This document describes a formal information model and a common representation for a Web of Things (WoT) Thing Description Next Version. A Thing Description describes the metadata and interfaces of Things, where a Thing is an abstraction of a physical or virtual entity that provides interactions to and participates in the Web of Things. Thing Descriptions provide a set of interactions based on a small vocabulary that makes it possible both to integrate diverse devices and to allow diverse applications to interoperate. Thing Descriptions, by default, are encoded in a JSON format that also allows JSON-LD processing. The latter provides a powerful foundation to represent knowledge about Things in a machine-understandable way. A Thing Description instance can be hosted by the Thing itself or hosted externally when a Thing has resource restrictions (e.g., limited memory space) or when a Web of Things-compatible legacy device is retrofitted with a Thing Description. Furthermore, this document introduces the Thing Model, which allows authors to describe only the model or class of an Internet of Things (IoT) entity. Thing Models can be seen as a template for Thing Description instances, but with reduced constraints such as no or few requirements for specific communication metadata.

This specification continues the work of [[WOT-THING-DESCRIPTION11]] with no guarantees on backwards compatibility. In case of no backwards compatibility, there will be concrete guidelines for implementers to migrate to the new version.

Namespaces used in TDs
Vocabulary	Namespace IRI
Core	`https://www.w3.org/2019/wot/td#`
Data Schema	`https://www.w3.org/2019/wot/json-schema#`
Security	`https://www.w3.org/2019/wot/security#`
Hypermedia Controls	`https://www.w3.org/2019/wot/hypermedia#`

Namespaces used in TMs
Vocabulary	Namespace IRI
Thing Model	`https://www.w3.org/2022/wot/tm#`

TD Information Model

This section introduces the TD Information Model. The TD Information Model serves as the conceptual basis for the processing of Thing Descriptions and their serialization, which is described separately in .

Overview

The TD Information Model is built upon the following, independent Vocabularies:

the core TD Vocabulary, which reflects the Interaction Model with the Properties, Actions, and Events Interaction Affordances [[wot-architecture11]]
the Data Schema Vocabulary, including (a subset of) the terms defined by JSON Schema [[?JSON-SCHEMA]]
the WoT Security Vocabulary, identifying security mechanisms and requirements for their configuration
the Hypermedia Controls Vocabulary, encoding the main principles of RESTful communication using Web links and forms

Each of these Vocabularies is essentially a set of Terms that can be used to build data structures, interpreted as objects in the traditional object-oriented sense. Objects are instances of classes and have properties. In the context of W3C WoT, they denote Things and their Interaction Affordances. A formal definition of objects is given in . The main elements of the TD Information Model are then presented in . Certain object properties may be omitted in a TD when Default Values exist. A list of defaults is given in .

The UML diagram shown next gives an overview of the TD Information Model. It represents all classes as tables and the associations that exist between classes, starting from the class Thing, as directed arrows. For the sake of readability, the diagram was split in four parts, one for each of the four base Vocabularies.

UML diagram of the TD information model for the TD core vocabulary — TD core vocabulary

UML diagram of the TD information model for the Data schema vocabulary — Data schema vocabulary

UML diagram of the TD information model for the WoT security vocabulary — WoT security vocabulary

UML diagram of the TD information model for the hypermedia controls vocabulary — Hypermedia controls vocabulary

Preliminaries

To provide a model that can be easily processed by both, simple rules on a tree-based document (i.e., raw JSON processing) and rich Semantic Web tooling (i.e., JSON-LD processing), this document defines the following formal preliminaries to construct the TD Information Model accordingly.

All definitions in this section refer to sets, which intuitively are collections of elements that can themselves be sets. All arbitrarily complex data structures can be defined in terms of sets. In particular, an Object is a data structure recursively defined as follows:

a Term, which may or may not belong to a Vocabulary, is an Object.
a set of name-value pairs where the name is a Term and the value is another Object, is also an Object.

Though this definition does not prevent Objects to include multiple name-value pairs with the same name, they are generally not considered in this specification. An Object whose elements only have numbers as names is called an Array. Similarly, an Object whose elements only have Terms (that do not belong to any Vocabulary) as names is called a Map. All names appearing in some name-value pair in a Map are assumed to be unique within the scope of the Map.

Moreover, Objects can be instances of some Class. A Class, which is denoted by a Vocabulary Term, is first defined by a set of Vocabulary Terms called a Signature. A Class whose Signature is empty is called a Simple Type.

The Signature of a Class allows to construct two functions that further define Classes: an Assignment Function and a Type Function. The Assignment Function of a Class takes a Vocabulary Term of the Class's Signature as input and returns either true or false as output. Intuitively, the Assignment Function indicates whether an element of the Signature is mandatory or optional when instantiating the Class. The Type Function of a Class also takes a Vocabulary Term of the Class's Signature as input and returns another Class as output. These functions are partial: their domain is limited to the Signature of the Class being defined.

On the basis of these two functions, an Instance Relation can be defined for a pair composed of an Object and a Class. This relation is defined as constraints to be satisfied. That is, an Object is an instance of a Class if the two following constraints are both satisfied:

if for every Term for which the Assignment Function of the Class returns true, the Object includes a name-value pair with the Vocabulary Term as name.
if for every Vocabulary Term in the Signature of the Class used as name in some name-value pair of the Object, the value of that pair is an instance of the Class returned by the Type Function of the Class for the given Vocabulary Term.

According to the definition above, an Object would be an instance of every Simple Type, regardless of its structure. Instead, another definition for the Instance Relation is introduced for Simple Types: an Object is an instance of a Simple Type if it is a Term with a given lexical form (e.g., true, false for the boolean type, 1, 2, 3, ... for the unsignedInt type, etc.).

Moreover, additional Classes, called Parameterized Classes, can be derived from the generic Map and Array structures. An Object is a Map of some Class, that is, an instance of the Map type parameterized with some Class, if it is a Map such that the value in all the name-value pairs it contains is an instance of this Class. The same applies to Arrays.

Finally, a Class is a Subclass of some other Class if every instance of the former is also an instance of the latter.

Given all definitions above, the TD Information Model is to be understood as a set of Class definitions, which include a Class name (a Vocabulary Term), a Signature (a set of Vocabulary Terms), an Assignment Function, and a Type Function. These Class definitions are provided as tables in . For each table, the values "mandatory" (respectively, "optional") in the assignment column indicates that the Assignment Function returns true (respectively, false) for the corresponding Vocabulary Term.

By convention, Simple Types are denoted by names starting with lowercase. The TD Information Model references the following Simple Types defined in XML Schema [[XMLSCHEMA11-2-20120405]]: string, anyURI, dateTime, integer, unsignedInt, double, and boolean. Their definition (i.e., the specification of their lexical form) is outside of the scope of the TD Information Model.

In addition, the TD Information Model defines a global function on pairs of Vocabulary Terms. The function takes a Class name and another Vocabulary Term as input and returns an Object. If the returned Object is different from null, it represents the Default Value for some assignment on the input Vocabulary Term in an instance of the input Class. This function allows to relax the constraint defined above on the Assignment Function: an Object is an instance of a Class if it includes all mandatory assignments or if Default Value exist for the missing assignments. All Default Values are given in the table of . In each table of , the assignment column contains the value "with default" if a Default Value is available for the corresponding combination of Class and Vocabulary Term in the TD Information Model.

The formalization introduced here does not consider the possible relation between Objects as abstract data structures and physical world objects such as Things. However, care was given to the possibility of re-interpreting all Vocabulary Terms involved in the TD Information Model as RDF resources, so as to integrate them in a larger model of the physical world (an ontology). For details about semantic processing, please refer to and the documentation under the namespace IRIs, e.g., https://www.w3.org/2019/wot/td.

Class Definitions

A TD Processor MUST satisfy the Class instantiation constraints on all Classes defined in , , , and .

In particular, note that all vocabulary terms and values are case sensitive. This is also true for the serialization of the information model (Section ).

Core Vocabulary Definitions

`Thing`

An abstraction of a physical or a virtual entity whose metadata and interfaces are described by a WoT Thing Description, whereas a virtual entity is the composition of one or more Things.

Vocabulary Terms in Thing Level
Vocabulary term	Description	Assignment	Type
`@context`	JSON-LD keyword to define short-hand names called terms that are used throughout a TD document.	mandatory	`anyURI` or Array
`@type`	JSON-LD keyword to label the object with semantic tags (or types).	optional	`string` or Array of `string`
`id`	Identifier of the Thing in form of a URI [[RFC3986]] (e.g., stable URI, temporary and mutable URI, URI with local IP address, URN, etc.).	optional	`anyURI`
`title`	Provides a human-readable title (e.g., display a text for UI representation) based on a default language.	mandatory	any type
`titles`	Provides multi-language human-readable titles (e.g., display a text for UI representation in different languages). Also see MultiLanguage.	optional	Map of `MultiLanguage`
`description`	Provides additional (human-readable) information based on a default language.	optional	`string`
`descriptions`	Can be used to support (human-readable) information in different languages. Also see MultiLanguage.	optional	Map of `MultiLanguage`
`version`	Provides version information.	optional	`VersionInfo`
`created`	Provides information when the TD instance was created.	optional	`dateTime`
`modified`	Provides information when the TD instance was last modified.	optional	`dateTime`
`support`	Provides information about the TD maintainer as URI scheme (e.g., `mailto` [[RFC6068]], `tel` [[RFC3966]], `https` [[RFC9112]]).	optional	`anyURI`
`base`	Define the base URI that is used for all relative URI references throughout a TD document. In TD instances, all relative URIs are resolved relative to the base URI using the algorithm defined in [RFC3986]. `base` does not affect the URIs used in `@context` and the IRIs used within Linked Data [LINKED-DATA] graphs that are relevant when semantic processing is applied to TD instances.	optional	`anyURI`
`properties`	All Property-based Interaction Affordances of the Thing.	optional	Map of `PropertyAffordance`
`actions`	All Action-based Interaction Affordances of the Thing.	optional	Map of `ActionAffordance`
`events`	All Event-based Interaction Affordances of the Thing.	optional	Map of `EventAffordance`
`links`	Provides Web links to arbitrary resources that relate to the specified Thing Description.	optional	Array of `Link`
`forms`	Set of form hypermedia controls that describe how an operation can be performed. Forms are serializations of Protocol Bindings. Thing level forms are used to describe endpoints for a group of interaction affordances.	optional	Array of `Form`
`security`	Set of security definition names, chosen from those defined in `securityDefinitions`. These must all be satisfied for access to resources.	mandatory	`string` or Array of `string`
`securityDefinitions`	Set of named security configurations (definitions only). Not actually applied unless names are used in a `security` name-value pair.	mandatory	Map of `SecurityScheme`
`profile`	Indicates the WoT Profile mechanisms followed by this Thing Description and the corresponding Thing implementation.	optional	`anyURI` or Array of `anyURI`
`schemaDefinitions`	Set of named data schemas. To be used in a `schema` name-value pair inside an `AdditionalExpectedResponse` object.	optional	Map of `DataSchema`
`uriVariables`	Define URI template variables according to [[RFC6570]] as collection based on DataSchema declarations. The Thing level `uriVariables` can be used in Thing level `forms` or in Interaction Affordances. The individual variables DataSchema cannot be an ObjectSchema or an ArraySchema since each variable needs to be serialized to a string inside the `href` upon the execution of the operation. If the same variable is both declared in Thing level `uriVariables` and in Interaction Affordance level, the Interaction Affordance level variable takes precedence.	optional	Map of `DataSchema`

For @context the following rules are defined for Thing Description instances:

The @context name-value pair MUST contain the anyURI https://www.w3.org/2022/wot/td/v1.1 in order to identify the document as a TD 1.1 which would allow Consumers to use the newly introduced terms.
When there are possibly TD 1.0 consumers the anyURI https://www.w3.org/2019/wot/td/v1 MUST be the first entry and the https://www.w3.org/2022/wot/td/v1.1 MUST be the second entry.
TD 1.1 consumers MUST accept TDs satisfying the W3C WoT Thing Description 1.0 [[wot-thing-description10]] specification.
When @context is an Array, the anyURI https://www.w3.org/2022/wot/td/v1.1 MAY be followed by elements of type anyURI or type Map in any order, while it is RECOMMENDED to include only one Map with all the name-value pairs in the @context Array.
Maps contained in an @context Array MAY contain name-value pairs, where the value is a namespace identifier of type anyURI and the name a Term or prefix denoting that namespace.
One Map contained in an @context Array SHOULD contain a name-value pair that defines the default language for the Thing Description, where the name is the Term @language and the value is a well-formed language tag as defined by [BCP47] (e.g., en, de-AT, gsw-CH, zh-Hans, zh-Hant-HK, sl-nedis).

To determine the base direction of all human-readable text in Thing Description and Thing Model instances this specification recommends to follow the [[STRING-META]] guideline about string-specific directional information when no built-in mechanism for associating base direction metadata is available.

TD Processors should be aware of certain special cases when processing bidirectional text. TD Processors SHOULD take care to use bidi isolation when presenting strings to users, particularly when embedding in surrounding text (e.g., for Web user interface). Mixed direction text can occur in any language, even when the language is properly identified.

TD producers SHOULD attempt to provide mixed direction strings in a way that can be displayed successfully by a naive user agent. For example, if an RTL string begins with an LTR run (such as a number or a brand or trade name in Latin script), including an RLM character at the start of the string or wrapping opposite direction runs in bidi controls can assist in proper display.

Strings on the Web: Language and Direction Metadata [string-meta] provides some guidance and illustrates a number of pitfalls when using bidirectional text.

In addition to the explicitly provided Interaction Affordances in the properties, actions, and events Maps, a Thing can also provide meta-interactions, which are indicated by Form instances in its optional forms Array. When the forms Array of a Thing instance contains Form instances, it MUST contain op member with the string values assigned to the name op, either directly or within an Array, MUST be one of the following operation types: readallproperties, writeallproperties, readmultipleproperties, writemultipleproperties, observeallproperties, unobserveallproperties, queryallactions, subscribeallevents, or unsubscribeallevents. (See an example for an usage of form in a Thing instance.)

The data schema for each of the property meta-interactions is constructed by combining the data schemas of each PropertyAffordance instance in a single ObjectSchema instance, where the properties Map of the ObjectSchema instance contains each data schema of the PropertyAffordances identified by the name of the corresponding PropertyAffordances instance.

If not specified otherwise (e.g., through a TD Context Extension), the request data of the readmultipleproperties operation is an Array that contains the intended PropertyAffordances instance names, which is serialized to the content type specified by the Form instance.

`InteractionAffordance`

Metadata of a Thing that shows the possible choices to Consumers, thereby suggesting how Consumers may interact with the Thing. There are many types of potential affordances, but W3C WoT defines three types of Interaction Affordances: Properties, Actions, and Events.

Vocabulary Terms in InteractionAffordance Level
Vocabulary term	Description	Assignment	Type
`@type`	JSON-LD keyword to label the object with semantic tags (or types).	optional	`string` or Array of `string`
`title`	Provides a human-readable title (e.g., display a text for UI representation) based on a default language.	optional	`string`
`titles`	Provides multi-language human-readable titles (e.g., display a text for UI representation in different languages). Also see MultiLanguage.	optional	Map of `MultiLanguage`
`description`	Provides additional (human-readable) information based on a default language.	optional	`string`
`descriptions`	Can be used to support (human-readable) information in different languages. Also see MultiLanguage.	optional	Map of `MultiLanguage`
`forms`	Set of form hypermedia controls that describe how an operation can be performed. Forms are serializations of Protocol Bindings. The array cannot be empty.	mandatory	Array of `Form`
`uriVariables`	Define URI template variables according to [[RFC6570]] as collection based on DataSchema declarations. The individual variables DataSchema cannot be an ObjectSchema or an ArraySchema since each variable needs to be serialized to a string inside the `href` upon the execution of the operation. If the same variable is both declared in Thing level `uriVariables`and in Interaction Affordance level, the Interaction Affordance level variable takes precedence.	optional	Map of `DataSchema`

The class InteractionAffordance has the following subclasses:

`PropertyAffordance`

An Interaction Affordance that exposes state of the Thing. This state can then be retrieved (read) and/or updated (write). Things can also choose to make Properties observable by pushing the new state after a change.

Vocabulary Terms in PropertyAffordance Level
Vocabulary term	Description	Assignment	Type
`observable`	A hint that indicates whether Servients hosting the Thing and Intermediaries should provide a Protocol Binding that supports the `observeproperty` and `unobserveproperty` operations for this Property.	with default	`boolean`

Property instances are also instances of the class DataSchema. Therefore, it can contain the type, unit, readOnly and writeOnly members, among others.

PropertyAffordance is a Subclass of the InteractionAffordance Class and the DataSchema Class. When a Form instance is within a PropertyAffordance instance, the value assigned to op MUST be one of readproperty, writeproperty, observeproperty, unobserveproperty or an Array containing a combination of these terms.

It is considered to be good practice that each observeproperty has a corresponding unobserveproperty unless the protocol supports implicit unsubscription mechanisms (e.g., heartbeat to detect connection loss).

The observation mechanism depends on the underlying protocol or sub-protocol. Having said that, it is not guaranteed that the current Property value will be provided once the subscription is initiated. Hence, it may be necessary to read the current Property value before/after the subscription to get a first value.

`ActionAffordance`

An Interaction Affordance that allows to invoke a function of the Thing, which manipulates state (e.g., toggling a lamp on or off) or triggers a process on the Thing (e.g., dim a lamp over time).

Vocabulary Terms in ActionAffordance Level
Vocabulary term	Description	Assignment	Type
`input`	Used to define the input data schema of the Action.	optional	`DataSchema`
`output`	Used to define the output data schema of the Action.	optional	`DataSchema`
`safe`	Signals if the Action is safe (=true) or not. Used to signal if there is no internal state (cf. resource state) is changed when invoking an Action. In that case responses can be cached as example.	with default	`boolean`
`idempotent`	Indicates whether the Action is idempotent (=true) or not. Informs whether the Action can be called repeatedly with the same result, if present, based on the same input.	with default	`boolean`
`synchronous`	Indicates whether the action is synchronous (=true) or not. A synchronous action means that the response of action contains all the information about the result of the action and no further querying about the status of the action is needed. Lack of this keyword means that no claim on the synchronicity of the action can be made.	optional	`boolean`

ActionAffordance is a Subclass of the InteractionAffordance Class. When a Form instance is within an ActionAffordance instance, the value assigned to op MUST either be invokeaction, queryaction, cancelaction or an Array containing a combination of these terms.

`EventAffordance`

An Interaction Affordance that describes an event source, which asynchronously pushes event data to Consumers (e.g., overheating alerts).

Vocabulary Terms in EventAffordance Level
Vocabulary term	Description	Assignment	Type
`subscription`	Defines data that needs to be passed upon subscription, e.g., filters or message format for setting up Webhooks.	optional	`DataSchema`
`data`	Defines the data schema of the Event instance messages pushed by the Thing.	optional	`DataSchema`
`dataResponse`	Defines the data schema of the Event response messages sent by the consumer in a response to a data message.	optional	`DataSchema`
`cancellation`	Defines any data that needs to be passed to cancel a subscription, e.g., a specific message to remove a Webhook.	optional	`DataSchema`

EventAffordance is a Subclass of the InteractionAffordance Class. When a Form instance is within an EventAffordance instance, the value assigned to op MUST be either subscribeevent, unsubscribeevent, or both terms within an Array.

It is considered to be good practice that each subscribeevent has a corresponding unsubscribeevent unless the protocol supports implicit unsubscription mechanisms (e.g., heartbeat to detect connection loss).

EventAffordances are similar to observable PropertyAffordances in the sense that the Thing itself informs interested Consumers about state changes. However, a main difference of EventAffordances is that not every change of the associated resource needs to trigger an event message to be emitted, e.g. a critical threshold for a numeric value. Furthermore, EventAffordances allow for more complex subscribing and unsubscribing mechanisms via the definition of subscription, dataResponse, and cancellation DataSchema definitions. Not all protocols might support these more advanced mechanisms, however, which is why in some scenarios, events may be very similar to observable PropertyAffordances. In these cases, the choice between a Property and a Event for modelling the Affordance should be made based on the semantics of the underlying resource; for example, if the state of the affordance is also supposed to be read or written by a Consumer, then a Property is most likely the appropriate choice.

`VersionInfo`

Metadata of a Thing that provides version information about the TD document. If required, additional version information such as firmware and hardware version (term definitions outside of the TD namespace) can be extended via the TD Context Extension mechanism.

Vocabulary Terms in VersionInfo Level
Vocabulary term	Description	Assignment	Type
`instance`	Provides a version indicator of this TD.	mandatory	`string`
`model`	Provides a version indicator of the underlying TM.	optional	`string`

It is recommended that the values within instances and model of the VersionInfo Class follow the semantic versioning pattern, where a sequence of three numbers separated by a dot indicates the major version, minor version, and version, respectively. See [SEMVER] for details.

`MultiLanguage`

A Map providing a set of human-readable texts in different languages identified by language tags described in [[BCP47]]. See for example usages of this container in a Thing Description instance.

Each name of the MultiLanguage Map MUST be a language tag as defined in [[!BCP47]]. Each value of the MultiLanguage Map MUST be of type string.

Data Schema Vocabulary Definitions

A data schema is an abstract notation for data contained in data formats.

The data schema vocabulary definition reflects a very common subset of the terms defined by JSON Schema [[?JSON-SCHEMA]]. A JSON Schema [[?JSON-SCHEMA]] processor for JSON Schema draft 7 can consume a data schema. It is noted that data schema definitions within Thing Description instances are not limited to this defined subset and may use additional terms found in JSON Schema using a TD Context Extension for the additional terms as described in , otherwise these terms are semantically ignored by TD Processors (for details about semantic processing, please refer to and the documentation under the namespace IRIs, e.g., https://www.w3.org/2019/wot/td).

