than one event mechanism to enable a variety of consumers.
TODO:
The events section needs to be signifcantly extended and define addtional constraints to ensure OOTBI. LongPoll, WebSockets and WebHooks can be considered as initial candidates for supported protocols for the event mechanism to identify appropriate data model constraints.
The individual protocol constraints need to be defined in a respective protocol binding chapter after they have been identified/evaluated in plugfests.
The following fields MUST be present in an event element of a Core TD:
keyword | type | constraints |
---|---|---|
title | string | unique name among all events |
description | string | human readable description |
data | set of DataSchema instances in a JSON object | only the DataSchema subclasses booleanSchema, IntegerSchema, NumberSchema, StringSchema are permitted |
The following additional constraints MUST be applied to the Event Affordances of a WoT Thing Description conforming to the profile:
keyword | type | constraint |
---|---|---|
forms | array of Forms | The Array of Form
of each event MUST contain only a single
endpoint.
|
uriVariables | Map of DataSchema | uriVariables MUST NOT be used. |
A Thing may provide more than one event mechanism to enable a variety of consumers.
The following fields MUST be present in a form element of a Core TD:
keyword | type | constraints |
---|---|---|
title | string | unique name among all events |
description | string | human readable description |
data | set of DataSchema instances in a JSON object | only the DataSchema subclasses booleanSchema, IntegerSchema, NumberSchema, StringSchema are permitted |
The following additional constraints MUST be applied to the Form elements of a WoT Thing Description conforming to the Core profile:
keyword | type | constraint |
---|---|---|
security | string or Array of string | security at form
level MUST NOT be used. |
scopes | string or Array of string | scopes MUST NOT be
used. |
The "type" relationship as defined in chapter 6 of [RFC6903] is reserved for indicating an instance relationship between a thing and a thing template. The Core Data Model does not put additional constraints or requirements on links. The interpretation of a link is out of scope.
The Core Data Model defines a subset of the security schemes that MAY be implemented on resource constrained devices. A security scheme MUST be defined at the thing level. The security scheme is applied to the thing as a whole, a thing may adopt multiple security schemes.
The set of security schemes supported in the Core Data Model is based on the PlugFest results. To ensure interoperability, a TD consumer, which compliant with the Core Data Model MUST support all of the following security schemes:
When using the "no security" or "Basic Auth" security schemes it is strongly recommended to use transport layer encryption.
This section defines a protocol binding which describes how a Consumer communicates with a Web Thing [wot-architecture] using JSON [JSON] payloads over the HTTP [HTTP11] protocol.
A Consumer or Web Thing conforming to the WoT Core Profile MUST implement this protocol binding.
readproperty
The URL of a Property
resource to be used when reading
the value of a property MUST be obtained from a Canonical TD by
locating a
Form
inside the corresponding
PropertyAffordance
for which the value of its op
member is
readproperty
and the
URI
scheme [RFC3986] of the value of its href
member
is http
or https
.
In order to read the value of a property, a Consumer MUST send an HTTP request to a Web Thing with:
GET
Property
resourceAccept
header set to application/json
GET /things/lamp/properties/on HTTP/1.1
Host: mythingserver.com
Accept: application/json
If a Web Thing receives an HTTP request following the format above and the Consumer has permission to read the corresponding property, then upon successfully reading the value of the property it MUST send an HTTP response with:
200
Content-Type
header set to application/json
HTTP/1.1 200 OK
Content-Type: application/json
false
writeproperty
The URL of a Property
resource to be used when writing
the value of a property MUST be obtained from a Canonical TD by
locating a
Form
inside the corresponding
PropertyAffordance
for which the value of its op
member is
writeproperty
and the
URI
scheme [RFC3986] of the value of its href
member
is http
or https
.
In order to write the value of a property, a Consumer MUST send an HTTP request to a Web Thing with:
PUT
Property
resourceAccept
header set to application/json
Content-Type
header set to application/json
PUT /things/lamp/properties/on HTTP/1.1
Host: mythingserver.com
Content-Type: application/json
Accept: application/json
true
If a Web Thing receives an HTTP request following the format above and the Consumer has permission to write the corresponding property, then upon successfully writing the value of the property it MUST send an HTTP response with:
204
HTTP/1.1 204 No Content
readallproperties
The URL of a Properties
resource to be used when
reading the value of all properties at once MUST be obtained from a
Canonical TD by locating a
Form
inside the top level
forms
member
for which the value of its op
member is
readallproperties
and the
URI
scheme [RFC3986] of the value of its href
member
is http
or https
.
