Description
The Network Exposure Function (NEF) is a central component within the 5G Service-Based Architecture (SBA) of the 5G Core (5GC). It serves as the standardized, secure, and policy-controlled entry point for external Application Functions (AFs) to interact with the 3GPP network. Architecturally, the NEF is a network function (NF) that communicates with other core NFs (like the Policy Control Function (PCF), Unified Data Management (UDM), and Network Repository Function (NRF)) via standardized service-based interfaces (e.g., Nnef). Its primary role is to mediate between external, non-3GPP application layer protocols (typically RESTful APIs based on HTTP/JSON) and the internal 3GPP-specific service-based interfaces (e.g., using JSON over HTTP/2). This involves API translation, protocol conversion, and ensuring that external requests are properly authorized, authenticated, and compliant with network policies.
Functionally, the NEF provides two main capabilities: exposure and storage. For exposure, it offers a northbound API (often defined in 3GPP TS 29.522) that allows AFs to request network services, such as influencing traffic routing (e.g., via the Network Slice Selection Assistance Information (NSSAI)), subscribing to network events (like UE location changes, connectivity status, or communication failure), and accessing network analytics. The NEF validates these requests against subscriber profiles and network policies enforced by the PCF. For storage, the NEF can securely store structured data received from an AF as "application data" in the Unified Data Repository (UDR) for later use by other network functions, acting as a structured data gateway.
Internally, the NEF works by receiving an API request from an AF, authenticating and authorizing the AF (often in conjunction with the Network Repository Function (NRF) and Security Edge Protection Proxy (SEPP)), and then translating that request into the appropriate service-based interface operation towards the relevant internal NF. For example, an AF request to monitor a UE's reachability status would be translated by the NEF into a subscription request to the Access and Mobility Management Function (AMF). The NEF then acts as a proxy, forwarding relevant notifications from the AMF back to the AF. This abstraction shields the internal 3GPP network from direct external access, providing a layer of security, stability, and control while enabling rich service capabilities.
Purpose & Motivation
The NEF was created to address the fundamental challenge of "walled garden" networks in previous generations (2G/3G/4G), where network capabilities were largely inaccessible to external entities, stifling innovation and service differentiation. In 4G EPC, limited exposure was provided via the Service Capability Exposure Function (SCEF), but it was often complex and not fully standardized for all capabilities. The 5G vision of enabling vertical industries (e.g., automotive, IoT, manufacturing) and new business models required a more robust, scalable, and programmable exposure framework.
Its primary purpose is to solve the problem of secure and controlled network openness. It allows Mobile Network Operators (MNOs) to monetize their network assets by offering capabilities like QoS control, location services, and network status information to enterprise partners and third-party developers through well-defined APIs. This enables the creation of tailored services such as enhanced mobile broadband with guaranteed bitrates for video providers, low-latency communication for cloud gaming, or reliable connectivity slices for industrial IoT. Furthermore, the NEF addresses security and privacy concerns by centralizing all external interactions, ensuring that exposure is governed by operator-defined policies, user consent (where applicable), and regulatory requirements, preventing unauthorized access to sensitive network data and control functions.
Architecture
Detected Changes Across Releases
from 3GPP Change RequestsSpecific changes extracted from the „Change history“ tables of 3GPP specifications (301 CRs across 6 releases). Complements the general historical overview above with the evidence-based evolution of this function.
Studied in Rel-5, normative work from Rel-15.
In Release 15, the NEF was formally introduced with core services including Event Exposure and Structured Data for Exposure, establishing subscription and notification mechanisms. It defined a common API framework and detailed architectures for both non-roaming and roaming situations, while also specifying services like Chargeable party and AFsessionWithQoS. The release included numerous corrections and refinements to its service descriptions, OpenAPI definitions, HTTP error responses, and resource management features such as notification of resource deletion.
- Subscription for Structured Data for Exposure TS 29.519CR0022
- Non-roaming Architecture for Network Exposure Function in reference point representation TS 23.501CR0073
- Supporting Common API framework for NEF TS 23.501CR0124
- Subscription status notification for Event Exposure service TS 23.501CR0273
- NEF Services TS 23.501CR0367
- Network Exposure in Roaming Situations TS 23.501CR0493
+ 15 more changes
In Release 16, the NEF was enhanced with new capabilities including the integration with CAPIF for API management, the introduction of an Interworking-NEF (I-NEF) for service exposure in roaming and interworking scenarios, and support for NEF-based infrequent small data transfer via NAS. It also gained new services for provisioning service-specific parameters, exposing NWDAF analytics, and supporting enhanced location services and coverage restriction control.
- Integrated CAPIF with 3GPP EPS and 5GS network exposure TS 23.222CR0021
- 3rd party trust domain with network exposure and charging aspects of 3GPP systems TS 23.222CR0062
- Introduction of NEF based infrequent small data transfer via NAS TS 23.501CR0890
- Introduction of the SCEF+NEF TS 23.501CR0828
- NEF service for service specific parameter provisioning TS 23.501CR0878
- NEF service for NWDAF analytics TS 23.501CR0964
+ 24 more changes
In Release 17, the NEF's capabilities were expanded to support network exposure to Edge Application Servers (EAS) via a Local NEF and to expose time synchronization as a service. It also gained new functionalities for exposing UE application events and QoE metrics via an Application Function, and its service was utilized for the SEAL location service. Furthermore, enhancements were made for local NEF selection and discovery, and parameters were added for partitioning criteria in AF and SMF event exposure.
- Utilize NEF location service for SEAL LM TS 23.434CR0076
- KI#3A - TSC Assistance container determined by NEF TS 23.501CR2619
- KI#3B-1: Exposure of Time synchronization as a service TS 23.501CR2629
- Adding some parameters for local NEF selection TS 23.501CR2656
- Alignment of NWDAF discovery of data exposure capability in TS 23.501. TS 23.501CR2759
- Newly added parameters for Local NEF discovery TS 23.501CR2856
+ 70 more changes
In Release 18, the NEF saw significant enhancements focused on exposing new network capabilities and events to external applications. Key introductions included support for NAT (Network Address Translation) exposure, UPF event exposure for TSC (Time Sensitive Communication) management, and direct QNC (QoS Notification Control) exposure by the UPF. Furthermore, new exposure capabilities were defined for XR services, AI/ML services, NWDAF-assisted application detection, and the exposure of RAN measured data rates.
- TS 23.501 Enhancing External Exposure of Network Capability TS 23.501CR3715
- Update for UPF registration and event exposure related context concluded in FS_UPEAS TS 23.501CR3723
- Enhancements of PCF Services and NEF Services TS 23.501CR3796
- UPF event exposure service for TSC management TS 23.501CR3720
- Support of NAT exposure in 23.501 according to the conclusion in UPEAS TS 23.501CR3825
- Introduction of 5GS Information Exposure TS 23.501CR3887
+ 85 more changes
In Release 19, the NEF saw significant enhancements focused on new exposure capabilities and event reporting. Key additions included the exposure of user-sensitive information, value-added UE location, NAT information, static UE IP assignment details, and available data rate. The release also expanded event exposure support for UPF events using a UE's IP address, during UPF relocation and session release, and for AMF events supporting on-demand LCS broadcast, alongside comprehensive new support for energy consumption information exposure.
- Slice-based service API exposure TS 23.222CR0131
- Exposure of User Sensitive Information TS 23.222CR0228
- Exposure of value-added UE location information TS 23.434CR0311
- Adding the NAT information exposure and Packet Inspection functionality in the UPF NF profile TS 23.501CR5420
- Exposure enhancements for static UE IP address assignment and 5G VN group's User Plane Security Policy TS 23.501CR5492
- Supporting direct subscription of UPF event exposure using UE's IP address TS 23.501CR5540
+ 74 more changes
In Release 20, the NEF introduced new exposure capabilities specifically for energy-related information and policy. This included the exposure of an Energy Consumption Category and metrics such as Energy Consumption per bit via the Enabling Interface (EIF). Furthermore, the release defined the corresponding reference architecture for API exposure of this energy consumption information and its associated policy control.
Explore further
Broader topics and technologies where NEF plays a role.