In a TD, concrete data formats are specified in Forms (see ) using content types. When the value of a content type in an instance of the Form is application/json, the data schema can be processed directly by JSON Schema processors. Otherwise, Web of Things (WoT) Binding Templates [[?WOT-BINDING-TEMPLATES]] defines data schema's available mappings to other content types such as XML [[?xml]]. If the content type in an instance of the Form is not application/json and if no mapping is defined for the content type, specifying a data schema does not make sense for the content type.

The following table contains content types which MAY use data schema to describe the structure of their payloads.

Content types that can use a Data Schema
Format	Content Type
JSON/CBOR	`application/json` `application/ld+json` `application/senml+json` `application/cbor` `application/senml+cbor`
XML/EXI	`application/xml` `application/senml+xml` `application/exi` `application/senml-exi`

`DataSchema`

Metadata that describes the data format used. It can be used for validation.

Vocabulary Terms in DataSchema Level
Vocabulary term	Description	Assignment	Type
`@type`	JSON-LD keyword to label the object with semantic tags (or types)	optional	`string` or Array of `string`
`title`	Provides a human-readable title (e.g., display a text for UI representation) based on a default language.	optional	`string`
`titles`	Provides multi-language human-readable titles (e.g., display a text for UI representation in different languages). Also see MultiLanguage.	optional	Map of `MultiLanguage`
`description`	Provides additional (human-readable) information based on a default language.	optional	`string`
`descriptions`	Can be used to support (human-readable) information in different languages. Also see MultiLanguage.	optional	Map of `MultiLanguage`
`const`	Provides a constant value.	optional	any type
`default`	Supply a default value. The value SHOULD validate against the data schema in which it resides.	optional	any type
`unit`	Provides unit information that is used, e.g., in international science, engineering, and business. To preserve uniqueness, it is recommended that the value of the unit points to a semantic definition (also see Section Semantic Annotations).	optional	`string`
`oneOf`	Used to ensure that the data is valid against one of the specified schemas in the array. This can be used to describe multiple input or output schemas.	optional	Array of `DataSchema`
`enum`	Restricted set of values provided as an array.	optional	Array of any type
`readOnly`	Boolean value that is a hint to indicate whether a property interaction / value is read only (=true) or not (=false).	with default	`boolean`
`writeOnly`	Boolean value that is a hint to indicate whether a property interaction / value is write only (=true) or not (=false).	with default	`boolean`
`format`	Allows validation based on a format pattern such as "date-time", "email", "uri", etc. (Also see below.)	optional	`string`
`type`	Assignment of JSON-based data types compatible with JSON Schema (one of boolean, integer, number, string, object, array, or null).	optional	`anyURI` (one of `object`, `array`, `string`, `number`, `integer`, `boolean`, or `null`)

The class DataSchema has the following subclasses:

The format string values are known from a fixed set of values and their corresponding format rules defined in [JSON-SCHEMA] (Section 7.3 Defined Formats in particular). Servients MAY use the format value to perform additional validation accordingly. When a value that is not found in the known set of values is assigned to format, such a validation SHOULD succeed.

Vocabulary terms typed as any type (e.g., const, default) follow data types compatible with JSON Schema (boolean, integer, number, string, object, array, or null).

The format term is not widely implemented by JSON Schema tools. In addition, the term format is being discussed by the JSON Schema standardisation community and may be replaced by another mechanism or removed in a future JSON Schema version.

`ArraySchema`

Metadata describing data of type Array. This Subclass is indicated by the value array assigned to type in DataSchema instances.

Vocabulary Terms in ArraySchema Level
Vocabulary term	Description	Assignment	Type
`items`	Used to define the characteristics of an array.	optional	`DataSchema` or Array of `DataSchema`
`minItems`	Defines the minimum number of items that have to be in the array.	optional	`unsignedInt`
`maxItems`	Defines the maximum number of items that have to be in the array.	optional	`unsignedInt`

`BooleanSchema`

Metadata describing data of type boolean. This Subclass is indicated by the value boolean assigned to type in DataSchema instances.

`NumberSchema`

Metadata describing data of type number. This Subclass is indicated by the value number assigned to type in DataSchema instances.

Vocabulary Terms in NumberSchema Level
Vocabulary term	Description	Assignment	Type
`minimum`	Specifies a minimum numeric value, representing an inclusive lower limit. Only applicable for associated number or integer types.	optional	`double`
`exclusiveMinimum`	Specifies a minimum numeric value, representing an exclusive lower limit. Only applicable for associated number or integer types.	optional	`double`
`maximum`	Specifies a maximum numeric value, representing an inclusive upper limit. Only applicable for associated number or integer types.	optional	`double`
`exclusiveMaximum`	Specifies a maximum numeric value, representing an exclusive upper limit. Only applicable for associated number or integer types.	optional	`double`
`multipleOf`	Specifies the multipleOf value number. The value must strictly greater than 0. Only applicable for associated number or integer types.	optional	`double`

`IntegerSchema`

Metadata describing data of type integer. This Subclass is indicated by the value integer assigned to type in DataSchema instances.

Vocabulary Terms in IntegerSchema Level
Vocabulary term	Description	Assignment	Type
`minimum`	Specifies a minimum numeric value, representing an inclusive lower limit. Only applicable for associated number or integer types.	optional	`integer`
`exclusiveMinimum`	Specifies a minimum numeric value, representing an exclusive lower limit. Only applicable for associated number or integer types.	optional	`integer`
`maximum`	Specifies a maximum numeric value, representing an inclusive upper limit. Only applicable for associated number or integer types.	optional	`integer`
`exclusiveMaximum`	Specifies a maximum numeric value, representing an exclusive upper limit. Only applicable for associated number or integer types.	optional	`integer`
`multipleOf`	Specifies the multipleOf value number. The value must strictly greater than 0. Only applicable for associated number or integer types.	optional	`integer`

`ObjectSchema`

Metadata describing data of type Object. This Subclass is indicated by the value object assigned to type in DataSchema instances.

Vocabulary Terms in ObjectSchema Level
Vocabulary term	Description	Assignment	Type
`properties`	Data schema nested definitions.	optional	Map of `DataSchema`
`required`	Defines which members of the object type are mandatory, i.e. which members are mandatory in the payload that is to be sent (e.g. input of `invokeaction`, `writeproperty`) and what members will be definitely delivered in the payload that is being received (e.g. output of `invokeaction`, `readproperty`)	optional	Array of `string`

`StringSchema`

Metadata describing data of type string. This Subclass is indicated by the value string assigned to type in DataSchema instances.

Vocabulary Terms in StringSchema Level
Vocabulary term	Description	Assignment	Type
`minLength`	Specifies the minimum length of a string. Only applicable for associated string types.	optional	`unsignedInt`
`maxLength`	Specifies the maximum length of a string. Only applicable for associated string types.	optional	`unsignedInt`
`pattern`	Provides a regular expression to express constraints of the string value. The regular expression must follow the [[ECMA-262]] dialect.	optional	`string`
`contentEncoding`	Specifies the encoding used to store the contents, as specified in [[RFC2045]] (Section 6.1) and [[RFC4648]].	optional	`string` (e.g., `7bit`, `8bit`, `binary`, `quoted-printable`, `base16`, `base32`, or `base64`)
`contentMediaType`	Specifies the MIME type of the contents of a string value, as described in [[RFC2046]].	optional	`string` (e.g., `image/png`, or `audio/mpeg`)

The length of a string (i.e., minLength and maxLength) is defined as the number of Unicode code points, as defined by [[RFC8259]]. Note that some user-perceived characters are composed of more than one Unicode code point. Arbitrary index values might not fall on these grapheme boundaries, so truncation according to maxLength might alter the appearance or meaning of the string.

`NullSchema`

Metadata describing data of type null. This subclass is indicated by the value null assigned to type in DataSchema instances. This Subclass describes only one acceptable value, namely null. It is important to note that null does not mean the absence of a value. It is analogous to null in JavaScript, None in Python, null in Java and nil in Ruby programming languages. It can be used as part of a oneOf declaration, where it is used to indicate, that the data can also be null.

Security Vocabulary Definitions

This specification provides a selection of well-established security mechanisms that are directly built into protocols eligible as Protocol Bindings for W3C WoT or are widely in use with those protocols. The current set of HTTP security schemes is partly based on OpenAPI 3.0.1 (see also [[?OPENAPI]]). However while the HTTP security schemes, Vocabulary, and syntax given in this specification share many similarities with OpenAPI, they are not compatible.

Generally, security schemes require some form of secure transport to be effective, such as TLS or DTLS. Requirements for the use of secure transport are given in Section in this document and in the Security Considerations section of [[wot-architecture11]].

`SecurityScheme`

Metadata describing the configuration of a security mechanism. The value assigned to the name scheme MUST be defined within a Vocabulary included in the Thing Description, either in the standard Vocabulary defined in § 5. TD Information Model or in a TD Context Extension.

For all security schemes, any keys, passwords, or other sensitive information directly providing access MUST NOT be stored in the TD and should instead be shared and stored out-of-band via other mechanisms. The purpose of a TD is to describe how to access a Thing if and only if a Consumer already has authorization, and is not meant be used to grant that authorization.

Each security scheme object used in a TD defines a set of requirements to be met before access can be granted. We say a security scheme is satisfied when all its requirements are met. In some cases requirements from multiple security schemes will have to be met before access can be granted.

Security schemes generally may require additional authentication parameters, such as a password or key. The location of this information is indicated by the value associated with the name in, often in combination with the value associated with name. The value associated with in can take one of the following values:

header:: The parameter will be given in a header provided by the protocol, with the name of the header provided by the value of name.
query:: The parameter will be appended to the URI as a query parameter, with the name of the query parameter provided by name.
body:: The parameter will be provided in the body of the request payload, with the data schema element used provided by name. When used in the context of a body security information location, the value of name MUST be in the form of a JSON pointer [[!RFC6901]] relative to the root of the input DataSchema for each interaction it is used with. Since this value is not a fragment identifier, and is not relative to the root of the TD but to whichever data schemas the security scheme is bound to, this value should not start with #; it is a "pure" JSON pointer. Since this value is not a fragment identifier, it also does not need to URL-encode special characters. The targeted element may or may not already exist at the specified location in the referenced object or array schema (consequently the mechanism is not applicable to simple types). If it does not, it will be inserted. This avoids having to duplicate definitions in the data schemas of every interaction. When an element of a data schema indicated by a JSON pointer indicated in a body locator does not already exist in the indicated schema, it MUST be possible to insert the indicated element at the location indicated by the pointer. The JSON pointer used in the body locator MAY use the "-" character to indicate a non-existent array element when it is necessary to insert an element after the last element of an existing array. The element referenced (or created) by a body security information location MUST be required and of type "string". If name is not given, it is assumed the entire body is to be used as the security parameter.
cookie:: The parameter is stored in a cookie identified by the value of name.
uri:: The parameter is embedded in the URI itself, which is encoded in the relevant interaction using a URI template variable defined by the value of name. This is more general than the query mechanism but more complex. The value uri SHOULD be specified for the name in in a security scheme only if query is not applicable. The URIs provided in interactions where a security scheme using uri as the value for in MUST be a URI template including the defined variable.
auto:: The location is determined as part of the protocol, or negotiated. If a value of auto is set for the in field of a SecurityScheme, then the name field SHOULD NOT be set. In this case, the application of the SecurityScheme is subject to the respective specification for the given protocol (e.g. [[!RFC8288]] when using the BasicSecurityScheme with HTTP).

If multiple parameters are needed for a security scheme, repeat the security scheme definition for each parameter and combine them using a combo security scheme and allOf. In some cases parameters may not actually be secret but a user may wish to leave them out of the TD to help protect privacy. As an example of this, some security mechanisms require both a client identifier and a secret key. In theory, the client identifier is public however it may be hard to update and pose a tracking risk. In such a case it can be provided as an additional security parameter so it does not appear in the TD.

The names of URI variables declared in a SecurityScheme MUST be distinct from all other URI variables declared in the TD.

Vocabulary Terms in SecurityScheme Level
Vocabulary term	Description	Assignment	Type
`@type`	JSON-LD keyword to label the object with semantic tags (or types).	optional	`string` or Array of `string`
`description`	Provides additional (human-readable) information based on a default language.	optional	`string`
`descriptions`	Can be used to support (human-readable) information in different languages. Also see MultiLanguage.	optional	Map of `MultiLanguage`
`proxy`	URI of the proxy server this security configuration provides access to. If not given, the corresponding security configuration is for the endpoint.	optional	`anyURI`
`scheme`	Identification of the security mechanism being configured.	mandatory	`string` (e.g., `nosec`, `combo`, `basic`, `digest`, `bearer`, `psk`, `oauth2`, `apikey`, or `auto`)

The class SecurityScheme has the following subclasses:

`NoSecurityScheme`

A security configuration corresponding to identified by the Vocabulary Term nosec (i.e., "scheme": "nosec"), indicating there is no authentication or other mechanism required to access the resource.

`AutoSecurityScheme`

An automatic authentication security configuration identified by the term auto (i.e., "scheme": "auto"). This scheme indicates that the security parameters are going to be negotiated by the underlying protocols at runtime, subject to the respective specifications for the protocol (e.g. [[!RFC8288]] for Basic Authentication when using HTTP).

`ComboSecurityScheme`

A combination of other security schemes identified by the Vocabulary Term combo (i.e., "scheme": "combo"). Elements of this scheme define various ways in which other named schemes defined in securityDefinitions, including other ComboSecurityScheme definitions, are to be combined to create a new scheme definition. Exactly one of either oneOf or allOf vocabulary terms MUST be included.Only security scheme definitions which can be used together can be combined with allOf. For example, it is not possible in general to combine different OAuth 2.0 flows together using allOf unless one applies to a proxy and one to the endpoint. Note that when multiple named security scheme definitions are listed in a security field the same semantics apply as in an allOf combination (and the same limitations on allowable combinations). The oneOf combination is equivalent to using different security schemes on forms that are otherwise identical. In this sense a oneOf scheme is not an essential feature but it does avoid redundancy in such cases.

Vocabulary Terms in ComboSecurityScheme Level
Vocabulary term	Description	Assignment	Type
`oneOf`	Array of two or more strings identifying other named security scheme definitions, any one of which, when satisfied, will allow access. Only one may be chosen for use.	mandatory	Array of `string`
`allOf`	Array of two or more strings identifying other named security scheme definitions, all of which must be satisfied for access.	mandatory	Array of `string`

`BasicSecurityScheme`

Basic Authentication [RFC7617] security configuration identified by the Vocabulary Term basic (i.e., "scheme": "basic"), using an unencrypted username and password.

Vocabulary Terms in BasicSecurityScheme Level
Vocabulary term	Description	Assignment	Type
`name`	Name for query, header, cookie, or uri parameters.	optional	`string`
`in`	Specifies the location of security authentication information.	with default	`string` (one of `header`, `query`, `body`, `cookie`, or `auto`)

`DigestSecurityScheme`

Digest Access Authentication [RFC7616] security configuration identified by the Vocabulary Term digest (i.e., "scheme": "digest"). This scheme is similar to basic authentication but with added features to avoid man-in-the-middle attacks.

Vocabulary Terms in DigestSecurityScheme Level
Vocabulary term	Description	Assignment	Type
`name`	Name for query, header, cookie, or uri parameters.	optional	`string`
`in`	Specifies the location of security authentication information.	with default	`string` (one of `header`, `query`, `body`, `cookie`, or `auto`)
`qop`	Quality of protection.	with default	`string` (one of `auth`, or `auth-int`)

`APIKeySecurityScheme`

API key authentication security configuration identified by the Vocabulary Term apikey (i.e., "scheme": "apikey"). This scheme is to be used when the access token is opaque, for example when a key in an unknown or proprietary format is provided by a cloud service provider. In this case the key may not be using a standard token format. This scheme indicates that the key provided by the service provider needs to be supplied as part of service requests using the mechanism indicated by the "in" field.

Vocabulary Terms in APIKeySecurityScheme Level
Vocabulary term	Description	Assignment	Type
`name`	Name for query, header, cookie, or uri parameters.	optional	`string`
`in`	Specifies the location of security authentication information.	with default	`string` (one of `header`, `query`, `body`, `cookie`, `uri`, or `auto`)

`BearerSecurityScheme`

Bearer Token [RFC6750] security configuration identified by the Vocabulary Term bearer (i.e., "scheme": "bearer") for situations where bearer tokens are used independently of OAuth2. If the oauth2 scheme is specified it is not generally necessary to specify this scheme as well as it is implied. For format, the value jwt indicates conformance with [RFC7519], jws indicates conformance with [RFC7797], cwt indicates conformance with [RFC8392], and jwe indicates conformance with [RFC7516], with values for alg interpreted consistently with those standards. Other formats and algorithms for bearer tokens MAY be specified in vocabulary extensions.

Vocabulary Terms in BearerSecurityScheme Level
Vocabulary term	Description	Assignment	Type
`authorization`	URI of the authorization server.	optional	`anyURI`
`name`	Name for query, header, cookie, or uri parameters.	optional	`string`
`in`	Specifies the location of security authentication information.	with default	`string` (one of `header`, `query`, `body`, `cookie`, or `auto`)
`alg`	Encoding, encryption, or digest algorithm.	with default	`string` (e.g., `ES256`, or `ES512-256`)
`format`	Specifies format of security authentication information.	with default	`string` (e.g., `jwt`, `cwt`, `jwe`, or `jws`)

`PSKSecurityScheme`

Pre-shared key authentication security configuration identified by the Vocabulary Term psk (i.e., "scheme": "psk"). This is meant to identify that a standard is used for pre-shared keys such as TLS-PSK [[RFC4279]], and that the ciphersuite used for keys will be established during protocol negotiation.

Vocabulary Terms in PSKSecurityScheme Level
Vocabulary term	Description	Assignment	Type
`identity`	Identifier providing information which can be used for selection or confirmation.	optional	`string`

`OAuth2SecurityScheme`

OAuth 2.0 authentication security configuration for systems conformant with [[!RFC6749]] and [[!RFC8252]], identified by the Vocabulary Term oauth2 (i.e., "scheme": "oauth2").

Vocabulary Terms in OAuth2SecurityScheme Level
Vocabulary term	Description	Assignment	Type
`authorization`	URI of the authorization server.	optional	`anyURI`
`token`	URI of the token server.	optional	`anyURI`
`refresh`	URI of the refresh server.	optional	`anyURI`
`scopes`	Set of authorization scope identifiers provided as an array. These are provided in tokens returned by an authorization server and associated with forms in order to identify what resources a client may access and how. The values associated with a form SHOULD be chosen from those defined in an `OAuth2SecurityScheme` active on that form.	optional	`string` or Array of `string`
`flow`	Authorization flow.	mandatory	`string` (e.g., `code`, or `client`)

For the code flow both authorization and token vocabulary terms MUST be included. For the client flow token vocabulary term MUST be included. For the client flow authorization vocabulary term MUST NOT be included.The mandatory elements for each flow are summarized in the following table:

Element	`code`	`client`
`authorization`	mandatory	omit
`token`	mandatory	mandatory
`refresh`	optional	optional

Hypermedia Controls Vocabulary Definitions

The present model provides a representation for (typed) Web links and Web forms exposed by a Thing. The Link class definition reflects a very common subset of the terms defined in Web Linking [[!RFC8288]]. The defined terms can be used, e.g., to describe the relation to another Thing such as a Lamp Thing is controlled by a Switch Thing. The Form class corresponds to a newly introduced form of hypermedia control to manipulate the state of Things (and other Web resources).

`Link`

A link can be viewed as a statement of the form "link context has a relation type resource at link target", where the optional target attributes may further describe the resource.

Vocabulary Terms in Link Level
Vocabulary term	Description	Assignment	Type
`href`	Target IRI of a link or submission target of a form.	mandatory	`anyURI`
`type`	Target attribute providing a hint indicating what the media type [RFC2046] of the result of dereferencing the link should be.	optional	`string`
`rel`	A link relation type identifies the semantics of a link.	optional	`string`
`anchor`	Overrides the link context (by default the Thing itself identified by its `id`) with the given URI or IRI.	optional	`anyURI`
`sizes`	Target attribute that specifies one or more sizes for the referenced icon. Only applicable for relation type "icon". The value pattern follows {Height}x{Width} (e.g., "16x16", "16x16 32x32").	optional	`string`
`hreflang`	The hreflang attribute specifies the language of a linked document. The value of this must be a valid language tag [[BCP47]].	optional	`string` or Array of `string`

The hreflang attribute is allowed to be a string or array in this version of the spec. Depending on the result of [[LINKSET-MEDIA-TYPES]] the values of hrefLang can be restricted to array only.

Link relations can be used to describe relations such as to other Things (e.g., a Switch Thing controls a Lamp Thing), to a specific kind of Thing Models (e.g., a Thing Description is an instance of a specific Thing Model), or to further documentations information (e.g., device manual of a Thing). It is recommended to reuse existing and established Link Relation definitions from IANA.

In the following a best practice relation type table is introduced that is recommended to use within WoT Thing Description or Thing Model instances.