In order to read the value of all properties, a Consumer MUST send an HTTP request to a Web Thing with:
GET
Properties
resource
Accept
header set to application/json
GET /things/lamp/properties HTTP/1.1
Host: mythingserver.com
Accept: application/json
If a Web Thing receives an HTTP request following the format above, then upon successfully reading the values of all the readable properties to which the Consumer has permission to access, it MUST send an HTTP response with:
200
Content-Type
header set to application/json
HTTP/1.1 200 OK
Content-Type: application/json
{
"on": false,
"level": 100
}
writemultipleproperties
The URL of a Properties
resource to be used when
writing the value of multiple properties at once MUST be obtained
from a Canonical TD by locating a
Form
inside the top level
forms
member
for which the value of its op
member is
writemultipleproperties
and the
URI
scheme [RFC3986] of the value of its href
member
is http
or https
.
In order to write the value of multiple properties at once, a Consumer MUST send an HTTP request to a Web Thing with:
PUT
Properties
resource
Content-Type
header set to application/json
Accept
header set to application/json
PUT /things/lamp/properties HTTP/1.1
Host: mythingserver.com
Content-Type: application/json
Accept: application/json
{
"on": true,
"level": 50
}
If a Web Thing receives an HTTP request following the format above, then upon successfully writing the values of the requested writable properties it MUST send an HTTP response with:
204
HTTP/1.1 204 No Content
Other operations under consideration include
observeproperty
, unobserveproperty
,
observeallproperties
and
unobserveallproperties
.
These operations would require consesus on a default observe mechanism for HTTP (e.g. Server Sent Events or WebSockets).
readmultipleproperties
is currently excluded due to
the complexities of the request payload format and because it
doesn't add much functionality over readproperty
and
readallproperties
.
writeallproperties
is currently excluded because it
is just a special case of writemultipleproperties
.
invokeaction
The URL of an Action
resource to be used when invoking
an action MUST be obtained from a Canonical TD by locating a
Form
inside the corresponding
ActionAffordance
for which the value of its op
member is
invokeaction
and the
URI
scheme [RFC3986] of the value of its href
member
is http
or https
.
In order to invoke an action on a Web Thing, a Consumer MUST send an HTTP request to the Web Thing with:
POST
Action
resourceAccept
header set to application/json
Content-Type
header set to application/json
POST /things/lamp/actions/fade HTTP/1.1
Host: mythingserver.com
Content-Type: application/json
Accept: application/json
{
"level": 100,
"duration": 5
}
If a Web Thing receives an HTTP request following the format above and the Consumer has permission to invoke the corresponding action, then upon successfully invoking the action it MUST send an HTTP response with:
The response to invoking an action needs to be defined. Given not all actions can be completed within the timeout period of an HTTP response, this may need to include a reference to an action request resource in an action queue (see #302).
queryaction
, updateaction
and
cancelaction
. These operations do not yet exist in
the WoT Thing Description specification (see
#302
).
Other operations under consideration include
subscribeevent
, unsubscribeevent
,
subscribeallevents
, unsubscribeallevents
,
readpastevents
and readallpastevents
.
subscribeevent
, unsubscribeevent
,
subscribeallevents
and
unsubscribeallevents
would require consensus on a
default event subscription mechanism for HTTP (e.g. Server Sent
Events or WebSockets).
subscribeallevents
and
unsubscribeallevents
do not yet exist in the WoT Thing
Description specification (see
#1082
).
readpastevents
and readallpastevents
do
not yet exist in the WoT Thing Description specification (see
#892
).
If any of the operations defined above are unsuccessful then the Web Thing MUST send an HTTP response with an HTTP error code which describes the reason for the failure. It is RECOMMENDED that error responses use one of the following HTTP error codes:
400 Bad Request
401 Unauthorized
403 Forbidden
404 Not Found
500 Internal Server Error
Web Things MAY respond with other valid HTTP error codes
(e.g. 418 I'm a teapot
), but Consumers MAY interpret
those error codes as a generic 4xx
or 5xx
error with no special defined behaviour.
If we define the finite set of error responses as above then we should also define what a Consumer should do if it receives a 3xx redirect type response.
If an HTTP error response contains a body, the content of that body MUST conform with with the Problem Details format [RFC7807].
The default representation is JSON. Semantic annotations based on JSON-LD MAY be present but are not required to perform all interactions with the thing instance.
A canonical representation serves multiple purposes. It is simplifying the parsing process, enables to identify equivalent TDs by simple string comparisons. Furthermore it allows the use of a simple signing mechanism, such as Linked Data Proofs or JSON Web Signatures [RFC7515] and enables identity checks on encrypted TDs.
The canonical JSON representation format of a TD adopts the JSON Canonicalization Scheme (JCS) defined by 6292.
A Thing Description can be syntactically validated with the JSON Schema [JSON-SCHEMA] for compliance with the core profile.
Todo: Define a JSON-SCHEMA.
Referenced in:
Referenced in:
Referenced in:
Referenced in: