Description
The User Authorization Request (UAR) is a critical Diameter command defined in the Cx interface specification (TS 29.229) between the I-CSCF (Interrogating Call Session Control Function) and the HSS (Home Subscriber Server) in the IP Multimedia Subsystem (IMS). It is a fundamental part of the IMS registration and session initiation procedures. When a User Equipment (UE) initiates contact with the IMS network, the initial SIP REGISTER request is routed to an I-CSCF. The I-CSCF, which does not have subscriber data, uses the UAR command to query the HSS for information necessary to route the request to the appropriate S-CSCF (Serving-CSCF) that will serve the user.
The UAR command carries specific Attribute-Value Pairs (AVPs) in its request, including the user's public identity (IMPU), private identity (IMPI), and the visited network identifier. Upon receiving the UAR, the HSS performs subscriber authentication and authorization checks. It verifies the user's subscription status, service profile, and determines whether the user is allowed to register in the requesting network. Based on this, the HSS responds with a User Authorization Answer (UAA) command. The UAA contains crucial routing information, such as the name (or capabilities) of the S-CSCF assigned to serve the user, or an indication that the I-CSCF should select an S-CSCF based on specific capabilities.
This mechanism ensures that IMS sessions are securely and efficiently routed. It enables load balancing across multiple S-CSCFs, supports roaming scenarios by authorizing access from visited networks, and forms the basis for subsequent Diameter transactions like the Location Information Request (LIR) and Server-Assignment Request (SAR). The UAR/UAA exchange is thus the first step in establishing a trusted dialog between the user and the IMS core, gatekeeping access to multimedia services like VoLTE, VoNR, and RCS.
Purpose & Motivation
The UAR command was created to address the fundamental need for a centralized, secure, and standardized authorization mechanism in the IMS architecture, which was introduced to deliver IP-based multimedia services over packet-switched networks. Before IMS and its defined Diameter interfaces, traditional telephony relied on SS7 signaling and HLRs for mobility, but there was no unified method for authorizing and routing SIP-based multimedia session requests in a scalable, carrier-grade manner.
The primary problem UAR solves is the stateless nature of the I-CSCF. The I-CSCF, often located at the network edge, acts as a gateway and does not maintain subscriber data. It needs a dynamic way to discover which S-CSCF should handle a specific user's registration or session. The UAR protocol provides this by querying the central subscriber database (HSS). This design separates routing logic from subscriber data, enhancing scalability, security, and flexibility. It allows for network architectures where S-CSCF pools can be dynamically selected based on load or capability, and it provides a single point of policy enforcement for user access at the HSS. Its creation was motivated by the need for a robust, extensible authentication and authorization framework that could support complex service delivery, roaming agreements, and interoperability between different vendors' network elements in a multi-service IP environment.
Key Features
- Diameter command used on the Cx interface between I-CSCF and HSS
- Carries user identities (IMPU, IMPI) for authorization checks
- Triggers HSS to verify user subscription and service profile
- Returns routing information (S-CSCF name or capabilities) in the response
- Fundamental to IMS registration and initial session routing procedures
- Supports roaming scenarios through visited network identifier checks
Evolution Across Releases
Defining Specifications
| Specification | Title |
|---|---|
| TS 23.380 | 3GPP TS 23.380 |