Best practice relation type table
Value	Occurrence	Explanation	Source of value origin
`icon`	0..*	Imports an icon associated to the Thing (e.g., for UI purposes).	IANA Link Relation
`service-doc`	0..*	Relation to a resource that provide (human-readable) documentation or descriptions.	IANA Link Relation
`alternate`	0..*	Point to alternative representation of the Thing (i.e. RDF-Turtle, human-readable HTML document, ...).	IANA Link Relation
`type`	0..1	Indicate that the Thing is an instance of the target resource such as to a Thing Model.	IANA Link Relation
`tm:extends`	0..1	Extends an existing definition of the target resource such as a Thing Model. Only applicable for Thing Model definitions.	W3C WoT Thing Model
`tm:submodel`	0..*	Used to compose one or multiple Thing Models. Only applicable for Thing Model definitions.	W3C WoT Thing Model
`manifest`	0..*	Point to the web app manifest of a web application which provides, e.g., a user interface with which a user can interact with the Thing (also see [[APPMANIFEST]]).	IANA Link Relation
`proxy-to`	0..*	Target resource provide the address of a proxy. Additional security metadata can be provided using the `proxy` field in a SecurityScheme.	W3C WoT Security and WoT Binding Template
`collection`	0..1	Points to a collections of Things.	IANA Link Relation
`item`	0..*	Points to a Thing that is member of the current Thing collections.	IANA Link Relation
`predecessor-version`	0..1	Points to a previous Thing Description or Thing Model version.	IANA Link Relation
`controlledBy`	0..*	Refers to a Thing that controls the context Thing.	W3C Thing Description

`Form`

A form can be viewed as a statement of "To perform an operation type operation on form context, make a request method request to submission target" where the optional form fields may further describe the required request. In Thing Descriptions, the form context is the surrounding Object, such as Properties, Actions, and Events or the Thing itself for meta-interactions.

Vocabulary Terms in Form Level
Vocabulary term	Description	Assignment	Type
`href`	Target IRI of a link or submission target of a form.	mandatory	`anyURI`
`contentType`	Assign a content type based on a media type (e.g., `text/plain`) and potential parameters (e.g., `charset=utf-8`) for the media type [RFC2046].	with default	`string`
`contentCoding`	Content coding values indicate an encoding transformation that has been or can be applied to a representation. Content codings are primarily used to allow a representation to be compressed or otherwise usefully transformed without losing the identity of its underlying media type and without loss of information. Examples of content coding include "gzip", "deflate", etc. .	optional	`string`
`security`	Set of security definition names, chosen from those defined in `securityDefinitions`. These must all be satisfied for access to resources.	optional	`string` or Array of `string`
`scopes`	Set of authorization scope identifiers provided as an array. These are provided in tokens returned by an authorization server and associated with forms in order to identify what resources a client may access and how. The values associated with a form SHOULD be chosen from those defined in an `OAuth2SecurityScheme` active on that form.	optional	`string` or Array of `string`
`response`	This optional term can be used if, e.g., the output communication metadata differ from input metadata (e.g., output contentType differ from the input contentType). The response name contains metadata that is only valid for the primary response messages.	optional	`ExpectedResponse`
`additionalResponses`	This optional term can be used if additional expected responses are possible, e.g. for error reporting. Each additional response needs to be distinguished from others in some way (for example, by specifying a protocol-specific error code), and may also have its own data schema.	optional	Array of `AdditionalExpectedResponse`
`subprotocol`	Indicates the exact mechanism by which an interaction will be accomplished for a given protocol when there are multiple options. For example, for HTTP and Events, it indicates which of several available mechanisms should be used for asynchronous notifications such as long polling (`longpoll`), WebSub [websub] (`websub`), Server-Sent Events (`sse`) [html] (also known as EventSource). Please note that there is no restriction on the subprotocol selection and other mechanisms can also be announced by this subprotocol term.	optional	`string` (e.g., `longpoll`, `websub`, or `sse`)
`op`	Indicates the semantic intention of performing the operation(s) described by the form. For example, the Property interaction allows get and set operations. The protocol binding may contain a form for the get operation and a different form for the set operation. The op attribute indicates which form is for which and allows the client to select the correct form for the operation required. op can be assigned one or more interaction verb(s) each representing a semantic intention of an operation.	with default	`string` or Array of `string` (one of `readproperty`, `writeproperty`, `observeproperty`, `unobserveproperty`, `invokeaction`, `queryaction`, `cancelaction`, `subscribeevent`, `unsubscribeevent`, `readallproperties`, `writeallproperties`, `readmultipleproperties`, `writemultipleproperties`, `observeallproperties`, `unobserveallproperties`, `subscribeallevents`, `unsubscribeallevents`, or `queryallactions`)

Possible values for the contentCoding property can be found, e.g., in the IANA HTTP content coding registry.

The list of possible operation types of a form is fixed. As of this version of the specification, it only includes the well-known types necessary to implement the WoT interaction model described in [wot-architecture11]. Future versions of the standard may extend this list but operations types MUST be restricted to the values in the table below.

Well-known operation types
Operation Type	Description
readproperty	Identifies the read operation on Property Affordances to retrieve the corresponding data.
writeproperty	Identifies the write operation on Property Affordances to update the corresponding data.
observeproperty	Identifies the observe operation on Property Affordances to be notified with the new data when the Property is updated.
unobserveproperty	Identifies the unobserve operation on Property Affordances to stop the corresponding notifications.
invokeaction	Identifies the invoke operation on Action Affordances to perform the corresponding action.
queryaction	Identifies the querying operation on Action Affordances to get the status of the corresponding action.
cancelaction	Identifies the cancel operation on Action Affordances to cancel the ongoing corresponding action.
subscribeevent	Identifies the subscribe operation on Event Affordances to be notified by the Thing when the event occurs.
unsubscribeevent	Identifies the unsubscribe operation on Event Affordances to stop the corresponding notifications.
readallproperties	Identifies the readallproperties operation on a Thing to retrieve the data of all Properties in a single interaction.
writeallproperties	Identifies the writeallproperties operation on a Thing to update the data of all writable Properties in a single interaction.
readmultipleproperties	Identifies the readmultipleproperties operation on a Thing to retrieve the data of selected Properties in a single interaction.
writemultipleproperties	Identifies the writemultipleproperties operation on a Thing to update the data of selected writable Properties in a single interaction.
observeallproperties	Identifies the observeallproperties operation on Properties to be notified with new data when any Property is updated.
unobserveallproperties	Identifies the unobserveallproperties operation on Properties to stop notifications from all Properties in a single interaction.
queryallactions	Identifies the queryallactions operation on a Thing to get the status of all Actions in a single interaction.
subscribeallevents	Identifies the subscribeallevents operation on Events to subscribe to notifications from all Events in a single interaction.
unsubscribeallevents	Identifies the unsubscribeallevents operation on Events to unsubscribe from notifications from all Events in a single interaction.

A Thing Description of a WoT producer may have multiple forms entries with, e.g., different protocol and/or content types declarations that a Consumer could possibly support. In that case the Consumer may choose any form entry that works (e.g., the protocol and content type is supported) for them. When one form is chosen, it is expected that the Consumer will continue to use it as long as possible for every new interaction with the WoT producer.

Mapping op Values to Data Schemas

Protocols that can be used with TDs follow request-response or eventing mechanisms. The Data Schema of an affordance generally correlates with the op keywords used in forms. The table below informatively summarizes the available data schema related terms with the op keywords.

Consumer to Thing applies for messages sent by the Consumer to the Thing, such as the value for writing a property.
Thing to Consumer applies for messages sent by the Thing to the Consumer, such as the value of a property value as the result of reading a property.
In case that there is no correlation with the data schema and the operation, it implies that no payload is required for executing the operation or no payload is expected as a result of the operation.

Mapping op Values to Data Schemas
Operation Type	Consumer to Thing DataSchema Correlation	Thing to Consumer DataSchema Correlation
readproperty	No correlation.	All fields in the Property Affordance without `"writeOnly":true`.
writeproperty	All fields in the Property Affordance without `"readOnly":true`.	No correlation. `additionalResponses` can be used in the form level.
observeproperty	No correlation.	All fields in the Property Affordance without `"writeOnly":true`.
unobserveproperty	No correlation.	No correlation.
invokeaction	Value of the `input` key.	Value of the `output` key.
queryaction	No correlation.	No correlation. `additionalResponses` can be used in the form level.
cancelaction	No correlation.	No correlation. `additionalResponses` can be used in the form level.
subscribeevent	Value of the `subscription` key with all fields without `"readOnly":true`	Value of the `subscription` key with all fields without `"writeOnly":true`
unsubscribeevent	Value of the `subscription` key with all fields without `"readOnly":true`	Value of the `subscription` key with all fields without `"writeOnly":true`

Writing to a property does not necessarily mean that a new value will be sent to the Consumer observing the property. It depends on the protocol and implementation.

Further specification of how to map operations to data schemas, as well as mapping meta operations such as readallproperties can be found in the respective protocol specification of the [[WOT-BINDING-TEMPLATES]].

Response-related Terms Usage

The optional response name-value pair can be used to provide metadata for the expected response message. With the core vocabulary, it only includes content type information, but TD Context Extensions could be applied. If no response name-value pair is provided, it MUST be assumed that the content type of the response is equal to the content type assigned to the Form instance. Note that contentType within an ExpectedResponse Class does not have a Default Value. For instance, if the value of the content type of the form is application/xml the assumed value of the content type of the response will be also application/xml.

In some cases additional responses might be possible. One example of this is error responses but in some cases there might also be additional successful responses. In this case, the response name-value pair is still used for the primary response but additionalResponses may also be provided, whose value is an array of AdditionalExpectedResponse objects. Each additional response must be distinguished in some way from the primary response, either by contentType or by protocol-specific settings such as error code header values. Each additional response may also have a data schema which can differ from the normal output data schema for the interaction.

In some use cases, input and output data might be represented in a different form, for instance an Action that accepts JSON, but returns an image. In such a case, the optional response name-value pair can describe the content type of the expected response. If the content type of the expected response differs from the content type of the form, the Form instance MUST include a name-value pair with the name response. For instance, an ActionAffordance could only accept application/json for its input data, while it will respond with an image/jpeg content type for its output data. In that case the content types differ and the response name-value pair has to be used to provide response content type (image/jpeg) information to the Consumer.

Similar considerations apply to additional responses, although in this case the contentType is optional if it is the same as the input content Type (e.g. JSON). If the content type of an additional expected response differs from the content type of the form, the Form instance MUST include an entry in the array associated with the name additionalResponses that includes a value for the name contentType. If the data schema of an additional expected response differs from the output data schema of the interaction, the Form instance MUST include an entry in the array associated with the name additionalResponses that includes a value for the name schema.

The different cases on the variation of request and response are explained above. The tables at summarize these cases in a concise manner.

`ExpectedResponse`

Communication metadata describing the expected response message for the primary response.

Vocabulary Terms in ExpectedResponse Level
Vocabulary term	Description	Assignment	Type
`contentType`	Assign a content type based on a media type (e.g., `text/plain`) and potential parameters (e.g., `charset=utf-8`) for the media type [RFC2046].	mandatory	`string`

`AdditionalExpectedResponse`

Communication metadata describing the expected response message for additional responses.

Vocabulary Terms in AdditionalExpectedResponse Level
Vocabulary term	Description	Assignment	Type
`success`	Signals if an additional response should not be considered an error.	with default	`boolean`
`contentType`	Assign a content type based on a media type (e.g., `text/plain`) and potential parameters (e.g., `charset=utf-8`) for the media type [RFC2046].	with default	`string`
`schema`	Used to define the output data schema for an additional response if it differs from the default output data schema. Rather than a `DataSchema` object, the name of a previous definition given in a `schemaDefinitions` map must be used.	optional	`string`

Default Value Definitions

When assignments in a TD are missing, a TD Processor MUST follow the Default Value assignments expressed in the table of Default Value Definitions.

The following table gives all Default Values defined in the TD Information Model.

Default values of vocabulary terms that are used when the terms are not present in a TD
Class	Vocabulary Term	Default Value	Comment
`PropertyAffordance`	`readOnly`	`false`	The default value for this vocabulary term applies only to the `PropertyAffordance` level definition. In other contexts, such as `DataSchema` definitions, the vocabulary term is optional.
`PropertyAffordance`	`writeOnly`	`false`	The default value for this vocabulary term applies only to the `PropertyAffordance` level definition. In other contexts, such as `DataSchema` definitions, the vocabulary term is optional.
`PropertyAffordance`	`observable`	`false`
`ActionAffordance`	`safe`	`false`
`ActionAffordance`	`idempotent`	`false`
`AdditionalExpectedResponse`	`success`	`false`
`AdditionalExpectedResponse`	`contentType`	value of the `contentType` of the `Form` element it belongs to.
`Form`	`contentType`	`application/json`
`Form`	`op`	Array of `string` with the elements `readproperty` and `writeproperty` when `readOnly` and `writeOnly` are set to `false` or Array of `string` with the element `readproperty` when `readOnly` is set to `true` or Array of `string` with the element `writeproperty` when `writeOnly` is set to `true`.	If defined within an instance of `PropertyAffordance`
`Form`	`op`	`invokeaction`	If defined within an instance of `ActionAffordance`
`Form`	`op`	Array of `string` with the elements `subscribeevent` and `unsubscribeevent`	If defined within an instance of `EventAffordance`
`BasicSecurityScheme`	`in`	`header`
`DigestSecurityScheme`	`in`	`header`
`DigestSecurityScheme`	`qop`	`auth`
`APIKeySecurityScheme`	`in`	`query`
`BearerSecurityScheme`	`in`	`header`
`BearerSecurityScheme`	`alg`	`ES256`
`BearerSecurityScheme`	`format`	`jwt`

TD Representation Format

WoT Thing Descriptions represent Things and are modeled and structured based on . This section defines a JSON-based representation format for Things, a serialization of instances of the Class Thing defined by the TD Information Model.

A TD Processor MUST be able to serialize Thing Descriptions into the JSON format [[!RFC8259]] and/or deserialize Thing Descriptions from that format, according to the rules noted in and .

The JSON serialization of the TD Information Model is aligned with the syntax of JSON-LD 1.1 [[?json-ld11]] in order to streamline semantic evaluation. Hence, the TD representation format can be processed either as raw JSON or with a JSON-LD 1.1 processor (for details about semantic processing, please refer to and the documentation under the namespace IRIs, e.g., https://www.w3.org/2019/wot/td).

In order to support interoperable internationalization, TDs MUST be serialized according to the requirements defined in Section 8.1 of RFC8259 [[!RFC8259]] for open ecosystems. In summary, this requires the following:

TDs MUST be encoded using UTF-8 [[!RFC3629]].
Implementations MUST NOT add a byte order mark (U+FEFF) to the beginning of a TD document.
TD Processors MAY ignore the presence of a byte order mark rather than treating it as an error.

Mapping to JSON Types

The TD Information Model is constructed, so that there is an easy mapping between model Objects and JSON types. Every Class instances maps to a JSON object, where each name-value pair of the Class instance is a member of the JSON object.

Every Simple Type mentioned in (i.e., string, anyURI, dateTime, integer, unsignedInt, double, and boolean) maps to a primitive JSON type (string, number, boolean), as per the rules listed below. These rules apply to values in name-value pairs:

Values that are of type string or anyURI MUST be serialized as JSON strings.
Values that are of type dateTime MUST be serialized as JSON strings following the "date-time" format specified by [[RFC3339]]. Examples would include 2019-05-24T13:12:45Z and 2015-07-11T09:32:26+08:00. Values that are of type dateTime SHOULD use the literal Z representing the UTC time zone instead of an offset.
Values that are of type integer or unsignedInt MUST be serialized as JSON numbers without a fraction or exponent part.
Values that are of type double MUST be serialized as JSON number.
Values that are of type boolean MUST be serialized as JSON boolean.

Every complex type of the TD Information Model (i.e., Arrays, Maps, and Class instances) maps to a structured JSON type (array and object), as per the rules listed below:

A value of type Array MUST be serialized as JSON array, with each value of the name-value pairs as element of the JSON array ordered by the numeric name of the pair.
A value of type Map MUST be serialized as a JSON object, with each name-value pair as member of the JSON object.
A Class instance MUST be serialized as a JSON object, following the detailed rules given individually in .

Omitting Default Values

A Thing Description serialization may omit Vocabulary Term for which Default Values are defined, as listed in the table given in .

The following example shows the TD instance from Example 1 with a checkbox to also include the members with Default Values (=checkbox checked). These members can be omitted (=checkbox unchecked) to simplify the TD serialization. Note that a TD Processor interprets these omitted members identically as if they were explicitly present with a given Default Value.

TD with Default Values that can be omitted

with Default Values

{
    "@context": "https://www.w3.org/2022/wot/td/v1.1",
    "id": "urn:uuid:014139c9-b267-4db5-9c61-cc2d2bfc217d",
    "title": "MyLampThing",
    "securityDefinitions": {
        "basic_sc": {
            "scheme": "basic"
        }
    },
    "security": "basic_sc",
    "properties": {
        "status": {
            "type": "string",
            "forms": [{
                "href": "https://mylamp.example.com/status"
            }]
        }
    },
    "actions": {
        "toggle": {
            "forms": [{
                "href": "https://mylamp.example.com/toggle"
            }]
        }
    },
    "events": {
        "overheating": {
            "data": {
                "type": "string"
            },
            "forms": [{
                "href": "https://mylamp.example.com/oh",
                "subprotocol": "longpoll"
            }]
        }
    }
}

{
    "@context": "https://www.w3.org/2022/wot/td/v1.1",
    "id": "urn:uuid:014139c9-b267-4db5-9c61-cc2d2bfc217d",
    "title": "MyLampThing",
    "securityDefinitions": {
        "basic_sc": {
            "scheme": "basic",
            "in": "header"
        }
    },
    "security": "basic_sc",
    "properties": {
        "status": {
            "type": "string",
            "readOnly": false,
            "writeOnly": false,
            "observable": false,
            "forms": [{
                "op": [
                    "readproperty",
                    "writeproperty"
                ],
                "href": "https://mylamp.example.com/status",
                "contentType": "application/json"
            }]
        }
    },
    "actions": {
        "toggle": {
            "safe": false,
            "idempotent": false,
            "forms": [{
                "op": "invokeaction",
                "href": "https://mylamp.example.com/toggle",
                "contentType": "application/json"
            }]
        }
    },
    "events": {
        "overheating": {
            "data": {
                "type": "string",
                "readOnly": false,
                "writeOnly": false
            },
            "forms": [{
                "op": "subscribeevent",
                "href": "https://mylamp.example.com/oh",
                "contentType": "application/json",
                "subprotocol": "longpoll"
            }]
        }
    }
}

Please note that, depending on the Protocol Binding used, additional protocol-specific Vocabulary Terms may apply. They may also have associated Default Values, and hence can also be omitted as explained in this subsection. Further information can be found in .

Information Model Serialization

Thing Root Object

A Thing Description is a data structure rooted at an Object of type Thing. In turn, a JSON serialization of the Thing Description is a JSON object, which is the root of a syntax tree constructed from the TD Information Model.

The root element of a TD Serialization MUST be a JSON object that includes a member with the name @context and a value of type string or array that equals or respectively contains https://www.w3.org/2022/wot/td/v1.1.

In general, this URI is used to identify the TD representation format version defined by this specification. For JSON-LD processing [[?json-ld11]], this URI specifies the Thing Description context file. An @context of type array indicates TD Context Extensions (see for details).

{
    "@context": "https://www.w3.org/2022/wot/td/v1.1",
    // ...
}

All name-value pairs of an instance of Thing, where the name is a Vocabulary Term in the Signature of Thing, MUST be serialized as JSON members of the root object.

A TD snippet for a serialized root object including all mandatory and optional members is given below:

{
    "@context": "https://www.w3.org/2022/wot/td/v1.1",
    "@type": "Thing",
    "id": "urn:uuid:1b37933b-3212-4dad-9c2c-74c6042c3e2b",
    "title": "MyThing",
    "titles": {/*...*/},
    "description": "Human readable information.",
    "descriptions": {/*...*/},
    "support": "mailto:[email protected]",
    "version": {/*...*/},
    "created": "2018-11-14T19:10:23.824Z",
    "modified": "2019-06-01T09:12:43.124Z",
    "securityDefinitions": {/*...*/},
    "security": /*...*/,
    "base": "https://servient.example.com/",
    "properties": {/*...*/},
    "actions": {/*...*/},
    "events": {/*...*/},
    "links": [...],
    "forms": [...]
}

All values assigned to version, securityDefinitions, descriptions, schemaDefinitions, uriVariables, properties, actions, and events in an instance of the Class Thing MUST be serialized as JSON objects.

All values assigned to links, and forms in an instance of the Class Thing MUST be serialized as JSON arrays containing JSON objects as defined in and , respectively.

The value assigned to security in an instance of Class Thing MUST be serialized as JSON string or as JSON array whose elements are JSON strings.

Human-Readable Metadata

JSON members named title and description are used within a TD document to provide human-readable metadata. They can be used as comments for developers inspecting a TD document or as display texts for user interface.

As defined in , the base text direction used to display human-readable metadata can either be estimated using heuristics such as the first-strong rule or inferred from language information. In TD documents the default language is defined by a value assigned to @language in the @context, and this, along with a script subtag if necessary, can be used to determine a base text direction. However, when interpreting human-readable text, each human-readable string value MUST be processed independently. In other words, a TD Processor cannot carry forward changes in direction from one string to another, or infer direction for one string from another one elsewhere in the TD.

A TD snippet using title and description is shown below. The default language is set to en through the definition of the @language member within a JSON object in the @context array.