Defining Specifications
3GPP specifications that define or reference NEF, with the latest known release. Sourced from the 3GPP document catalog — see methodology.
| Specification | Title | Release |
|---|---|---|
| TR 21.905 vj00 | 3GPP Technical Terms and Definitions | Rel-19 |
| TS 23.222 vj80 | Common API Framework for 3GPP Northbound APIs | Rel-19 |
| TS 23.434 vk00 | Service Enabler Architecture for Verticals | Rel-20 |
| TS 23.435 vj30 | Network Slice Capability Exposure Procedures | Rel-19 |
| TS 23.482 vk00 | AIML Enablement Service Architecture | Rel-20 |
| TS 23.501 vk00 | 5G System Architecture Stage 2 | Rel-20 |
| TS 23.527 vj50 | 5G System Restoration Procedures | Rel-19 |
| TS 23.558 vk00 | Architecture for Edge Applications | Rel-20 |
| TS 23.700 vk00 | XR Services Application Enablement Layer | Rel-20 |
| TR 23.745 vh00 | Study on App Layer Support for Factories of the Future in 5G | Rel-17 |
| TR 23.758 vh00 | Study on Edge Application Architecture | Rel-17 |
| TR 23.764 vh10 | Study on V2X Application Layer Enhancements | Rel-17 |
| TS 24.229 vj50 | IMS call control protocol based on SIP and SDP | Rel-19 |
| TS 24.542 vj00 | SEAL Notification Management Protocol | Rel-19 |
| TS 26.501 vj30 | 5G Media Streaming (5GMS) Architecture | Rel-19 |
| TS 26.502 vj30 | 5G Multicast-Broadcast User Services Architecture | Rel-19 |
| TS 26.510 vj10 | Media Delivery APIs for 5GMS and RTC Systems | Rel-19 |
| TS 26.512 vj10 | 5G Media Streaming Protocols & APIs | Rel-19 |
| TS 26.517 vj10 | 5G MBS User Service Protocols and Formats | Rel-19 |
| TS 26.531 vj00 | Data Collection & Reporting Architecture for 5G | Rel-19 |
| TS 26.532 vj00 | 5G Data Collection and Reporting API Specification | Rel-19 |
| TS 26.567 vj00 | IMS-based Split Rendering | Rel-19 |
| TS 26.802 vj20 | Multicast Enhancements for 5G Media Streaming | Rel-19 |
| TR 26.803 vh00 | 5G Media Streaming Extensions for Edge Processing | Rel-17 |
| TS 26.804 vj10 | 5G Media Streaming Extensions Study | Rel-19 |
| TR 26.806 vi00 | Technical Report on Smartly Tethering AR Glasses | Rel-18 |
| TS 26.891 vg00 | Media Distribution Services in 5G System | Rel-16 |
| TR 26.919 vj00 | Study on 5G Conversational Media Handling | Rel-19 |
| TR 26.928 vj00 | Study on eXtended Reality (XR) in 5G | Rel-19 |
| TR 26.942 vj00 | Study on Media Energy Consumption Exposure & Evaluation | Rel-19 |
| TS 28.802 vf00 | Management Study for 5G Network Architecture | Rel-15 |
| TR 28.816 vh00 | Charging for 5G Cellular IoT | Rel-17 |
| TR 28.833 vi01 | Technical Report on 5G LAN-type Service Management | Rel-18 |
| TR 28.843 vi10 | Technical Report on Charging Aspects for Vertical Scenarios | Rel-18 |
| TS 28.849 vj10 | CAPIF Phase2 Charging Study | Rel-19 |
| TS 28.851 vj10 | Charging for Next Gen Real Time Communication Phase 2 | Rel-19 |
| TS 28.879 vj10 | OAM for Service Management Exposure Study | Rel-19 |
| TS 29.122 vj40 | T8 Reference Point for Northbound APIs | Rel-19 |
| TS 29.175 vj40 | IMS AS Service-Based Interface Protocol | Rel-19 |
| TS 29.255 vj20 | USS Services for UAS in 5G | Rel-19 |
| TS 29.503 vj50 | UDM Service Based Interface Stage 3 | Rel-19 |
| TS 29.504 vj50 | Nudr Service Based Interface Stage 3 Protocol | Rel-19 |