{
    "@context": [
        "https://www.w3.org/2022/wot/td/v1.1",
        { "@language": "en" }
    ],
    "title": "MyThing",
    "description": "Human readable information.",
    // ...
    "properties": {
        "on": {
            "title": "On/Off",
            "type": "boolean",
            "forms": [...]
        },
        "status": {
            "title": "Status",
            "type": "object",
            // ...
            "forms": [...]
        }
    },
    // ...
}

Strings on the Web [[?STRING-META]] recommends the use of metadata to determine the base direction of string values. Given that the Thing Description format is based on JSON-LD 1.1 [[?json-ld11]], @direction with the string values "ltr", "rtl" and null value null MAY be used inside the @context to indicate the default text direction for the human readable strings in the entire TD document. When metadata such as @direction is not present, TD Consumers SHOULD use first-strong detection as a fallback. For the MultiLanguage Map, TD Consumers MAY infer the base direction from the language tag of the individual strings. These can be summarized into the steps below that can be implemented by TD Consumers based on the information provided in a TD.

File-level metadata: Use the values of @direction found in the @context.
Guess from language: Use the value of @language and then guess the direction of the text
First-strong:Use the first strongly-directional character in a string. This is equivalent to using dir=auto in HTML attributes.

Please note string-specific direction metadata is not possible in the current version of the specification. The working group is working on a mechanism to make it possible. After which, that will be the preferred way to handle text direction for TD Consumers.

Additionally, the example below illustrates the use of the @direction and @language terms. See [[?json-ld11]] and [[string-meta]] for more detailed information.

			{
        "@context": [
            "https://www.w3.org/2022/wot/td/v1.1",
            {
              "@language": "ar-EG",
              "@direction": "rtl"
            }
        ],
        "title": "شيء يخصني يقيس درجة الحرارة",
        "description": "شيء يقيس درجة الحرارة و يظهر حالته",
        // ...
        "properties": {
            "temp": {
                "title": "درجة الحرارة",
                "type": "boolean",
                "forms": [...]
            },
            "status": {
                "title": "حالة",
                "type": "object",
                // ...
                "forms": [...]
            }
        },
        // ...
    }

The JSON members named titles and descriptions are used within the TD document to provide human-readable metadata in multiple languages within a single TD document. All name-value pairs of a MultiLanguage Map MUST be serialized as members of a JSON object, where the name is a valid language tag as defined by [[!BCP47]] (also see W3C I18N Glossary) and the value is a human-readable string in the language indicated by the tag. See for details. All MultiLanguage object within a TD document SHOULD contain the same set of language members.

A TD snippet using titles and descriptions at different levels is given below:

{
    "@context": "https://www.w3.org/2022/wot/td/v1.1",
    "title": "MyThing",
    "titles": {
        "en": "MyThing",
        "de": "MeinDing",
        "ja": "私の物",
        "zh-Hans": "我的东西",
        "zh-Hant": "我的東西"
    },
    "descriptions": {
        "en": "Human readable information.",
        "de": "Menschenlesbare Informationen.",
        "ja": "人間が読むことができる情報",
        "zh-Hans": "人们可阅读的信息",
        "zh-Hant": "人們可閱讀的資訊"
    },
    // ...
    "properties": {
        "on": {
            "titles": {
                "en": "On/Off",
                "de": "An/Aus",
                "ja": "オンオフ",
                "zh-Hans": "开关",
                "zh-Hant": "開關" },
            "type": "boolean",
            "forms": [...]
        },
        "status": {
            "titles": {
                "en": "Status",
                "de": "Zustand",
                "ja": "状態",
                "zh-Hans": "状态",
                "zh-Hant": "狀態" },
            "type": "object",
            // ...
            "forms": [...]
        }
    },
    // ...
}

TD instances may also combine the use of title and description with titles and descriptions. When title and titles or description and descriptions are present within the same JSON object, the values of title and description MAY be seen as the default text. When title and titles or description and descriptions are present in a TD document, each title and description member SHOULD have a corresponding titles and descriptions member, respectively. The language of the default text is indicated by the default language, which is usually set by the creator of the Thing Description instance.

{
    "@context": [
        "https://www.w3.org/2022/wot/td/v1.1",
        { "@language": "de" }
    ],
    "title": "MeinDing",
    "titles": {
        "en": "MyThing",
        "de": "MeinDing",
        "ja": "私の物",
        "zh-Hans": "我的东西",
        "zh-Hant": "我的東西"
    },
    "description": "Menschenlesbare Informationen.",
    "descriptions": {
        "en": "Human readable information.",
        "de": "Menschenlesbare Informationen.",
        "ja": "人間が読むことができる情報",
        "zh-Hans": "人们可阅读的信息",
        "zh-Hant": "人們可閱讀的資訊"
    },
    // ...
    "properties": {
        "on": {
            "title": "An/Aus",
            "titles": {
                "en": "On/Off",
                "de": "An/Aus",
                "ja": "オンオフ",
                "zh-Hans": "开关",
                "zh-Hant": "開關" },
            "type": "boolean",
            "forms": [...]
        },
        "status": {
            "title": "Zustand",
            "titles": {
                "en": "Status",
                "de": "Zustand",
                "ja": "状態",
                "zh-Hans": "状态",
                "zh-Hant": "狀態" },
            "type": "object",
            // ...
            "forms": [...]
        }
    },
    // ...
}

Another possibility to set the default language is through a language negotiation mechanism, such as the Accept-Language header field of HTTP. In cases where the default language has been negotiated, an @language member MUST be present to indicate the result of the negotiation and the corresponding default language of the returned content. When the default language has been negotiated successfully, TD documents SHOULD include the appropriate matching values for the members title and description in preference to MultiLanguage objects in titles and descriptions members. Note however that Things MAY choose to not support such dynamically-generated TDs nor to support language negotiation (e.g., because of resource constraints).

There is no guarantee that strings in TDs will be displayed in an HTML rendering context. In fact, to mitigate the XSS security risk described in , HTML tags embedded in strings sourced from TDs should be sanitized (and so not interpreted as HTML) in applications embedding these strings in web pages or web applications. Therefore HTML embedded in strings is not an appropriate mechanism for specifying text rendering direction.

`version`

All name-value pairs of an instance of VersionInfo, where the name is a Vocabulary Term included in the Signature of VersionInfo, MUST be serialized as JSON members with the Vocabulary Term as name.

A TD snippet of a version information object is given below:

{
    // ...
    "version": { "instance": "1.2.1" },
    // ...
}

The version member is intended as container for additional application- and/or device-specific version information based on TD Context Extensions. See for details.

`securityDefinitions` and `security`

In a Thing instance, the value assigned to securityDefinitions is a Map of instances of SecurityScheme. All name-value pairs of a Map of SecurityScheme instances MUST be serialized as members of the JSON object that results from serializing the Map; the name of a pair MUST be serialized as a JSON string and the value of the pair, an instance of SecurityScheme, MUST be serialized as a JSON object.

All name-value pairs of an instance of one of the Subclasses of SecurityScheme, where the name is a Vocabulary Term included in the Signature of that Subclass or in the Signature of SecurityScheme, MUST be serialized as members of the JSON object that results from serializing the SecurityScheme Subclass's instance, with the Vocabulary Term as name.

The following TD snippet shows a simple security configuration specifying basic username/password authentication in the header. The value given for in is actually the Default Value (header) and could be omitted. A named security configuration (basic_sc) is given in the securityDefinitions map. In this example, that definition is activated by including its JSON name in the security member.

{
    // ...
    "securityDefinitions": {
        "basic_sc": {
            "scheme": "basic",
            "in": "header"
        }
    },
    "security": "basic_sc",
    // ...
}

Security configuration in the TD is mandatory. At least one security definition MUST be activated through the security member at the Thing level (i.e., in the TD root object). This configuration can be seen as the default security mechanism required to interact with the Thing. Security definitions MAY also be activated at the level of the form elements by including a security member in form objects, which overrides (i.e., completely replace) all definitions activated at the Thing level.

The nosec security scheme is provided for the case that no security is needed. The minimal security configuration for a Thing is activation of the nosec security scheme at the Thing level, as shown in the following example:

  {
      "@context": "https://www.w3.org/2022/wot/td/v1.1",
      "id": "urn:uuid:e9ecb6ad-cd4c-481b-96ce-5b4c57ddb844",
      "title": "MyThing",
      "description": "Human readable information.",
      "support": "https://servient.example.com/contact",
      "securityDefinitions": { "nosec_sc": { "scheme": "nosec" }},
      "security": "nosec_sc",
      "properties": {/*...*/},
      "actions": {/*...*/},
      "events": {/*...*/},
      "links": [/*...*/]
  }

Multiple Security Definitions

To give a more complex example, suppose we have a Thing where all Interaction Affordances require basic authentication except for one, for which no authentication is required. For the status Property and the toggle Action, basic authentication is required and defined at the Thing level. For the overheating Event, however, no authentication is required, and hence the security configuration is overridden at the form level.

  {
      // ...
      "securityDefinitions": {
          "basic_sc": {"scheme": "basic"},
          "nosec_sc": {"scheme": "nosec"}
      },
      "security": "basic_sc",
      // ...
      "properties": {
          "status": {
              // ...
              "forms": [{
                  "href": "https://mylamp.example.com/status"
              }]
          }
      },
      "actions": {
          "toggle": {
              // ...
              "forms": [{
                  "href": "https://mylamp.example.com/toggle"
              }]
          }
      },
      "events": {
          "overheating": {
              // ...
              "forms": [{
                  "href": "https://mylamp.example.com/oh",
                  "security": "nosec_sc"
              }]
          }
      }
  }

TDs can specify a combination of security schemes as well. Below is a TD snippet showing digest authentication on a proxy combined with bearer token authentication on the Thing. In the digest scheme, the Default Value of in (i.e., header) is omitted, but still applies. Note that the corresponding private security configuration such as username/password and tokens need to be configured in the Consumer to interact successfully. When activating multiple security definitions, the security member becomes an array.

{
    // ...
    "securityDefinitions": {
        "proxy_sc": {
            "scheme": "digest",
            "proxy": "https://portal.example.com/"
        },
        "bearer_sc": {
            "scheme": "bearer",
            "in": "header",
            "format": "jwt",
            "alg": "ES256",
            "authorization": "https://servient.example.com:8443/"
        }
    },
    "security": ["proxy_sc", "bearer_sc"],
    // ...
}

However, the use of an array with multiple elements to combine security schemes in a security element is now deprecated, instead a ComboSecurityScheme SHOULD be used. In the following example, which is exactly equivalent to the one above, this is demonstrated:

{
    // ...
    "securityDefinitions": {
        "proxy_sc": {
            "scheme": "digest",
            "proxy": "https://portal.example.com/"
        },
        "bearer_sc": {
            "scheme": "bearer",
            "in": "header",
            "format": "jwt",
            "alg": "ES256",
            "authorization": "https://servient.example.com:8443/"
        },
        "combo_sc": {
            "scheme": "combo",
            "allOf": ["proxy_sc", "bearer_sc"]
        }
    },
    "security": "combo_sc",
    // ...
}

`security` in Forms

Security configurations can also be specified for different forms within the same Interaction Affordance. This may be required for devices that support multiple protocols, for example HTTP and CoAP [[?RFC7252]], which support different security mechanisms. This is also useful when alternative authentication mechanisms are allowed. Here is a TD snippet demonstrating three possible ways to activate a Property affordance: via HTTPS with basic authentication, with digest authentication, with bearer token authentication. In other words, the use of different security configurations within multiple forms provides a way to combine security mechanisms in an "OR" fashion. In contrast, putting multiple security configurations in the same security member combines them in an "AND" fashion, since in that case they would all need to be satisfied to allow activation of the Interaction Affordance. Note that activating one (default) configuration at the Thing level is still mandatory.

{
    // ...
    "securityDefinitions": {
        "basic_sc": { "scheme": "basic" },
        "digest_sc": { "scheme": "digest" },
        "bearer_sc": { "scheme": "bearer" }
    },
    "security": "basic_sc",
    // ...
    "properties": {
        "status": {
            // ...
            "forms": [{
                "href": "https://mylamp.example.com/status"
            }, {
                "href": "https://mylamp.example.com/status",
                "security": "digest_sc"
            }, {
                "href": "https://mylamp.example.com/status",
                "security": "bearer_sc"
            }]
        }
    },
    // ...
}

`ComboSecurityScheme`

To avoid redundancy in this case, e.g. repeating the details of the form elements, a ComboSecurityScheme with oneOf can be used instead.

{
    // ...
    "securityDefinitions": {
        "basic_sc": { "scheme": "basic" },
        "digest_sc": { "scheme": "digest" },
        "bearer_sc": { "scheme": "bearer" },
        "combo_sc": {
            "scheme": "combo",
            "oneOf": [ "basic_sc", "digest_sc", "bearer_sc" ]
        }
    },
    "security": "combo_sc",
    // ...
    "properties": {
        "status": {
            // ...
            "forms": [{
                "href": "https://mylamp.example.com/status"
            }]
        }
    },
    // ...
}

OAuth 2.0 usage

As another more complex example, OAuth 2.0 makes use of scopes. These are identifiers that may appear in tokens and must match with corresponding identifiers in a resource to allow access to that resource (or Interaction Affordance in the case of W3C WoT). For example, in the following, the status Property can be read by Consumers using bearer tokens containing the scope limited, but the configure Action can only be invoked with a token containing the special scope. Scopes are not identical to roles, but are often associated with them; for example, perhaps only those in an administrative role are authorized to perform "special" interactions. Tokens can have more than one scope and are issued by dedicated web services to users. In this example, an administrator could be issued tokens with both the limited and special scopes, while ordinary users could be provided with tokens with the limited scope.

{
    // ...
    "securityDefinitions": {
        "oauth2_sc": {
            "scheme": "oauth2",
            "flow": "client",
            "token": "https://example.com/token",
            "scopes": ["limited", "special"]
        }
    },
    "security": "oauth2_sc",
    // ...
    "properties": {
        "status": {
            // ...
            "forms": [{
                "href": "https://scopes.example.com/status",
                "scopes": ["limited"]
            }]
        }
    },
    "actions": {
        "configure": {
            // ...
            "forms": [{
                "href": "https://scopes.example.com/configure",
                "scopes": ["special"]
            }]
        }
    },
    // ...
}

API key usage

A Thing can require an onboarding process that results in the Consumer requiring an API key to interact with the Thing. This API key can be included in the request to the Thing in different ways as the API key scheme specifies. Below is an example of how it can be used as a URI template where the API key should be replaced in the URI by the Consumer when sending an HTTPS request.

    {
        // ...
        "securityDefinitions": {
            "apikey_key": {
                "scheme": "apikey",
                "in": "uri",
                "name": "adminKey"
            }
        },
        "security": "apikey_key",
        "properties": {
            "status": {
                // ...
                "forms": [{
                    "href": "https://example.com/{adminKey}/status",
                    // ...
                }]
            }
        },
        // ...
    }

To give another example of the use of the ComboSecurityScheme in addition to the use of URI templates example shown above, suppose there is a security scheme where a client ID and a "secret" key provided by a cloud service provider must both be embedded in the URL. Technically, only the key is actually secret and must be handled out-of-band, and the client ID, which is not secret, could be embedded in the TD. However, if the client ID cannot be easily rotated we may want to avoid embedding it in the TD to enhance privacy. In this case we can combine two instances of APIKeySecurityScheme, both using the uri value for the in location specifier, to declare two URI variables. These can then (in fact, they must) be used in the href in a Form where the security scheme is active. An example follows:

{
    // ...
    "securityDefinitions": {
        "apikey_key": {
            "scheme": "apikey",
            "in": "uri",
            "name": "secKey"
        },
        "apikey_id": {
            "scheme": "apikey",
            "in": "uri",
            "name": "secClientID"
        },
        "apikey_combo": {
            "scheme": "combo",
            "allOf": ["apikey_key","apikey_id"]
        }
    },
    "security": "apikey_combo",
    // ...
    "properties": {
        "status": {
            // ...
            "forms": [{
                "href": "https://example.com/{secClientID}/status/{secKey}",
                // ...
            }]
        }
    },
    // ...
}

While not shown in this example, it is legal to declare additional URI template variables using uriVariables and include them in the same URI template, although the names cannot conflict with those declared in security schemes. Using a specific prefix as in the above example for URI variables declared in security schemes can make it easier to avoid name conflicts.

API Key in Body: Security parameters might also be included along with the payload in some systems. For example, suppose a system requires every payload to be a JSON object including a member named auth whose value is an object containing a member called key containing an access key. Depending on the interaction, however, other elements of the JSON object might vary. This situation can be dealt with using the body security information location. Note that for this location, the name parameter is actually a JSON pointer evaluated relative to the root of the DataSchema for each interaction it is bound with, which allows it to be used with payloads that vary in other respects. As an example, here is a light that has a property to set its brightness and color and two separate actions to turn it on and off. Although the JSON payloads are different for these actions the /auth/key element occurs in the same relative location so single JSON pointer can be used. Note: if the security key occurs in different inconsistent locations, it will be necessary to use multiple security scheme definitions.

{
    // ...
    "securityDefinitions": {
        "apikey_body": {
            "scheme": "apikey",
            "in": "body",
            "name": "/auth/key"
        }
    },
    "security": "apikey_body",
    // ...
    "properties": {
        "color": {
            // ...
            "type": "object",
            "properties": {
                "brightness": {
                    "type": "number",
                    // ...
                },
                "rgb": {
                    "type": "array",
                    // ...
                },
                "auth": {
                    "type": "object",
                    "properties": {
                        "key": {
                           "type": "string"
                        }
                    },
                    "required": ["key"]
                }
            },
            "required": ["brightness", "rgb", "auth"],
            "forms": [{
                "href": "https://example.com/color",
                // ...
            }]
        }
    },
    "action": {
        "on": {
            // ...
            "input": {
                "auth": {
                    "type": "object",
                    "properties": {
                        "key": {
                           "type": "string"
                        }
                    },
                    "required": ["key"]
                }
            },
            "required": ["auth"],
            "forms": [{
                "href": "https://example.com/on",
                // ...
            }]
        },
        "off": {
            // ...
            "input": {
                "auth": {
                    "type": "object",
                    "properties": {
                        "key": {
                           "type": "string"
                        }
                    },
                    "required": ["key"]
                }
            },
            "required": ["auth"],
            "forms": [{
                "href": "https://example.com/off",
                // ...
            }]
        }
    },
    // ...
}

However, it is rather annoying and redundant to add the security information to every data schema. It is possible to simplify this example by using the feature that the location referenced by a JSON pointer in a body location will be automatically inserted if it does not exist. In this case the above example can be simplified to the following. Note that in fact a data schema will effectively be created for the actions on and off to hold just the security information.

{
    // ...
    "securityDefinitions": {
        "apikey_body": {
            "scheme": "apikey",
            "in": "body",
            "name": "/auth/key"
        }
    },
    "security": "apikey_body",
    // ...
    "properties": {
        "color": {
            // ...
            "type": "object",
            "properties": {
                "brightness": {
                    "type": "number",
                    // ...
                },
                "rgb": {
                    "type": "array",
                    // ...
                }
            },
            "required": ["brightness", "rgb"],
            "forms": [{
                "href": "https://example.com/color",
                // ...
            }]
        }
    },
    "action": {
        "on": {
            // ...
            "required": ["auth"],
            "forms": [{
                "href": "https://example.com/on",
                // ...
            }]
        },
        "off": {
            // ...
            "forms": [{
                "href": "https://example.com/off",
                // ...
            }]
        }
    },
    // ...
}

`properties`

The value assigned to properties in a Thing instance is a Map of instances of PropertyAffordance. All name-value pairs of a Map of PropertyAffordance instances MUST be serialized as members of the JSON object that results from serializing the Map; the name of a pair MUST be serialized as a JSON string and the value of the pair, an instance of PropertyAffordance, MUST be serialized as a JSON object.

All name-value pairs of an instance of PropertyAffordance, where the name is a Vocabulary Term included in (one of) the Signatures of PropertyAffordance, InteractionAffordance, or DataSchema, MUST be serialized as members of the JSON object that results from serializing the PropertyAffordance instance, with the Vocabulary Term as name. See for details on serializing DataSchema instances.

The value assigned to forms in an instance of PropertyAffordance MUST be serialized as a JSON array containing one or more JSON object serializations as defined in .

A snippet for two Property affordances is given below:

{
    // ...
    "properties": {
        "on": {
            "type": "boolean",
            "forms": [...]
        },
        "status": {
            "type": "object",
            "properties": {
                "brightness": {
                    "type": "number",
                    "minimum": 0.0,
                    "maximum": 100.0
                },
                "rgb": {
                    "type": "array",
                    "items": {
                        "type": "number",
                        "minimum": 0,
                        "maximum": 255
                    },
                    "minItems": 3,
                    "maxItems": 3
                }
            },
            "required": ["brightness", "rgb"],
            "forms": [...]
        }
    },
    // ...
}

`actions`

In a Thing instance, the value assigned to actions is a Map of instances of ActionAffordance. All name-value pairs of a Map of ActionAffordance instances MUST be serialized as members of the JSON object that results from serializing the Map; the name of a pair MUST be serialized as a JSON string and the value of the pair, an instance of ActionAffordance, MUST be serialized as a JSON object.

All name-value pairs of an instance of ActionAffordance, where the name is a Vocabulary Term included in (one of) the Signatures of ActionAffordance or InteractionAffordance, MUST be serialized as members of the JSON object that results from serializing the ActionAffordance instance, with the Vocabulary Term as name.

The values assigned to input and output in an instance of ActionAffordance MUST be serialized as JSON objects. They rely on the Class DataSchema, whose serialization is defined in .

The value assigned to forms in an instance of ActionAffordance MUST be serialized as a JSON array containing one or more JSON object serializations as defined in .

A TD snippet of an Action affordance is given below:

{
    // ...
    "actions": {
        "fade": {
            "title": "Fade in/out",
            "description": "Smooth fade in and out animation.",
            "input": {
                "type": "object",
                "properties": {
                    "from": {
                        "type": "integer",
                        "minimum": 0,
                        "maximum": 100
                    },
                    "to": {
                        "type": "integer",
                        "minimum": 0,
                        "maximum": 100
                    },
                    "duration": {"type": "number"}
                },
                "required": ["to","duration"]
            },
            "output": {"type": "string"},
            "forms": [...]
        }
    },
    // ...
}

`events`

In a Thing instance, the value assigned to events is a map of instances of EventAffordance. All name-value pairs of a Map of EventAffordance instances MUST be serialized as members of the JSON object that results from serializing the Map; the name of a pair MUST be serialized as a JSON string and the value of the pair, an instance of EventAffordance, MUST be serialized as a JSON object.

All name-value pairs of an instance of EventAffordance, where the name is a Vocabulary Term included in (one of) the Signatures of EventAffordance or InteractionAffordance, MUST be serialized as members of the JSON object that results from serializing the EventAffordance instance, with the Vocabulary Term as name.

The values assigned to subscription, data, and cancellation in an instance of EventAffordance MUST be serialized as JSON objects. They rely on the Class DataSchema, whose serialization is defined in .

The value assigned to forms in an instance of EventAffordance MUST be serialized as a JSON array containing one or more JSON object serializations as defined in .

A TD snippet of an Event object is given below:

{
    // ...
    "events": {
        "overheated": {
            "data": {
                "type": "string"
            },
            "forms": [...]
        }
    },
    // ...
}

Event affordances have been defined in a flexible manner, in order to adopt existing (e.g., WebSub [[websub]]) or customer-oriented event mechanisms (e.g., Webhooks). For this reason, subscription and cancellation can be defined according to the desired mechanism. Please find further details in [[?WOT-BINDING-TEMPLATES]]. Example illustrates how Events can use subscription and cancellation to describe Webhooks.

`links`

All name-value pairs of an instance of Link, where the name is a Vocabulary Term included in the Signature of Link, MUST be serialized as members of the JSON object that results from serializing the Link instance, with the Vocabulary Term as name.

It is recommended to follow the link relation values as provided in Section . The examples provided below demonstrate the use of different link relation types.

A reference can be provided that points to a Thing (e.g., a controller) that controls the underlying unit (e.g., a lamp). For this controlledBy can be used:

{
    // ...
    "links": [{
        "rel": "controlledBy",
        "href": "https://servient.example.com/things/lampController",
        "type": "application/td+json"
    }]
    // ...
}

To point to a developer documentation of a Thing the value service-doc can be used:

	{
        // ...
        "links": [{
            "rel": "service-doc",
            "href": "https://example.com/howTo",
            "type": "application/pdf",
            "hreflang": "en"
        }]
        // ...
	}

A superordinate Thing can collect a group of Things and refer to them by using the item value:

	{
        "title": "Electric Drive",
        // ...
        "links": [{
            "rel": "item",
            "href": "coaps://motor1.example.com",
            "type": " application/td+json"
        },
        {
            "rel": "item",
            "href": "coaps://motor2.example.com",
            "type": " application/td+json"
        }]
        // ...
	}

A Thing refers to a group in which it is collected with the collection value:

	{
        "title": "Electric Motor 1",
        "base": "coaps://motor1.example.com",
        // ...
        "links": [{
            "rel": "collection",
            "href": "coaps://drive.example.com",
            "type": " application/td+json"
        }]
        // ...
	}

`forms`

All name-value pairs of an instance of Form, where the name is a Vocabulary Term included in the Signature of Form, MUST be serialized as members of the JSON object that results from serializing the Form instance, with the Vocabulary Term as name.

If required, form objects MAY be supplemented with protocol-specific Vocabulary Terms identified with a prefix. See also .

A TD snippet of a form object in the forms array is given below:

{
    // ...
    "forms": [{
        "op": "writeproperty",
        "href": "http://mytemp.example.com:5683/temp",
        "contentType": "application/json",
        "htv:methodName": "POST"
    }]
    // ...
}

`uriVariables`

href may also carry a URI that contains dynamic variables such as lat and lon in http://example.org/weather/?lat=35&lon=139. In that case the URI can be defined as template as defined in [[RFC6570]]: http://example.org/weather/{?lat,long}.

In such a case, the URI Template variables MUST be collected in the JSON-object based uriVariables member either in the Thing level or in Interaction Affordance level with the associated (unique) variable names as JSON names.

The serialization of each value in the map assigned to uriVariables in an instance of Form MUST rely on the Class DataSchema, whose serialization is defined in .

A TD snippet using a URI Template for query parameters and uriVariables in the Interaction Affordance level is given below:

{
    "@context": "https://www.w3.org/2022/wot/td/v1.1",
    // ...
    "properties": {
        "weather": {
            // ...
            "uriVariables": {
                "lat": {
                    "type": "number",
                    "minimum": 0,
                    "maximum": 90,
                    "description": "Latitude for the desired location in the world" },
                "long": {
                    "type": "number",
                    "minimum": -180,
                    "maximum": 180,
                    "description": "Longitude for the desired location in the world" }
            },
            "forms": [{
              "href": "http://example.org/weather/{?lat,long}",
              "htv:methodName": "GET"
            }]
        },
        // ...
    },
    // ...
}

Alternatively, as defined in [[RFC6570]], uriVariables can be used for replacing the href structure. An example TD is provided below where a valid request to get the forecast of Bogota, Colombia would be an HTTP GET request to http://example.org/weather/bogota:

    {
        "@context": "https://www.w3.org/2022/wot/td/v1.1",
        // ...
        "properties": {
            "weather": {
                // ...
                "uriVariables": {
                    "city": {
                        "type": "string",
                        "description": "City name to find the weather information for"
                    }
                },
                "forms": [{
                    "href": "http://example.org/weather/{city}",
                    "htv:methodName": "GET"
                }]
            },
            // ...
        },
        // ...
    }

The two examples below can be also combined, while using the same uriVariables feature. An HTTP GET request to http://example.org/weather/bogota/?unit=Celsius can be described as follows:

    {
        "@context": "https://www.w3.org/2022/wot/td/v1.1",
        // ...
        "properties": {
            "weather": {
                // ...
                "uriVariables": {
                    "city": {
                        "type": "string",
                        "description": "City name to find the weather information for"
                    },
                    "unit": {
                        "type": "string",
                        "enum": ["fahrenheit_value","celsius_value"],
                        "description": "Desired unit for the temperature value"
                    }
                },
                "forms": [{
                    "href": "http://example.org/weather/{city}/{?unit}",
                    "htv:methodName": "GET"
                }]
            },
            // ...
        },
        // ...
    }

uriVariables are mainly for properties and events. When retrofitting an existing system, it may be necessary to use uriVariables for actions. In general, it is recommended to avoid uriVariables as much as possible when a new WoT-based system is designed.

`contentType`

The contentType member is used to assign a media type [[!RFC2046]] including media type parameters as attribute-value pairs separated by a ; character. Example:

{
    // ...
    "contentType": "text/plain; charset=utf-8",
    // ...
}

`response`

In some use cases, the form metadata of the Interaction Affordance not only describes the request, but also provides metadata for the expected response. For instance, an Action takePhoto defines an input schema to submit parameter settings of a camera (aperture priority, timer, etc.) using JSON for the request payload (i.e., "contentType": "application/json"). The output of this action is the photo taken, which is available in JPEG format, for example. In such cases, the response member is used to indicate the representation format of the response payload (e.g., "contentType": "image/jpeg"). Here no output schema is required, as the content type fully specifies the representation format.

If present, the value assigned to response in an instance of Form MUST be a JSON object. If present, the response object MUST contain a contentType member as defined in the Class definition of ExpectedResponse.

A form snippet with the response member is shown below based on the takePhoto Action described above:

{
    // ...
    "actions": {
        "takePhoto": {
            // ...
            "forms": [{
                "op": "invokeaction",
                "href": "http://camera.example.com/api/snapshot",
                "contentType": "application/json",
                "response": {
                    "contentType": "image/jpeg"
                }
            }]
        }
    },
    // ...
}

`additionalResponses`

In some cases, the message received from the Thing as part of an Interaction Affordance can differ due to different reasons. Such reasons could be error cases or alternative responses for a valid response. In these cases, additionalResponses terms can be used to describe this behavior.

For example, an Action Affordance to turn on a car engine may not work in bad weather conditions or in case the engine needs maintenance. In such a case, the Thing needs to reply with payloads that are not usually used.

A TD snippet with the additionalResponses member in an Action Affordance is shown below. It describes the case mentioned above when an error response can be sent with another payload than what is described in the output. The success with the value false refers to the fact that this payload refers to an error case and schema allows linking to the payload description used at schemaDefinitions:

{
    // ...
    "schemaDefinitions": {
      "actionErrorPayload": {
        "type": "object",
        "properties": {
          "reason": {
            "type": "string",
            "enum": ["cold","hot","maintenance"]
          },
          "timeStamp": {
            "description": "UNIX time in numbers indicating when the error happened",
            "type": "number"
          }
        }
      }
    },
    // ...
    "actions": {
        "startEngine": {
            "output": {
              "type": "string"
            },
            "forms": [{
                "op": "invokeaction",
                "href": "http://mycar.example.com/api/engine",
                "contentType": "application/json",
                "additionalResponses": [{
                    "success": false,
                    "contentType": "application/json",
                    "schema": "actionErrorPayload"
                }]
            }]
        }
    },
    // ...
}

The additionalResponses term can be used in non-error cases as well. In that case, success is set to true and another schema can be used to describe the payload.

`contentMediaType` and `contentEncoding`

In some cases binary data is embedded in text-based values, e.g., a JSON string-based value embeds a base64 encoded image. The terms contentMediaType and contentEncoding can be used to clarify the context and encoding format of such name-value pairs. A sample usage of contentMediaType and contentEncoding is shown below:

{
    // ...
    "properties": {
        "image": {
	        "description": "Provides latest image",
	        "type": "string",
	        "contentMediaType": "image/png",
	        "contentEncoding": "base64",
	        "forms": [{
			    "op": "readproperty",
			    "href": "coaps://mylamp.example.com/lastPicture",
			    "cov:methodName": "GET",
			    "contentType": "application/json"
		    }]
        }
    },
    // ...
}

Top level `forms`

When forms is present at the top level, it can be used to describe meta interactions offered by a Thing. For example, the operation types readallproperties and writeallproperties are for meta interactions with a Thing by which Consumers can read, write or observe all properties at once. In the example below, a forms member is included in the TD root object and the Consumer can use the submission target https://mylamp.example.com/properties both to read or write all Properties (i.e., on, brightness, and timer) of the Thing in a single protocol transaction.

{
    // ...
    "properties": {
        "on": {
            "type": "boolean",
            "forms": [...]
        },
        "brightness": {
            "type": "number",
            "forms": [...]
        },
        "timer": {
            "type": "integer",
            "forms": [...]
        }
    },
    // ...
    "forms": [{
        "op": "readallproperties",
        "href": "https://mylamp.example.com/properties",
        "contentType": "application/json",
        "htv:methodName": "GET"
    },
    {
        "op": "writeallproperties",
        "href": "https://mylamp.example.com/properties",
        "contentType": "application/json",
        "htv:methodName": "PUT"
    }]
}

Thing-level uriVariables can be used here to supply further variables to the operation or to specify a list of Property Affordance names for a readmultipleproperties operation. In the example below, the unit for the properties can be set via such a variable and the desired list of properties can be set:

    {
        // ...
        "properties": {
            "temperature": {
                "type": "number",
                "forms": [...]
            },
            "brightness": {
                "type": "number",
                "forms": [...]
            },
            "humidity": {
                "type": "integer",
                "forms": [...]
            }
        },
        "uriVariables": {
            "propertyNames": {
                "type": "string",
                "description": "Comma separated list of property names to select."
            },
            "unitSystem": {
                "type": "string",
                "enum": ["metric_value","imperial_value","uscustomary_value"],
                "description": "System of Measurement that will be used for the values"
            }
        },
        "forms": [{
            "op": "readallproperties",
            "href": "https://mything.example.com/properties{?unitSystem}",
            "contentType": "application/json",
            "htv:methodName": "GET"
        },
        {
            "op": "readmultipleproperties",
            "href": "https://mylamp.example.com/properties{?propertyNames,unitSystem}",
            "contentType": "application/json",
            "htv:methodName": "GET"
        }]
    }

For a readmultipleproperties operation, an example HTTP GET request to the URI https://mylamp.example.com/properties?propertyNames=humidity,temperature&unitSystem=metric would return the values humidity and temperature Property Affordances, with the metric System of Measurement.

In the case of operation type writeallproperties, it is expected that the Consumer provides all writable (non readOnly) properties and the (new) assigned values (e.g., within payload). Similarly, for the writemultipleproperties operation type, it is expected that the Consumer provides writable (non readOnly) properties. On the Thing side, Thing is expected to return readable (non writeOnly) properties in the case of readmultipleproperties and readallproperties operation types.

Data Schemas

The data schemas of the WoT Thing Description defined through the DataSchema Class are based on a subset of the JSON Schema terms [[?JSON-SCHEMA]]. Thus, serializations of the TD data schemas can be fed directly into JSON Schema validator implementations to validate the data exchanged with Things.

Data schema serialization applies to PropertyAffordance instances, the values assigned to input and output in ActionAffordance instances, the values assigned to subscription, data, and cancellation in EventAffordance instances, and the value assigned to uriVariables in instances of Subclasses of InteractionAffordance (when a form object uses a URI Template).

All name-value pairs of an instance of one of the Subclasses of DataSchema, where the name is a Vocabulary Term included in the Signature of that Subclass or in the Signature of DataSchema, MUST be serialized as members of the JSON object that results from serializing the DataSchema Subclass's instance, with the Vocabulary Term as name.

The value assigned to properties in an instance of ObjectSchema MUST be serialized as a JSON object.

The values assigned to enum, required, and oneOf in an instance of DataSchema MUST be serialized as a JSON array.

The value assigned to items in an instance of ArraySchema MUST be serialized as a JSON object or a JSON array containing JSON objects.

A TD snippet data schema members is given below. Note that the surrounding object may be a data schema object (e.g., for input and output) or a Property object, which would contain additional members.

{
    // ...
    "type": "object",
    "properties": {
        "status": {
            "title": "Status",
            "type": "string",
            "enum": ["on_value", "off_value", "error_value"]
        },
        "brightness": {
            "title": "Brightness value",
            "type": "number",
            "minimum": 0.0,
            "maximum": 100.0
        },
        "rgb": {
            "title": "RGB color value",
            "type": "array",
            "items": {
                "type": "number",
                "minimum": 0,
                "maximum": 255
            },
            "minItems": 3,
            "maxItems": 3
        }
    },
    // ...
}

The terms readOnly and writeOnly can be used to signal which data items are exchanged in read interactions (i.e., when reading a Property) and which in write interactions (i.e., when writing a Property). This can be used as a workaround when Properties of an unconventional Thing exhibit different data for reading and writing, which can be the case when augmenting an existing device or service with a Thing Description.

A TD snippet with the usage of readOnly and writeOnly is given below:

{
    // ...
    "properties": {
        "status": {
            "description": "Read or write On/Off status.",
            "type": "object",
            "properties": {
                "latestStatus": {
                    "type": "string",
                    "enum": ["on_value", "off_value"],
                    "readOnly": true
                },
                "newStatusValue": {
                    "type": "string",
                    "enum": ["on_value", "off_value"],
                    "writeOnly": true
                }
            },
            "forms": [...]
        }
    }
    // ...
}

When the status Property is read, the status data is returned using a latestStatus member in the payload. To update the status Property, the new value must be provided through a newStatusValue member in the payload.

As an additional feature, a Thing Description instance allows the usage of a unit member within data schemas. This can be used to associate a unit of measure to a data item. Its string value can be selected freely. However, it is recommended to select units defined in well-known Vocabularies. See for an example.

Identification

The JSON-based serialization of Thing Descriptions is identified by the media type application/td+json or the CoAP Content-Format ID 432 (see ).

Validation

In several contexts automatic validation of a JSON-based serialization of a Thing Description is useful. Formally, a valid TD satisfies all the assertions in this specification, but not all assertions can be validated given only the JSON serialization, for instance, the assertions listed under that relate a TD to the behavior of a Thing that it describes. Extensions are also problematic, in that even if formal metadata is given for validating an extension, dynamically fetching this metadata in a deployment might pose a privacy risk. In this section, therefore, we name and define various levels of validation appropriate for different contexts.

Minimal Validation

This level of validation includes all assertions implied by normative tables in this document, and those that can be checked by looking only at the TD itself.

Minimal Validation is appropriate where validation needs to be self-contained (e.g. devices on isolated networks). It does not attempt to validate context extensions and vocabularies.

In practice, these assertions can be validated using a JSON Schema in combination with a few spot checks, for example to check that security schema names have matching definitions.

Basic Validation

This level of validation includes all those covered by as well as basic validation of semantic definitions.

Basic validation is appropriate in situations where network access is possible and does not pose a privacy risk, and for relatively unconstrained computing requirements. It is suitable for gateways, for example, but not for endpoints, since semantic processing is required. It can do basic validation of extensions, specfically that the vocabulary used is defined.

In this case, context definition files and SHACL definitions can be used to validate additional assertions and check TDs for semantic consistency. In addition, if context definitions and SHACL constraints for extension vocabularies can be fetched, then these can be used to validate extensions.

Full Validation

Full validation confirms that all the assertions in this document are satisfied, including the assertions given in that confirm the TD is consistent with the Thing it describes.

This level of validation is appropriate during development, before release, and possibly after installation. Validation during development would have to be on test Things. Actual installation of instances of such Things requires updating the TD with appropriate per-instance identifiers and URLs and so for maximum assurance, in-field validation would have to take place after installation.

Binding Templates

Old Abstract

W3C Web of Things enables applications to interact with and orchestrate connected Things at the Web scale. The standardized abstract interaction model exposed by the WoT Thing Description enables applications to scale and evolve independently of the individual Things.

Many network-level protocols, standards and platforms for connected Things have already been developed, and have millions of devices deployed in the field today. These standards are converging on a common set of transport protocols and transfer layers, but each has peculiar content formats, payload schemas, and data types.

Despite using unique formats and data models, the high-level interactions exposed by most connected things can be modeled using the Property, Action, and Event interaction affordances of the WoT Thing Description.

Binding Templates enable a Thing Description to be adapted to a specific protocol, data payload formats or platforms that combine both in specific ways. This is done through additional descriptive vocabularies, Thing Models and examples that aim to guide the implementors of Things and Consumers alike.

This section acts as a base and explains how other binding templates should be designed. Concrete binding templates are then provided in their respective documents, referred to as subspecifications, that are linked to from this document.

Introduction to Binding Templates

IoT addresses multiple use cases from different application domains, while requiring different deployment patterns for devices. This results in different protocols and media types, creating the central challenge for the Web of Things: enabling interactions with the plethora of different IoT platforms and devices that do not follow any particular standard, but provide an eligible interface over a suitable network protocol. WoT is addressing this challenge through Binding Templates.

Binding Templates consist of multiple specifications, referred to as a subspecification in this document, that enable an application client (a WoT Consumer) to interact, using WoT Thing Description[[WOT-THING-DESCRIPTION]] (TD), with Things that exhibit diverse protocols, payload formats and a combination of these in platforms and frameworks. The mechanism that allows Consumers to interact with a variety of Things is called the Binding Mechanism, without which TDs could not build Hypermedia Controls as explained in the [[WOT-ARCHITECTURE]].

When describing a particular IoT device or platform, the corresponding Binding Template can be used to look up the communication metadata that is to be provided in the Thing Description to support that platform. [[[#fig-building-block]]] shows how Binding Templates are used. Based on the protocol, media type or platform binding template, a TD is created. The Consumer that is processing a TD implements the required Binding Template that is present in the TD by including a corresponding protocol stack, media type encoder/decoder or platform stack and by configuring the stack (or its messages) according to the information given in the TD such as serialization format of the messages and header options.

Platforms, Protocols and Media Types as building blocks for binding templates and TD

Each Interaction Affordance in a TD needs to have a binding to a protocol and to a payload format. [[[#fig-mechanism]]] below illustrates an excerpt of a TD of a robot arm with of HTTP and JSON bindings. Here, the Consumer intends to invoke an action of the robot arm (goTo) in order to move it to the position x equals 12 and y equals 100. In order to do so, it creates the correct payload, serializes it and sends it using the correct protocol options. The Thing gets the message over the network and responds with a message that corresponds to its TD. Other protocols, payload formats or their combination are possible and are explained in [[[#binding-overview]]].

Binding Templates mechanism with a TD, Thing and Consumer — Binding Templates Mechanism inside a TD excerpt with messages of its Thing and a Consumer.

The editors also recommend reading the related chapters in [[WOT-ARCHITECTURE]], such as WoT Binding Templates Building Block, Hypermedia Controls, Protocol Bindings and Media Types.

Binding Template Mechanisms

TDs can be bound to specific protocols, payload formats and platforms. This is possible through the three core mechanisms that allow WoT to be used in various domains and scenarios. This section explains how these binding mechanism types are structured, should be specified, and links to corresponding binding documents (subspecifications). These 3 types of mechanisms are:

Protocols: Application layer protocols (e.g., HTTP[[?RFC7231]], CoAP[[?RFC7252]], MQTT[[?MQTT]], etc.) whose different message types are mapped to the WoT Thing Description[[WOT-THING-DESCRIPTION]] forms via reusable vocabulary and extensions.
Payloads: Different payload formats and media types [[IANA-MEDIA-TYPES]] which can be represented in a TD via Data Schemas or forms.
Platforms: Platforms and frameworks who combine the use of protocols and payloads in a certain way, which can be represented via entire Thing Models described by the [[WOT-THING-DESCRIPTION]] or examples of TDs.