| TS 29.508 vj40 | 5G Session Management Event Exposure Service | Rel-19 |
| TS 29.512 vj40 | 5G Session Management Policy Control Service | Rel-19 |
| TS 29.513 vj40 | 5G PCC Signalling Flows & QoS Mapping | Rel-19 |
| TS 29.514 vj40 | 5G System; Policy Authorization Service; Stage 3 | Rel-19 |
| TS 29.515 vj50 | Ngmlc Service Based Interface Protocol | Rel-19 |
| TS 29.517 vj40 | 5G AF Event Exposure Service Stage 3 | Rel-19 |
| TS 29.518 vj50 | AMF Service Based Interface Protocol | Rel-19 |
| TS 29.519 vj40 | UDR Usage for Policy & Exposure Data | Rel-19 |
| TS 29.520 vj40 | 5G Network Data Analytics Services Stage 3 | Rel-19 |
| TS 29.521 vj40 | 5G Binding Support Management Service Stage 3 | Rel-19 |
| TS 29.522 vj40 | 5G NEF Northbound APIs Stage 3 | Rel-19 |
| TS 29.523 vj20 | 5G Policy Control Event Exposure Service | Rel-19 |
| TS 29.530 vj00 | AF AI/ML Services Stage 3 Protocol | Rel-19 |
| TS 29.532 vj30 | MB-SMF Service Based Interface Protocol | Rel-19 |
| TS 29.534 vj20 | 5G Access & Mobility Policy Authorization Service | Rel-19 |
| TS 29.535 vj40 | 5G AKMA Anchor Services Stage 3 Protocol | Rel-19 |
| TS 29.536 vj30 | NSACF Service Based Interface Protocol | Rel-19 |
| TS 29.541 vj30 | NEF Service-Based Interfaces for NIDD & SMS | Rel-19 |
| TS 29.542 vj30 | SMF NIDD Service Based Interface Stage 3 | Rel-19 |
| TS 29.543 vj20 | 5G Data Transfer Policy Control Services Stage 3 | Rel-19 |
| TS 29.551 vj30 | 5G PFD Management Service Stage 3 | Rel-19 |
| TS 29.552 vj40 | 5G Network Data Analytics Signalling Flows | Rel-19 |
| TS 29.554 vj10 | 5G Background Data Transfer Policy Control Service | Rel-19 |
| TS 29.558 vj40 | Enabling Edge Applications | Rel-19 |
| TS 29.562 vj40 | HSS Services for IMS & GBA Interworking | Rel-19 |
| TS 29.564 vj50 | Nupf Service Based Interface Protocol | Rel-19 |
| TS 29.574 vj40 | 5G Data Collection Coordination Services Stage 3 | Rel-19 |
| TS 29.575 vj40 | 5G Analytics Data Repository Services Stage 3 | Rel-19 |
| TS 29.576 vj40 | 5G Messaging Framework Adaptor Services Stage 3 | Rel-19 |
| TS 29.581 vj20 | MBSTF Service Based Interface Protocol Specification | Rel-19 |
| TS 29.591 vj40 | 5G NEF Southbound Services Stage 3 | Rel-19 |
| TS 29.675 vj10 | UE Radio Capability Provisioning Service | Rel-19 |
| TS 29.889 vj10 | Study on UPF data collection for AI/ML | Rel-19 |
| TS 29.890 vg00 | CT3 5G System Technical Report | Rel-16 |
| TS 32.254 vj21 | Charging for Northbound APIs | Rel-19 |
| TS 32.255 vk10 | Telecom Management; Charging for 5G Data Connectivity | Rel-20 |
| TS 32.819 v800 | Element Management Layer OS Functions | Rel-8 |
| TS 32.899 vf10 | 5G Charging Architecture Study | Rel-15 |
| TS 33.127 vj50 | Lawful Interception Architecture and Functions | Rel-19 |
| TS 33.519 vk00 | 5G Security Assurance Specification (SCAS) for NEF | Rel-20 |
| TS 33.535 vj00 | 5G AKMA: Authentication and Key Management for Apps | Rel-19 |
| TR 33.739 vi10 | Study on security enhancement of support for | Rel-18 |
| TS 33.749 vj00 | Study on security aspects of edge computing enhancement | Rel-19 |
| TS 33.835 vg10 | Study on authentication and key management for apps | Rel-16 |
| TR 33.882 vi01 | Technical Report on 5G Security for Personal IoT Networks | Rel-18 |