Each Binding Template Subspecification is an independent document that has a separate list of authors and publication date. This section explains the binding mechanism by giving requirements per respective binding category and links to the respective subspecification. These can be found in sections [[[#protocol-bindings]]], [[[#payload-bindings]]] and [[[#platform-bindings]]].

Binding Templates Overview and the relationships between each document type — Binding Templates Overview and the Relationships between each Document Type

Each Protocol and Payload Binding Template is specified in a way that they stay independent from each other. This means that each document can be read independently from the other and can be also developed independently. However, Platform Binding Templates are dependent on the Protocol and Payload Binding Templates, since a given platform uses different protocols and payload formats that need to be specified first in their respective binding templates and referred to within a Platform Binding Template.

Protocol Binding Templates

[[WOT-THING-DESCRIPTION]] defines abstract operations such as readproperty, invokeaction and subscribeevent that describe the intended semantics of performing the operation described by the form in a Thing Description. In order for the operations to be performed on the affordance, a binding of the operation to the protocol needs to happen. In other words, the form needs to contain all the information for a Consumer to, for example read a property, with the protocol in the form.

Most protocols have a relatively small set of methods that define the message type, the semantic intention of the message. REST and PubSub architecture patterns result in different protocols with different methods. Each target protocol may specify different method names for similar operations, and there may be semantic differences between similar method names of different protocols. Additionally, Things may use different methods for performing a particular WoT operation. For example, an HTTP POST request may be used for a writeproperty operation in one Thing, while HTTP PUT may be used in another. For these reasons, Thing Descriptions require the ability to specify which method to use per operation.

Common methods found in REST and PubSub protocols are GET, PUT, POST, DELETE, PUBLISH, and SUBSCRIBE. Binding Templates describe how these existing methods and associated vocabularies can be used in a Thing Description to bind to the WoT operations. This is done by defining the URI scheme of the protocol and mapping the protocol methods to the abstract WoT operations such as readproperty, invokeaction and subscribeevent. In some cases, additional instructions are provided to explain how the vocabulary terms should be used in different cases of protocol usage.

The examples below show the binding of the readproperty operation for the HTTP and Modbus protocols. Please note that these are examples and please always refer to the corresponding binding to learn about the relevant vocabulary terms and their values.

                                      {
                                          "href": "http://example.com/props/temperature",
                                          "op": "readproperty",
                                          "htv:methodName": "GET"
                                      }

                                      {
                                          "href": "modbus+tcp://127.0.0.1:60000/1",
                                          "op": "readproperty",
                                          "modv:function": "readCoil",
                                          "modv:address": 1
                                      }

The form elements in the examples above convey the following statements:

Left Example: To do a readproperty of the subject Property Affordance by performing an HTTP GET request on the resource props/temperature to the host at example.com on port 80 (Port 80 is assumed as per [[RFC2616]]).
Right Example: To do a readproperty of the subject Property Affordance using the readCoil function of Modbus at coil 1 of the device with the 127.0.0.1 address at its port 60000

These bindings and their statements are possible for other operations and protocols as well. Below are examples for invokeaction and subscribeevent:

                                      {
                                          "op": "invokeaction",
                                          "href": "http://192.168.1.32:8081/example/levelaction",
                                          "htv:methodName": "POST"
                                      }

                                      {
                                          "op": "subscribeevent",
                                          "href": "mqtt://iot.platform.com:8088",
                                          "mqv:filter": "thing1/events/overheating",
                                          "mqv:controlPacket": "subscribe"
                                      }

The form elements in the examples above convey the following statements:

Left Example: To do an invokeaction of the subject Action Affordance by performing an HTTP POST request on the resource example/levelaction to the host at 192.168.1.32 on port 8081.
Right Example: To do a subscribeevent of the subject Event Affordance by connecting to the MQTT broker at iot.platform.com and port 8088, then subscribing to the topic thing1/events/overheating.

In some cases, header options or other parameters of the protocols need to be included. Given that these are highly protocol dependent, please refer to the bindings listed in [[[#protocol-bindings-table]]]. Additionally, protocols may have defined Subprotocols that can be used for some interaction types. For example, to receive asynchronous notifications using HTTP, some servers may support long polling (longpoll), WebSub [[WebSub]] (websub) and Server-Sent Events [[eventsource]] (sse).

Subprotocols

As defined in [[WOT-ARCHITECTURE]], a subprotocol is an extension mechanism to a protocol. A subprotocol can require a sequence of protocol messages or a specific structure of message payloads, which can have its own semantics within that subprotocol. The use of a subprotocol is expressed with the subprotocol field, as defined in [[!WOT-THING-DESCRIPTION]]. It can be used in a form instance to indicate the use of one of these protocols, for example long polling with its special use of HTTP:

                          {
                              "op": "subscribeevent",
                              "href": "https://mylamp.example.com/overheating",
                              "subprotocol": "longpoll"
                          }

The values that the subprotocol term can take is not constrained by the [[!WOT-THING-DESCRIPTION]] since different protocols can have different subprotocols. Correspondingly, subprotocols are linked to the protocol they are extending and should be understood together with the protocol indicated in href of the forms (or the base). For WebSockets, the IANA-registered Websocket Subprotocols [[iana-web-socket-registry]] may be used. For CoAP, "subprotocol":"cov:observe" can be used to describe asynchronous observation operations as defined by [[RFC6741]]. The subprotocols can be defined and explained as a part of a protocol or platform binding subspecification.

Terms Specified by Protocol Binding Templates

Overall, a protocol binding template specifies the values and structure of certain vocabulary terms in a TD. The table below lists the vocabulary term, the class it belongs to and whether the subspecification is required to specify the values the term can take. In addition to these, additional terms for describing protocol options are typically added.

Terms specified by Protocol Binding Templates
Vocabulary Term	Class	Specification Requirement
@context	Thing	mandatory
href	Form	mandatory
subprotocol	Form	optional
contentType	Form	optional
contentType	ExpectedResponse	optional
contentType	AdditionalExpectedResponse	optional
contentCoding	Form	optional

Existing Protocol Binding Templates

The table below summarizes the currently specified protocols in their respective Binding Template Subspecification.

Existing Protocol Binding Templates
Abbreviation	Name	Link to Binding Template	Link to Ontology
HTTP	Hypertext Transfer Protocol	Binding Template	Ontology
CoAP	Constrained Application Protocol	Binding Template	Ontology
MQTT	Message Queuing Telemetry Transport	Binding Template	Ontology
Modbus	Modbus	Binding Template	Ontology
BACnet	Building Automation and Control Networks	Binding Template	Ontology
PROFINET	Process Field Network	Binding Template	Not available

Using a Thing Description with a Protocol Binding Template Subspecification

Protocol Binding Templates contain vocabularies that extend the vocabulary found in the [[WOT-THING-DESCRIPTION]]. This means that the way a TD is consumed and how the interactions happen with the Thing are adapted to such vocabularies. The steps below explain how this process typically looks like.

Detect the protocol: Upon the activation of a form to execute the operation, the Consumer SHOULD look at the href member and the base (if exists) and identify the protocol.
Choose the correct protocol stack: The Consumer SHOULD use choose the correct protocol from its protocol software stacks.
Validate the forms part of the TD: Using the JSON Schema instances provided in the respective subspecification or through programmatically checking key value pairs, the Consumer MAY validate the respective form terms in order to verify they are correctly specified in the TD instance.
Start communication: The Consumer SHOULD send requests for the chosen operation as specified by the form and additional behavior that is expected. These are specified using the different form terms such as subprotocol or other vocabulary terms introduced by the protocol binding. The interaction affordance data exchanged with the Thing SHOULD be according to the Data Schema and Content Type present in the TD. The corresponding Data Schema to the operation can be found in the [[WOT-THING-DESCRIPTION]], table called Mapping op Values to Data Schemas.

Creating a new Protocol Binding Template Subspecification

When creating a new protocol binding template subspecification, e.g. based on a new communication protocol, the proposed document should enable implementations of this binding in an interoperable way for Consumer and Producer implementations. More specifically, each Binding Template Subspecification MUST specify the following:

URI Scheme: For identification of the used protocol, a standardized URI scheme [[RFC3986]] value MUST be declared in the form of a string. This URI Scheme is used in TDs at top level base or in the href term of the forms container. These can be officially registered ones at IANA [[iana-uri-schemes]] (e.g. "https://", "coap://") or they can be declared in the protocol subspecification (e.g. "mqtt://", "modbus+tcp://"). How the full URI can be constructed for different affordances (or resources) MUST be specified as well.
@context Usage and Ontology: A vocabulary that allows adding protocol options to a Thing Description forms SHOULD be provided to allow semantic annotations of the operations with protocol specific information. The prefix and IRI to be used in the @context in order to link to the vocabulary of the protocol SHOULD be also provided. The prefix SHOULD use the v suffix notation in order to avoid confusion with the URI scheme of the protocol (e.g. htv for HTTP and mqv for MQTT). For instructions on how to create a vocabulary, please refer to our Vocabulary Creation Guide.
Mapping to WoT Operations: Most protocols have a set of methods or verbs that adds a meaning to the messages of the protocol. A protocol binding template MUST be able to map WoT operation types (readproperty, invokeaction, etc.) to concrete protocol message types or methods. When specifying the mapping, the mapping SHOULD be bidirectional, i.e. it should be clear how to do a readproperty operation with the given protocol and how an existing implementation's endpoints can be mapped to a WoT operation should be also clear.
JSON Schema: A JSON Schema to validate the forms of a TD using the Protocol Binding SHOULD be provided. This allows validation of the URI scheme and the vocabulary terms. The JSON Schema instance SHOULD follow the template provided in the Binding Templates Repository.
Specification: The official specification document of the protocol SHOULD be provided. This SHOULD be a static version, i.e. the exact document used during the writing of the binding that is guaranteed to not change. If this is not possible, the specification should be marked with a date of access. When the specification is not publicly available and cannot be linked with a static version, an editor's note should be provided in the introduction, explaining how to get access to the specification.

A template is also provided for new protocol binding template specifications at the Repository.

Payload Binding Templates

[[WOT-THING-DESCRIPTION]] defines two mechanisms to describe how a payload of a message over any protocol can look like. Firstly, media types [[IANA-MEDIA-TYPES]] describe the serialization used for sending and receiving the data with a protocol. They are represented within the contentType in the Forms of a TD, which is mandatory for each Interaction Affordance. Secondly, it defines the Data Schema concept to describe the structure of the messages, which are used together with media types. The combination of the two allows any message to be described in a TD, allowing correct serialization and deserialization of the messages by the Thing and Consumers.

In the rest of this section at [[[#payload-bindings-contentType]]] and [[[#payload-bindings-dataschema]]], you can find examples of how payload bindings can look like. At [[[#payload-bindings-table]]] you can find the current payload binding templates and [[[#payload-bindings-creating]]] explains how new payload binding templates can be created.

Content Types

Content type includes the media type and potential parameters for the media type and it enables proper processing of the serialized documents. This way, the messages can be exchanged in any format and allow the upper layers of an application to adapt to different formats. In some cases such as images, videos or any unstructured data, content type is enough to describe the payload but in cases like JSON ([[RFC8259]]) a Data Schema is usually provided, like explained in [[[#payload-bindings-dataschema]]].

For example, a number payload can be serialized as JSON or XML and be indicated in the contentType of the forms with application/json or application/xml, respectively. Further parametrization is possible via the plus (+) or the semicolon (;) notations.

In the example below, you can find the form elements with content types for JSON and plain text with additional parameters. In this specific case, the forms describe that reading this property with http or coap result in different content types. For structured media types, a Data Schema is generally provided in the affordance level as explained in [[[#payload-bindings-dataschema]]] and in the Data Schema section of the TD specification. However, for unstructured data such as images and videos, a Data Schema is typically not available.

                          {
                              "forms":[
                              {
                                  "href": "http://example.com/properties/temperature",
                                  "op": "readproperty",
                                  "contentType": "application/json"
                              },
                              {
                                  "href": "coap://example.com/properties/temperature",
                                  "op": "readproperty",
                                  "contentType": "text/plain;charset=utf-8"
                              }]
                          }

Other content types can be also expressed in TDs. In the list below, examples of different content type variations can be found. These content types can replace the ones in [[[#example-payload-binding]]].

Structured Content Types without Parametrization
- application/json: JSON [[RFC8259]]
- application/xml: XML [[RFC5364]]
- application/cbor: CBOR [[RFC8949]]
- text/csv: CSV [[RFC4180]]
Structured Content Types with Parametrization
- application/senml+json: SenML Data serialized in JSON [[RFC8259]]
- application/senml+xml: SenML Data serialized as XML
- application/ocf+cbor: OCF payload serialized in CBOR
- text/csv;charset=utf-8: CSV encoded in UTF-8 [[RFC4180]]
Unstructured Content Types
- image/jpeg: JPEG image
- video/mp4: MP4 Video
- application/octet-stream: Generic binary stream

Data Schemas

Data Schema, as explained in [[WOT-THING-DESCRIPTION]], describes the structure of the messages, which are used together with media types. Even though it is largely inspired by JSON Schema [[json-schema]], it can be used for describing other payload types such as [[XML]], string-encoded images, bit representations of integers, etc. Data Schema SHOULD be used in addition to the media types.

Depending on the case, the structure of the messages can be anything from a simple number to arrays or objects with multiple levels of nesting. Existing IoT Platforms and Standards have certain payload formats with variations on how the data is structured. As explained in [[WOT-THING-DESCRIPTION]], Data Schema can be used in a TD in one of the following places:

Property Affordances: Each property affordance can contain terms for Data Schema and describe the property values when read, observed or written to.
Action Affordances: input and output vocabulary terms are used to provide two different schemas when data is exchanged in both directions, such as in the case of invoking an Action Affordance with input parameters and receiving status information.
Event Affordances: data, dataResponse, subscription and cancellation are used to describe the payload when the event data is delivered by the Exposed Thing, the payload to reply with for event deliveries, the payload needed to subscribe to the event and the payload needed to cancel receiving event data from the Exposed Thing, respectively.
URI Variables: In the Thing or Affordance level, uriVariables can describe the data that needs to be supplied inside the request URI as a string.

Below is an example of a simple JSON object payload with the corresponding Data Schema. Examples from various IoT Platforms and Standards can be found in [[[#sec-payload-examples]]].

                                          {
                                              "level": 50,
                                              "time": 10
                                          }

                                          {
                                              "type": "object",
                                              "properties": {
                                                  "level": {
                                                      "type": "integer",
                                                      "minimum": 0,
                                                      "maximum": 255
                                                  },
                                                  "time": {
                                                      "type": "integer",
                                                      "minimum": 0,
                                                      "maximum": 65535
                                                  }
                                              }
                                          }

Terms Specified by Payload Binding Templates

Overall, a payload binding template specifies the values and structure of certain vocabulary terms in a TD. The table below lists the vocabulary term, the class it belongs to and whether the subspecification is required to specify the values the term can take. In addition to these, additional vocabulary terms can be added and restrictions to Data Schema terms can be placed.

Terms specified by Payload Binding Templates
Term	Class	Specification Requirement
contentType	Form	mandatory
contentType	ExpectedResponse	optional
contentType	AdditionalExpectedResponse	optional
contentCoding	Form	optional

Existing Payload Binding Templates

The table below summarizes the currently specified payload binding templates.

Existing Platform Binding Templates
Abbreviation	Name	Media Type	Link
JSON	JavaScript Object Notation	`application/json`	Planned
XML	eXtensible Markup Language	`application/xml`	Link (Work in Progress)
text	text	`text/plain`	Planned
Unstructured Data	Unstructured Data	various	Planned

Creating a new Payload Binding Template Subspecification

Each payload binding template subspecification, SHOULD contain the respective media type. Ideally this media type has been registered at the IANA registry [[IANA-MEDIA-TYPES]] with a corresponding mime type (e.g. application/json). If it is not registered, the binding document can propose a mime type. Additionally, how that media type is represented in a Data Schema SHOULD be demonstrated with examples. In all cases, the following information SHOULD be provided:

Specification: The official specification document of the payload format SHOULD be provided. This SHOULD be a static version, i.e. the exact document used during the writing of the binding that is guaranteed to not change. If this is not possible, the specification should be marked with a date of access. When the specification is not publicly available and cannot be linked with a static version, an editor's note should be provided in the introduction, explaining how to get access to the specification.

Platform Binding Templates

There are already various IoT platforms on the market that allows exposing physical and virtual Things to the Internet. These platforms generally require a certain use of a protocol and payload. Thus, they can be seen as a combination of the and . In these cases, the use of protocol and payload bindings needs to be supported with how they are related to each other in the specific platform.

For example, Things of a certain platform can require the usage of HTTP and Websockets together with certain JSON payload structures. Thus, Platform Binding subspecifications provide Thing Models and examples of TDs that allow to semantically group multiple binding templates. This allows creation of TDs for these platforms in a consistent manner and makes it easier to develop Consumers for them.

Since Platform Binding Templates combine the usage of protocol and payload binding templates, the vocabulary terms and values they can specify are the combination of vocabulary terms in [[[#table-protocol-terms]]] and [[[#table-payload-terms]]]. Similarly, a Platform Binding subspecification SHOULD NOT introduce new protocol binding templates or media types inside its own document. If a Platform Binding subspecification requires the usage of protocol or media type, corresponding protocol or payload binding templates MUST be created first.

Existing Platform Binding Templates

The table below summarizes the currently specified platform binding template subspecifications.

Name	Link
Philips Hue	Planned
ECHONET	Planned
OPC-UA	Planned

Creating a new Platform Binding Template Subspecification

Depending on the platform and the variety of devices it proposes, each platform binding template subspecification will be structured differently. When the platforms offer a reasonable set of device types, a Thing Model for each device type SHOULD be provided. In other cases, possible devices SHOULD be generalized by providing a set of example Thing Models or TDs. In all cases, the following information SHOULD be provided:

Protocol: The protocol used by the platform SHOULD be specified and linked to a protocol binding template subspecification when a corresponding one exists.
Media Type: The media type used by the platform SHOULD be specified and linked to a payload binding template subspecification when a corresponding one exists.
API Documentation: A static link pointing to the used API Documentation or Specification of the platform SHOULD be provided. When the documentation is not publicly available and cannot be included in a static version in the respective folder, an editor's note should be provided in the introduction, explaining how to get access to the documentation.

Behavioral Assertions

The following assertions relate to the behavior of components of a WoT system, as opposed to the representation or information model of the TD. However, note that TDs are descriptive, and may in particular be used to describe pre-existing network interfaces. In these cases, assertions cannot be made that constrain the behavior of such pre-existing interfaces. Instead, the assertions are to be interpreted as constraints on the TD to accurately represent such interfaces.

Security Configurations

To enable secure interoperation, security configurations need to accurately reflect the requirements of the Thing:

If a Thing requires a specific access mechanism for an interaction, that mechanism MUST be specified in the security configuration of the Thing Description.
If a Thing does not require a specific access mechanism for an interaction, that mechanism MUST NOT be specified in the security configuration of the Thing Description.

Some security protocols may ask for authentication information dynamically, including required encoding or encryption schemes. One consequence of the above is that if a protocol asks for a form of security credentials or an encoding or encryption scheme not declared in the Thing Description then the Thing Description is to be considered invalid.

Data Schemas

The data schemas provided in the TD should accurately represent the data payloads returned and accepted by the described Thing in the interactions specified in the TD. In general, Consumers should follow the data schemas strictly, not generating anything not given in the WoT Thing Description, but should accept additional data from the Thing not given explicitly in the WoT Thing Description. In general, Things are described by WoT Thing Descriptions, but Consumers are constrained to follow WoT Thing Descriptions when interacting with Things.

A Consumer when interacting with another target Thing described in a WoT Thing Description MUST generate data organized according to the data schemas given in the corresponding interactions.
A WoT Thing Description MUST accurately describe the data returned and accepted by each interaction.
A Thing MAY return additional data from an interaction even when such data is not described in the data schemas given in its WoT Thing Description. This applies to ObjectSchema and ArraySchema (when items is an Array of DataSchema) where there can be additional properties or items in the data returned. This behaves as if "additionalProperties":true or "additionalItems":true as defined in [[?JSON-SCHEMA]].
A Consumer when interacting with another Thing MUST accept without error any additional data not described in the data schemas given in the Thing Description of the target Thing. This applies to ObjectSchema and ArraySchema (when items is an Array of DataSchema) where there can be additional properties or items in the data returned. This behaves as if "additionalProperties":true or "additionalItems":true as defined in [[?JSON-SCHEMA]].
A Consumer when interacting with another Thing MUST NOT generate data not described in the data schemas given in the Thing Description of that Thing.
A Consumer when interacting with another Thing MUST generate URIs according to the URI Templates, base URIs, and form href parameters given in the Thing Description of the target Thing.
URI Templates, base URIs, and href members in a WoT Thing Description MUST accurately describe the WoT Interface of the Thing.

Protocol Bindings

A Protocol Binding is the mapping from an Interaction Affordance to concrete messages of a specific protocol such as HTTP [[?RFC7231]], CoAP [[?RFC7252]], or MQTT [[?MQTT]]. Protocol Bindings of Interaction Affordances are serialized as forms as defined in .

Every form in a WoT Thing Description needs to have a submission target, given by the href member, as indicated in Form. The URI scheme [[!RFC3986]] of this submission target indicates what Protocol Binding the Thing implements [[wot-architecture11]]. For instance, if the target starts with http or https, a Consumer can then infer the Thing implements the Protocol Binding based on HTTP and it should expect HTTP-specific terms in the form instance (see next section, ).

Every form in a WoT Thing Description MUST follow the requirements of the Protocol Binding indicated by the URI scheme [[!RFC3986]] of its href member.
Every form in a WoT Thing Description MUST accurately describe requests (including request headers, if present) accepted by the Thing in an interaction.

Optimally, the protocols used are listed as a scheme in the IANA registry [[?IANA-URI-SCHEMES]]). This guarantees a unique Protocol Binding assignment. In case the desired protocol is not yet registered with IANA, it is recommended to follow the scheme value of the protocol specifications, if available. In principle, to avoid ambiguity in the identification of the protocol via the scheme, the Protocol Binding document will provide a recommended scheme value to enable unique protocol identification in the context of WoT.

Protocol Binding based on HTTP

Per default the Thing Description supports the Protocol Binding based on HTTP by including the HTTP RDF vocabulary definitions from HTTP Vocabulary in RDF 1.0 [[?HTTP-in-RDF10]]. This vocabulary can be directly used within TD instances by the usage of the prefix htv, which points to http://www.w3.org/2011/http#. Further details of Protocol Binding based on HTTP can be found in [[?WOT-BINDING-TEMPLATES]].

To interact with a Thing that implements the Protocol Binding based on HTTP, a Consumer needs to know what HTTP method to use when submitting a form. In the general case, a Thing Description can explicitly include a term indicating the method, i.e., htv:methodName. For the sake of conciseness, the Protocol Binding based on HTTP defines Default Values for the operation types listed below, which also aims at convergence of the methods expected by Things (e.g., GET to read, PUT to write). When no method is indicated in a form representing an Protocol Binding based on HTTP, a Default Value MUST be assumed as shown in the following table.

Default values of vocabulary terms for HTTP that are used when the terms are not present in a form of a TD, containing an HTTP URI Scheme
Vocabulary term	Default value	Context
`htv:methodName`	`GET`	`Form` with operation type `readproperty`, `readallproperties`, `readmultipleproperties`
`htv:methodName`	`PUT`	`Form` with operation type `writeproperty`, `writeallproperties`, `writemultipleproperties`
`htv:methodName`	`POST`	`Form` with operation type `invokeaction`

For example, the Example 1 in does not contain operation types and HTTP methods in the forms. The following Default Values should be assumed for the forms in the Example 1:

with default values for Protocol Binding based on HTTP

{
    "@context": "https://www.w3.org/2022/wot/td/v1.1",
    "id": "urn:uuid:3a559b69-cbec-4e7b-b543-bd8e6e41fd8b",
    "title": "MyLampThing",
    "securityDefinitions": {
        "basic_sc": {
            "scheme": "basic",
            "in": "header"
        }
    },
    "security": [
        "basic_sc"
    ],
    "properties": {
        "status": {
            "type": "string",
            "readOnly": true,
            "forms": [
                {
                    "op": "readproperty",
                    "href": "https://mylamp.example.com/status"
                }
            ]
        }
    },
    "actions": {
        "toggle": {
            "forms": [
                {
                    "href": "https://mylamp.example.com/toggle"
                }
            ]
        }
    },
    "events": {
        "overheating": {
            "data": {
                "type": "string"
            },
            "forms": [
                {
                    "href": "https://mylamp.example.com/oh",
                    "subprotocol": "longpoll"
                }
            ]
        }
    }
}

{
    "@context": "https://www.w3.org/2022/wot/td/v1.1",
    "id": "urn:uuid:3deca264-4f90-4321-a5ea-f197e6a1c7cf",
    "title": "MyLampThing",
    "securityDefinitions": {
        "basic_sc": {
            "scheme": "basic",
            "in": "header"
        }
    },
    "security": [
        "basic_sc"
    ],
    "properties": {
        "status": {
            "type": "string",
            "readOnly": true,
            "forms": [
                {
                    "op": "readproperty",
                    "href": "https://mylamp.example.com/status",
                    "htv:methodName": "GET"
                }
            ]
        }
    },
    "actions": {
        "toggle": {
            "forms": [
                {
                    "op": "invokeaction",
                    "href": "https://mylamp.example.com/toggle",
                    "htv:methodName": "POST"
                }
            ]
        }
    },
    "events": {
        "overheating": {
            "data": {
                "type": "string"
            },
            "forms": [
                {
                    "op": "subscribeevent",
                    "href": "https://mylamp.example.com/oh",
                    "subprotocol": "longpoll"
                }
            ]
        }
    }
}

In the case of a forms entry that has multiple op values the usage of the htv:methodName is not permitted. A TD Processor will extend the multiple op values to separate forms entries and associates a single operation with the default assumption. The address information (e.g. href) and other metadata are taken over in the extended version.

extended forms in case of multiple values in op

{
    "@context": "https://www.w3.org/2022/wot/td/v1.1",
    "id": "urn:uuid:43e2081d-3fd9-41bf-803d-baaefb79c70f",
    "title": "MyLampThing",
    "securityDefinitions": {
        "basic_sc": {
            "scheme": "basic",
            "in": "header"
        }
    },
    "security": [
        "basic_sc"
    ],
    "properties": {
        "status": {
            "type": "string",
            "forms": [
                {
                    "op" : ["readproperty", "writeproperty"],
                    "href": "https://mylamp.example.com/status"
                }
            ]
        }
    }
}

{
    "@context": "https://www.w3.org/2022/wot/td/v1.1",
    "id": "urn:uuid:9cd44eef-0b3f-4566-94b0-1358af3d86bd",
    "title": "MyLampThing",
    "securityDefinitions": {
        "basic_sc": {
            "scheme": "basic",
            "in": "header"
        }
    },
    "security": [
        "basic_sc"
    ],
    "properties": {
        "status": {
            "type": "string",
            "forms": [
                {
                    "op": "readproperty",
                    "href": "https://mylamp.example.com/status",
                    "htv:methodName": "GET"
                },
                {
                    "op": "writeproperty",
                    "href": "https://mylamp.example.com/status",
                    "htv:methodName": "PUT"
                }
            ]
        }
    }
}

Other Protocol Bindings

The number of Protocol Bindings a Thing can implement is not restricted. Other Protocol Bindings (e.g., for CoAP, MQTT, or OPC UA) are intended to be standardized in separate documents such as a protocol Vocabulary similar to HTTP Vocabulary in RDF 1.0 [[?HTTP-in-RDF10]] or specifications including Default Value definitions. Such protocols can be simply integrated into the TD by the usage of the TD Context Extension mechanism (see ).

Please refer to [[?WOT-BINDING-TEMPLATES]] for information on how to describe IoT platforms and ecosystems.

Thing Model

Basic Concept

The figure below illustrates the relation of the Thing Model and Thing Description. A Thing Model mainly describes interaction affordances such as the Properties, Actions, and Events and common metadata. When a Thing Descriptions is instantiated by relying on a Thing Model, it SHOULD be valid according to that Thing Model. This paradigm can be compared with abstract class or interface definition (~Thing Model) in object-oriented programming to create objects (~Thing Descriptions).

Thing Model and its relation to the Thing Description.

The Thing Model is a logical description of the interface and possible interaction with Thing's Properties, Actions, and Events, however it does not contain Thing instance-specific information, such as concrete protocol usage (e.g., IP address), or even a serial number and GPS location. However, Thing Models allows to include, e.g., security schemes if they apply to the entire class of instances the model describes. They might have URLs (e.g., like token servers) that might need to be omitted or parameterized (with templates) although in a lot of cases these might also be given.

Thing Model can be serialized in the same JSON-based format as a Thing Description which also allows JSON-LD processing. Note that a Thing Model cannot be validated in the same way as Thing Description instances due to some missing mandatory terms. This means that any term that is not using the placeholder type, still uses the types declared in TD Information Model. For example, the value of minimum needs to be an integer, unless a placeholder is used.

You can use the JSON Schema to validate TM instances that are serialized as JSON.

Thing Model Declaration

A Thing Model is recognized by the top level @type. Thing Model definitions MUST use the keyword @type at top level and a value of type string or array that equals or respectively contains tm:ThingModel. Additionally, in order to identify it as a JSON-LD document, Thing Model definitions MUST use the keyword @context at top level with same rules as a Thing Description. The prefix tm is defined within Thing Descriptions' context and points to the Thing Model namespace as defined in . It is intended that vocabulary from the tm context only be used in Thing Model definitions and are removed or replaced when Thing Descriptions are generated (also see ).

A Thing Model MAY NOT contain instance specific Protocol Binding and security information such as endpoint addresses. Consequently, Thing Model definitions will also be valid if there are no JSON members like forms, base, securityDefinitions, and security. Thing Models are also valid even if these JSON members are used (e.g., as template), however, the nested mandatory members like href are omitted.

shows a valid sample lamp Thing Model without any protocol and security information.

Modeling Tools

In the context of Thing Model definitions specific features are introduced that can be used for Thing modelling.

Versioning

When the Thing Model definitions change over time, this SHOULD be reflected in the version container. The string-based term model is used within the version container to provide such versioning information, like [[SEMVER]]. The following snippet shows the usage of model in a Thing Model instance.

        {
            // ...
            "@type": "tm:ThingModel",
            "title": "Lamp Thing Model",
            "description": "Lamp Thing Description Model",
            "version" : {"model": "1.0.0"},
            // ...
        }

Due to the definition of Thing Model the term instance MUST be omitted within the version container.

When Thing Models are updated and have a new version, this may affect other Thing Models that use the extension and import features (see Section ). In some cases it is also useful to reflect a new version in the file name and/or in a corresponding URL to identify the version.

Extension and Import

A Thing Model can extend an existing Thing Model by using the tm:extends mechanism announced in the links definition: When a Thing Model extends another Thing Model, at least one links entry with "rel": "tm:extends" that targets a Thing Model that is be extended MUST be used. The Thing Model will inherit all definitions from the extended Thing Model. There is the opportunity to extend the existing definition with further metadata by providing further JSON name-value pairs from the existing TD information model () or using the context extension concept (). A Thing Model can also overwrite existing definitions such as title(s) and maximum etc.. For this there exist two limitations: A Thing Model SHOULD NOT overwrite the JSON names defined within the properties, actions, and/or events Map of the extended Thing Model. Definitions SHOULD NOT be overwritten in such a way that possible instance values are no longer valid compared to the origin extended definitions. Those assertions preserve the semantics throughout of the extended Thing Model. E.g., it is not allowed that a "minimum":2 from a extended Thing Model can be overwritten with "minimum":0. Meanwhile, overwriting with "minimum":5 would work since all instances values will always fulfill the restrictions of the extended Thing Model (also see Figure for further explanation).

Lets assume we have a basic model description as provided in the following example:

        {
            "@context": ["https://www.w3.org/2022/wot/td/v1.1"],
            "@type": "tm:ThingModel",
            "title": "Basic On/Off Thing Model",
            "properties": {
                "onOff": {
                    "type": "boolean"
                }
            }
        }

Now a new device class model called 'Smart Lamp Control' that will be used as template for creating TD instances is designed. This model will reuse the existing definition of the 'Basic On/Off Thing Model' and extend it with a dim property:

        {
            "@context": ["https://www.w3.org/2022/wot/td/v1.1"],
            "@type": "tm:ThingModel",
            "title": "Smart Lamp Control with Dimming",
            "links" : [{
                "rel": "tm:extends",
                "href": "http://example.com/BasicOnOffTM",
                "type": "application/tm+json"
             }],
            "properties" : {
                "dim" : {
                    "title": "Dimming level",
                    "type": "integer",
                    "minimum": 0,
                    "maximum": 100
                }
           }
        }

Please note that the title is overwritten and will be used when TD instances are created (also see in the next subsection ).

The tm:extends feature only permits inheriting all definitions of one Thing Model. In many use cases, however, it is desired only to import pieces of definitions of one or more existing Thing Models. For importing pieces of definitions of one or more existing Thing Models, the tm:ref term is introduced that provides the location of an existing (sub-)definition that SHOULD be reused. The tm:ref value MUST follow the pattern that starts with the file location as URI [[RFC3986]](Section 4.1)), followed by # character, and followed by JSON Pointer [[RFC6901]] definition. Note that the URI can also be empty, indicating a same-document reference [[RFC3986]](Section 4.4)). In this case, the tm:ref is supposed to be interpreted as a relative reference. Every time tm:ref is used, the referenced pre-definition and its dependencies (e.g., by context extension) MUST be assumed at the new defined definition.

Portions of the tm:ref value might contain non-ASCII characters that require URL ("percent") encoding before use. Before applying escapes to a tm:ref value, implementations should check that the value is not already encoded.

The following example shows a new TM definition that imports the existing definition of the property onOff from into the new property definition switch.

        {
            "@context": ["https://www.w3.org/2022/wot/td/v1.1"],
            "@type": "tm:ThingModel",
            "title": "Smart Lamp Control",
            "properties" : {
                "switch" : {
                    "tm:ref": "http://example.com/BasicOnOffTM.tm.jsonld#/properties/onOff"
                }
           }
        }

As an example for relative imports using tm:ref, the following Thing Model re-uses and augments (see below) a genericTemperature property in two more specific properties, which describe an inner and an outer temperature value, respectively.

        {
            "@context": "https://www.w3.org/2022/wot/td/v1.1",
            "@type": "tm:ThingModel",
            "title": "Multi Sensor",
            "properties": {
                "genericTemperature": {
                    "type": "number",
                    "unit": "C"
                },
                "innerTemperature": {
                    "tm:ref": "#/properties/genericTemperature",
                    "title": "The inner temperature",
                    "minimum": 10
                },
                "outerTemperature": {
                    "tm:ref": "#/properties/genericTemperature",
                    "title": "The outer temperature",
                    "description": "The outer temperature is measured in Kelvin",
                    "unit": "K"
                }
            },
            "tm:optional": [
                "/properties/genericTemperature"
            ]
        }

At the place the "tm:ref" is defined, additional name-value pairs can be added. It is also permitted to override name-value pairs from the referenced definition. If the intention is to override an existing JSON name-value pair definition from tm:ref, the same JSON name MUST be used at the same level of the tm:ref declaration that provides a new value. The process to overwrite MUST follow the JSON Merge algorithm as defined in [RFC7396] where the content of the referenced definition is ed with the new provided JSON name-value pairs.

It is noted that the values can also be based on a JSON object or array, or simply be a null value. null would result to a removal of existing JSON name-value pair in the target.

Similar to tm:extends and to keep the semantic meaning, definitions SHOULD NOT be overwritten in such a way that possible instance values are no longer valid compared to the origin referenced definition.

The following example shows a new TM definition that overwrites (maximum), enhances (unit), and removes (title) existing definitions from .

        {
            "@context": ["https://www.w3.org/2022/wot/td/v1.1"],
            "@type": "tm:ThingModel",
            "title": "Smart Lamp Control",
            "properties" : {
                "dimming" : {
                    "tm:ref": "http://example.com/SmartLampControlwithDimming.tm.jsonld#/properties/dim",
                    "title": null,
                    "maximum": 80,
                    "unit": "%"
                }
           }
        }

Based on the JSON Merge algorithm the {"title": null,"maximum": 80,"unit": "%"} would act as a for the referenced origin content {"title": "Dimming level", "type": "integer", "minimum": 0, "maximum": 100}.

The tm:extends and the import mechanism based on tm:ref can also be used at the same time in a TM definition. The following example extends the TM from and imports the status and dim definitions from and respectively.

        {
            "@context": ["https://www.w3.org/2022/wot/td/v1.1"],
            "@type": "tm:ThingModel",
            "title": "Smart Lamp Control",
            "links" : [{
                "rel": "extends",
                "href": "http://example.com/BasicOnOffTM",
                "type": "application/tm+json"
             }],
            "properties" : {
                "status" : {
                    "tm:ref": "http://example.com/LampTM.tm.jsonld#/properties/status"
                },
                "dimming" : {
                    "tm:ref": "http://example.com/LampWithDimmingTM.tm.jsonld#/properties/dim"
                }
           }
        }

The tm:extends and the import mechanism based on tm:ref explicitly supports transitive extension (a hierarchy of extensions). For example, assuming there are 3 TMs: "A" which defines a tm:extends of the TM "B" which itself defines a tm:extends of the TM "C". Consequently, the "A" TM extends all definitions of both "B" and "C". Recursive extensions leading to an infinite loop MUST NOT be defined.

The following figure summarizes the allowable override behaviour of the extension and imports TM functions presented in this section. Three Thing Models use the tm:ref or tm:extends feature to reuse TM definitions of the Smart Lamp Control Thing Model. The first Thing Model imports and overwrites the maximum value to 120 within the dimmer property. However, this results in possible instance values (at runtime) that may not be in the range of the original dim definition between 0 and 100 of the dim definition of the Smart Lamp Control Thing Model. Thus, such a Thing Model definition is not allowed. The second model overwrites the property type value by number. Again, this will potentially result in numeric dim values that are not accepted by the definition of the origin dim type definition (integer) of the Smart Lamp Control Thing Model. The last model is defined in a correct way. The new ranges of dim produce potential instance values that are also fulfilled by the original dim definition.

Composition

In some applications, it is beneficial to reuse existing Thing Model definitions and compose them into a new IoT system. An example would be that a new Smart Ventilator is designed to consist of two sub/child Thing Model definitions such as a Ventilation Thing Model that provides on/off and adjustRpm capabilities, and an LED Thing Model that provides dimmable and RGB capabilities.

Top level/parent Smart Ventilator Thing Model

        {
            "@context": "https://www.w3.org/2022/wot/td/v1.1",
            "@type": "tm:ThingModel",
            "title": "Smart Ventilator Thing Model",
            "version" : { "model": "1.0.0" },
            "links": [
              {
                "rel": "tm:submodel",
                "href": "./Ventilation.tm.jsonld",
                "type": "application/tm+json",
                "instanceName": "ventilation"
              },
              {
                "rel": "tm:submodel",
                "href": "./LED.tm.jsonld",
                "type": "application/tm+json",
                "instanceName": "led"
              }
            ],
            "properties" : {
                "status" : {"type": "string", "enum": ["on_value", "off_value", "error_value"]}
            }
          }

        {
            "@context": "https://www.w3.org/2022/wot/td/v1.1",
            "@type": "tm:ThingModel",
            "title": "Ventilator Thing Model",
            "version": {
                "model": "1.0.0"
            },
            "properties": {
                "switch": {
                    "type": "boolean",
                    "description": "True=On; False=Off"
                },
                "adjustRpm": {
                    "type": "number",
                    "minimum": 200,
                    "maximum": 1200
                }
            }
        }

        {
            "@context": "https://www.w3.org/2022/wot/td/v1.1",
            "@type": "tm:ThingModel",
            "title": "LED Thing Model",
            "version": {
                "model": "1.0.0"
            },
            "properties": {
                "R": {
                    "type": "number",
                    "description": "Red color"
                },
                "G": {
                    "type": "number",
                    "description": "Green color"
                },
                "B": {
                    "type": "number",
                    "description": "Blue color"
                }
            },
            "actions": {
                "fadeIn": {
                    "title": "fadeIn",
                    "input": {
                        "type": "number",
                        "description": "fadeIn in ms"
                    }
                },
                "fadeOut": {
                    "title": "fadeOut",
                    "input": {
                        "type": "number",
                        "description": "fadeOut in ms"
                    }
                }
            }
        }

Such composition can be introduced by the usage of the links container. If it is desired to provide information that a Thing Model consists of one or more (sub-)Thing Models, the links entries MUST use the "rel": "tm:submodel" that targets to the (sub-) Thing Models. Optionally an instanceName MAY be provided to associate an individual name to the composed (sub-) Thing Model. This is useful when multiple similar Thing Model definitions are composed and needs to be distinguished.

Different strategies can be followed to generate Thing Descriptions from composed Thing Model definitions. The default recommendation is to generate from each parent and sub/child Thing Model a corresponding Thing Descriptions (also see ). The composition relation can be reflected by the collection and item relation types in the links container of the Thing Descriptions. An example based on Smart Ventilation is given here:

Thing Descriptions of the Smart Ventilator

        {
            "@context": "https://www.w3.org/2022/wot/td/v1.1",
            "title": "Smart Ventilator",
            "securityDefinitions": {
                "basic_sc": {
                    "scheme": "basic",
                    "in": "header"
                }
            },
            "security": "basic_sc",
            "links": [
                {
                    "rel": "item",
                    "href": "./Ventilation.td.jsonld",
                    "type": "application/td+json"
                },
                {
                    "rel": "item",
                    "href": "./LED.td.jsonld",
                    "type": "application/td+json"
                },
                {
                    "rel": "type",
                    "href": "./SmartVentilator.tm.jsonld",
                    "type": "application/tm+json"
                }
            ],
            "properties": {
                "status": {
                    "type": "string",
                    "enum": [
                        "on_value",
                        "off_value",
                        "error_value"
                    ],
                    "forms": [
                        {
                            "href": "http://127.0.13.232:4563/status"
                        }
                    ]
                }
            }
        }

        {
            "@context": "https://www.w3.org/2022/wot/td/v1.1",
            "title": "Ventilator",
            "securityDefinitions": {
                "basic_sc": {
                    "scheme": "basic",
                    "in": "header"
                }
            },
            "security": "basic_sc",
            "links": [
                {
                    "rel": "collection",
                    "href": "./SmartVentilation.td.jsonld",
                    "type": "application/td+json"
                },
                {
                    "rel": "type",
                    "href": "./Ventilation.tm.jsonld",
                    "type": "application/tm+json"
                }
            ],
            "security": "basic_sc",
            "properties": {
                "switch": {
                    "type": "boolean",
                    "description": "True=On; False=Off",
                    "forms": [
                        {
                            "href": "http://127.0.13.212:4563/switch"
                        }
                    ]
                },
                "adjustRpm": {
                    "type": "number",
                    "minimum": 200,
                    "maximum": 1200,
                    "forms": [
                        {
                            "href": "http://127.0.13.212:4563/adjustRpm"
                        }
                    ]
                }
            }
        }

        {
            "@context": "https://www.w3.org/2022/wot/td/v1.1",
            "title": "LED Thing Model",
            "securityDefinitions": {
                "basic_sc": {
                    "scheme": "basic",
                    "in": "header"
                }
            },
            "security": "basic_sc",
            "links": [
                {
                    "rel": "collection",
                    "href": "./SmartVentilation.td.jsonld",
                    "type": "application/td+json"
                },
                {
                    "rel": "type",
                    "href": "./LED.tm.jsonld",
                    "type": "application/tm+json"
                }
            ],
            "properties": {
                "R": {
                    "type": "number",
                    "description": "Red color",
                    "forms": [
                        {
                            "href": "http://127.0.13.211:4563/R"
                        }
                    ]
                },
                "G": {
                    "type": "number",
                    "description": "Green color",
                    "forms": [
                        {
                            "href": "http://127.0.13.211:4563/G"
                        }
                    ]
                },
                "B": {
                    "type": "number",
                    "description": "Blue color",
                    "forms": [
                        {
                            "href": "http://127.0.13.211:4563/B"
                        }
                    ]
                }
            },
            "actions": {
                "fadeIn": {
                    "title": "fadeIn",
                    "input": {
                        "type": "number",
                        "description": "fadeIn in ms"
                    },
                    "forms": [
                        {
                            "href": "http://127.0.13.211:4563/fadeIn"
                        }
                    ]
                },
                "fadeOut": {
                    "title": "fadeOut",
                    "input": {
                        "type": "number",
                        "description": "fadeOut in ms"
                    },
                    "forms": [
                        {
                            "href": "http://127.0.13.211:4563/fadeOut"
                        }
                    ]
                }
            }
        }

A single TD can also be generated which contains the interaction definitions of the top level/parent Thing Model and all interaction definitions of all sub/child Thing Models. Thereby the generation process MUST avoid possible name collisions. The following example shows a potential generated (self-contained) Thing Description of the Smart Ventilator Thing Model.

    {
        "@context": "https://www.w3.org/2022/wot/td/v1.1",
        "title": "Smart Ventilator",
        "securityDefinitions": {
            "basic_sc": {
                "scheme": "basic",
                "in": "header"
            }
        },
        "security": "basic_sc",
        "links": [
            {
                "rel": "type",
                "href": "./SmartVentilator.tm.jsonld",
                "type": "application/tm+json"
            }
        ],
        "properties": {
            "status": {
                "type": "string",
                "enum": [
                    "on_value",
                    "off_value",
                    "error_value"
                ],
                "forms": [
                    {
                        "href": "http://127.0.13.232:4563/status"
                    }
                ]
            },
            "switch": {
                "type": "boolean",
                "description": "True=On; False=Off",
                "forms": [
                    {
                        "href": "http://127.0.13.212:4563/switch"
                    }
                ]
            },
            "adjustRpm": {
                "type": "number",
                "minimum": 200,
                "maximum": 1200,
                "forms": [
                    {
                        "href": "http://127.0.13.212:4563/adjustRpm"
                    }
                ]
            },
            "R": {
                "type": "number",
                "description": "Red color",
                "forms": [
                    {
                        "href": "http://127.0.13.211:4563/R"
                    }
                ]
            },
            "G": {
                "type": "number",
                "description": "Green color",
                "forms": [
                    {
                        "href": "http://127.0.13.211:4563/G"
                    }
                ]
            },
            "B": {
                "type": "number",
                "description": "Blue color",
                "forms": [
                    {
                        "href": "http://127.0.13.211:4563/B"
                    }
                ]
            }
        },
        "actions": {
            "fadeIn": {
                "title": "fadeIn",
                "input": {
                    "type": "number",
                    "description": "fadeIn in ms"
                },
                "forms": [
                    {
                        "href": "http://127.0.13.211:4563/fadeIn"
                    }
                ]
            },
            "fadeOut": {
                "title": "fadeOut",
                "input": {
                    "type": "number",
                    "description": "fadeOut in ms"
                },
                "forms": [
                    {
                        "href": "http://127.0.13.211:4563/fadeOut"
                    }
                ]
            }
        }
    }

tm:optional

In some cases it is desirable to not enforce which interaction affordances are mandatory and do not necessarily need to be implemented in a Thing Description instance. If interaction models are not mandatory to be implemented in a Thing Description instance, Thing Model definitions MUST use the JSON member name tm:optional. tm:optional MUST be a JSON array at the top level. The value of tm:optional MUST provide JSON Pointer [[RFC6901]] references to the required interaction model definitions. The JSON Pointers of tm:optional MUST resolve to an entire interaction affordance Map definition.

The following sample shows the usage of tm:optional for the Event interaction overheating.

{
    "@context": ["https://www.w3.org/2022/wot/td/v1.1"],
    "@type": "tm:ThingModel",
    "title": "Lamp Thing Model",
    "description": "Lamp Thing Model Description",
    "tm:optional": [
        "/events/overheating"
    ],
    "properties": {
        "status": {
            "description": "current status of the lamp (on|off)",
            "type": "string",
            "readOnly": true
        }
    },
    "actions": {
        "toggle": {
            "description": "Turn the lamp on or off"
        }
    },
    "events": {
        "overheating": {
            "description": "Lamp reaches a critical temperature (overheating)",
            "data": {"type": "string"}
        }
    }
}

Since the Event overheating is not mandatory it may not be available in a Thing Description instance.

Please note that an optional definition in a Thing Model definition can be overwritten in the case it is extended by another Thing Model through the use of tm:ref:

    {
        "@context": ["https://www.w3.org/2022/wot/td/v1.1"],
        "@type": "tm:ThingModel",
        "title": "Lamp Thing Model (All Mandatory)",
        "description": "Lamp Thing Model description expects all interaction affordances (status, toggle, and overheating)",
        "links": [
           {
              "rel": "tm:extends",
              "href": "./lampThingModel.tm.jsonld",
              "type": "application/tm+json"
           }
        ],
        "events": {
            "overheating": {
                "tm:ref": "./lampThingModel.tm.jsonld#/events/overheating"
            }
        }
    }

Placeholder

A Thing Model can specify which terms should be used in a TD instance, but their values are unspecific and are first known during TD instantiation. In a case where TD instance terms, but not their values, are known in advance, the placeholder labeling MAY be used in a Thing Model. The placeholder labeling MUST be substituted with a concrete value (e.g., as JSON number, JSON string, JSON object, etc) when TD instance is created from the Thing Model. The string-based pattern of the placeholder MUST follow a valid pattern based on the regular expression {{2}[ -~]+}{2} (e.g., {{PLACEHOLDER_IDENTIFIER}}). The characters between {{ and }} are used as identifier name of the placeholder. The identifier name can be used to identify the placeholder for the substitution process. A placeholder MUST be applied within the value of the JSON name-value pair. If a non string-based value of a JSON name-value pair has a placeholder, the value MUST be (temporarily) typed as string. After replacing the placeholder, e.g. when creating a Thing Description instance, the original type is applied with the corresponding replaced value.

The following Thing Model example defines different placeholders. The placeholder map is used to apply the replacement and to transform the intended value type.

Thing Description generation from Thing Model

{
	"@context": ["https://www.w3.org/2022/wot/td/v1.1"],
	"@type": "tm:ThingModel",
	"title": "Thermostate No. {{THERMOSTATE_NUMBER}}",
	"version": "{{VERSION_INFO}}",
	"base": "mqtt://{{MQTT_BROKER_ADDRESS}}",
	"properties": {
		"temperature": {
			"description": "Shows the current temperature value",
			"type": "number",
			"minimum": -20,
			"maximum": "{{THERMOSTATE_TEMPERATURE_MAXIMUM}}",
			"observable": "{{THERMOSTATE_TEMPERATURE_OBSERVABLE}}"
		}
	}
	...
}

{
	"THERMOSTATE_NUMBER": 4,
	"MQTT_BROKER_ADDRESS": "192.168.178.72:1883",
	"THERMOSTATE_TEMPERATURE_MAXIMUM": 47.7,
	"THERMOSTATE_TEMPERATURE_OBSERVABLE": true,
	"VERSION_INFO": {"instance": "1.0.1", "model": "2.0.0"}
}

{
	"@context": ["https://www.w3.org/2022/wot/td/v1.1"],
	"@type": "Thing",
	"title": "Thermostate No. 4",
	"version": {"instance": "1.0.1", "model": "2.0.0"},
	"base": "mqtt://192.168.178.72:1883",
	"properties": {
		"temperature": {
			"description": "Shows the current temperature value",
			"type": "number",
			"minimum": -20.0,
			"maximum": 47.7,
			"observable": true
		}
	}
	...
}

Derivation of Thing Description Instances

Thing Models can be used as templates to generate a Thing Description based on the restrictions defined in Sections and . During this process missing data such as communication and security metadata have to be complemented to create valid Thing Description instances. A Thing Model MUST be defined in such a way that there are no inconsistencies that would result in a Thing Description not being able to meet the requirements as described in Section and . A TM-to-TD generator to derive a Thing Description instance from a Thing Model transforms it to a Partial TD using the following steps:

Copy all definitions from the input Thing Model to the resulting Partial TD instance. If used, the extension and imports feature MUST be resolved and represented in the Partial TD instance according to .
If used, links element entry with "rel":"tm:extends" MUST be removed from the current Partial TD
The tm:ThingModel value of the top-level @type MUST be removed in the Partial TD instance.
All required interactions (not listed in tm:optional) MUST be taken over to the Partial TD instance.
All optional interactions (listed in tm:optional) MAY be taken over to the Partial TD instance.
If used, all placeholders (see Section ) in the Thing Model MUST be replaced with a valid corresponding value in the Partial TD.

Finally, a TM-to-TD generator will take the resulting Partial TD and transform it into a Thing Description with this last step

Missing communication and/or security metadata details MUST be completed in the Thing Description instance based on Section and/or .

It is recommended that the id value of a Thing Model provides a placeholder such as "id": "urn:example:{{RANDOM_ID_PATTERN}}" for the TD generation process. Please avoid including metadata in the id pattern.

Thing Description instances that follow a Thing Model can carry the information regarding which type of Thing Model is derived. In this context, the linking concept can be used with "rel": "type" (also see Section ), as shown in the following example:

Linking Thing Description to a Thing Model Definition

{
	// ...
	"@type": "tm:ThingModel",
	"title": "Smart Pump",
	"id": "urn:example:{{RANDOM_ID_PATTERN}}",
	"description": "Smart Pump live plant and simulator",
	"version" : {"model" : "1.0.0" },
	// ...
}

{
	// ...
	"@type": "Thing",
	"title": "Smart Pump",
	"id": "urn:example:123-321-123-321",
	"description": "Smart Pump live plant and simulator",
	"version" : {"instance": "1.0.0", "model": "1.0.0" },
	"links" : [{
		"rel": "type",
		"href": "http://example.com/ThingModelPool/Pump",
		"type": "application/tm+json"
	}],
	// ...
}

Please note that a TD can only be an instance of one TM at a time. That means for Thing Descriptions: The links array MUST use the entry with "rel": "type" a maximum of once. If it is desired to reflect all relationships to other Things in a Thing Description, the composition mechanism in TMs can be considered (see Section ).

Examples

The following Thing Model extends the model as shown in and overwrites the maximum value of the dim property

    {
        "@context": ["https://www.w3.org/2022/wot/td/v1.1"],
        "@type": "tm:ThingModel",
        "links" : [{
            "rel": "tm:extends",
            "href": "http://example.com/SmartControlLampTM",
            "type": "application/tm+json"
         }],
        "properties" : {
            "dim" : {
                "maximum": 200
            }
       }
    }

The expected Thing Description that is derived from this Thing Model would be (with HTTP Binding and basic security applied):

        {
            "@context": ["https://www.w3.org/2022/wot/td/v1.1"],
            "@type": "Thing",
            "title": "Smart Lamp Control",
            "securityDefinitions": {
                "basic_sc": {"scheme": "basic", "in": "header"}
            },
            "security": "basic_sc",
            "links" : [{
                "rel": "type",
                "href": "url/to/SmartLampControlModifiedDimTM",
                "type": "application/tm+json"
             }
           ],
           "properties" : {
                "onOff": {
                    "type": "boolean",
                    "forms": [{"href": "https://smartlamp.example.com/onoff"}]
                },
                "dim" : {
                    "type": "integer",
                    "minimum": 0,
                    "maximum": 200,
                    "forms": [{"href": "https://smartlamp.example.com/dim"}]
                }
           }
        }

IANA Considerations

`application/td+json` Media Type Registration

Type name:

application

Subtype name:

td+json

Required parameters:

None

Optional parameters:

None

Encoding considerations:

See RFC 6839, section 3.1.

Security considerations:

See , , , and in the published specification.

Interoperability considerations:

See RFC 8259.

Rules for processing both conforming and non-conforming content are defined in this specification.

Published specification:

W3C Web of Things (WoT) Thing Description 1.1: https://www.w3.org/TR/wot-thing-description11/

Applications that use this media type:

All participating entities in the W3C Web of Things, that is, Things, Consumers, and Intermediaries as defined in the W3C Web of Things (WoT) Architecture 1.1: https://www.w3.org/TR/wot-architecture11/ document.

Fragment identifier considerations:

See RFC 6839, section 3.1.

Additional information:

Magic number(s):: Not Applicable
File extension(s):: .jsontd
Please look at the current IANA registration; in the future .td.json and .td.jsonld may also be allowed.
Macintosh file type code(s):: TEXT

Person & email address to contact for further information:

Matthias Kovatsch <[email protected]>

Intended usage:

COMMON

Restrictions on usage:

None

Author(s):

The Web of Things (WoT) Thing Description specification is a product of the Web of Things Working Group.

Change controller:

W3C

`application/tm+json` Media Type Registration

Type name:

application

Subtype name:

tm+json

Required parameters:

None

Optional parameters:

None

Encoding considerations:

See RFC 6839, section 3.1.

Security considerations:

See , , , and in the published specification.

Interoperability considerations:

See RFC 8259.

Rules for processing both conforming and non-conforming content are defined in this specification.

Published specification:

W3C Web of Things (WoT) Thing Description 1.1

Applications that use this media type:

All participating entities in the W3C Web of Things, that is, Things, Consumers, and Intermediaries as defined in the W3C Web of Things (WoT) Architecture 1.1 document.

Fragment identifier considerations:

See RFC 6901, section 3 and section 6. Note that reserved characters may be percent encoded.

Additional information:

Magic number(s):: Not Applicable
File extension(s):: .jsontm, .tm.json, .tm.jsonld (preferred file extension)
Macintosh file type code(s):: TEXT

Person & email address to contact for further information:

[email protected]

Intended usage:

COMMON

Restrictions on usage:

None

Author(s):

The Web of Things (WoT) Thing Description specification is a product of the Web of Things Working Group.

Change controller:

W3C

CoAP Content-Format Registration

IANA assigns compact CoAP Content-Format IDs for media types in the CoAP Content-Formats subregistry within the Constrained RESTful Environments (CoRE) Parameters registry [[RFC7252]]. The Content-Format ID for WoT Thing Description is 432 and for the WoT Thing Model is - (tbd).

WoT Thing Description

Media Type:: application/td+json
Encoding:: -
ID:: 432
Reference:: ["Web of Things (WoT) Thing Description 1.1", April 2022]

WoT Thing Model

Media Type:: application/tm+json
Encoding:: -
ID:: 433
Reference:: ["Web of Things (WoT) Thing Description 1.1", April 2022]

Single contentType case, where both input and output use the same contentType
Case	Needed Terms	Explanation	Consumer Behavior	Thing Behavior
Case 1A: Input present, output not present	`contentType` inside the form	`contentType` refers only to the input	Encode input payload according to the `contentType` available in the form. If possible in the used protocol, add the value of `contentType` to the input header.	If possible in the used protocol, decode the input payload in the using the input header `contentType`. If not possible in the used protocol or not available, decode the output payload in the corresponding `contentType` available in the form.
Case 1B: Input not present, output present.	`contentType` inside the form.	`contentType` refers only to the output.	If possible in the used protocol, add preference for the `contentType` available in the form to the input header. If possible in the used protocol, decode the output payload using the output header `contentType`. If not possible in the used protocol or not available, decode the output payload in the corresponding `contentType` available in the form.	Encode output payload in the corresponding `contentType` available in the form. If possible in the used protocol, add the value of `contentType` to the output header.
Case 1C: Input and output present, same `contentType` for messages.	`contentType` inside the form.	`contentType` refers both to input and output.	Encode input payload according to the `contentType` available in the form. If possible in the used protocol, add the value of `contentType` to the input header. If possible in the used protocol, add preference for the `contentType` of the output payload to the input header using value in the `contentType`. If possible in the used protocol, decode the output payload using the output header `contentType`. If not possible in the used protocol or not available, decode the output payload in the corresponding `contentType` available in the form.	If possible in the used protocol, decode the input payload in the using the input header `contentType`. If not possible in the used protocol or not available, decode the input payload in the corresponding `contentType` available in the form. Encode output payload in the corresponding `contentType` available in the form. If possible in the used protocol, add the value of `contentType` to the output header.

Multiple contentType case, where input and output can use different contentTypes and there can be multiple forms
Case	Needed Terms	Explanation	Consumer Behavior	Thing Behavior
Case 2A: Single input and single output present, different `contentType` for messages.	`contentType` and `response` inside the form. `response` has `contentType` with a different value.	`contentType` in the form level refers to the input and `contentType` in the `response` (response-level) refers to the output	Encode input payload according to the `contentType` available in the form level. If possible in the used protocol, add the value of form-level `contentType` to the input header. If possible in the used protocol, add preference for the `contentType` of the output payload to the input header using the response-level `contentType`. If possible in the used protocol, decode the output payload using the output header `contentType`. If not possible in the used protocol or not available, decode the output payload in the corresponding `contentType` available in the response level.	If possible in the used protocol, decode the input payload in the using the input header. If not possible in the used protocol or not available, decode the input payload in the corresponding `contentType` available in the form level. Encode output payload in the corresponding `contentType` available in the response level. If possible in the used protocol, add the value of response-level `contentType` to the output header.
Case 2B: Input and multiple possible outputs present, same `contentType` for messages	`contentType` and `additionalResponses` inside the form. `schema` in the `additionalResponses` array items can be needed.	`contentType` in the form level refers to the input and the normal output. `additionalResponses` does not need `contentType` since the default value rule applies. This is the same case (Case 1C) as there is actually a single `contentType`. However, there can be different Data Schemas delivered in the output, requiring the `additionalResponses` and `schema` terms in the form.	See Case 1C	See Case 1C
Case 2C: Input and multiple possible outputs present, different `contentType` for output messages	`contentType`, `additionalResponses` and possibly `response` inside the form. `additionalResponses` needs `contentType` for output the messages with different `contentType`s.	This the most complicated case that can have different ways to be described in a TD. `contentType` in the form level refers to the input and to the expected output if the output is of the same `contentType` (like in case 1C). `contentType` inside `response` refers to the expected output if the output is of a different `contentType` (like in case 2A). `contentType` inside `additionalResponses` refers to other possible outputs.	Encode input payload according to the `contentType` available in the form level. If possible in the used protocol, add the value of form-level `contentType` to the input header. If possible in the used protocol, decode the output payload using the output header `contentType`. If not possible in the used protocol or not available, decode the output payload in the corresponding `contentType` available in the response level or one of the `contentType`s in `additionalResponses`.	If possible in the used protocol, decode the input payload in the using the input header. If not possible in the used protocol or not available, decode the input payload in the corresponding `contentType` available in the form level. Encode output payload in the corresponding `contentType` available in the response level or one of the `contentType`s in `additionalResponses`. If the output is associated with an error case, use the `contentType` in a form with `"success":false` If possible in the used protocol, add the value of the used `contentType` to the output header.

Acknowledgements

The editors would like to specially thank Cristiano Aguzzi, Thomas Jäckle, Jan Romann, Elodie Thiéblin, Michael Koster, Michael Lagally, Kazuyuki Ashimura, Daniel Peintner, Toru Kawaguchi, María Poveda, Dave Raggett, Kunihiko Toumura, Takeshi Yamada, Ben Francis, Manu Sporny, Klaus Hartke, Addison Phillips, Jose M. Cantera, Tomoaki Mizushima, Soumya Kanti Datta and Benjamin Klotz for providing contributions, guidance and expertise.

Also, many thanks to the W3C staff and all other current and former active Participants of the W3C Web of Things Interest Group (WoT IG) and Working Group (WoT WG) for their support, technical input and suggestions that led to improvements to this document.

Finally, special thanks to Joerg Heuer for leading the WoT IG for 2 years from its inception and guiding the group to come up with the concept of WoT building blocks including the Thing Description.

Temporary ReSpec fix regarding non-listed references: [[RFC6068]], [[RFC3966]], [[html]], [[RFC6750]], [[RFC7519]], [[RFC7797]], [[RFC8392]], [[RFC7516]], [[LDML]], [[SEMVER]], [[RFC7617]], [[RFC7616]]

`properties`	→	`https://www.w3.org/2019/wot/td#hasPropertyAffordance`
`object`	→	`https://www.w3.org/2019/wot/json-schema#ObjectSchema`
`basic`	→	`https://www.w3.org/2019/wot/security#BasicSecurityScheme`
`href`	→	`https://www.w3.org/2019/wot/hypermedia#hasTarget`
...

Introduction

Thing Description

Thing Model

Terminology

Namespaces

TD Information Model

Overview

Preliminaries

Class Definitions

Core Vocabulary Definitions

Thing

InteractionAffordance

PropertyAffordance

ActionAffordance

EventAffordance

VersionInfo

MultiLanguage

Data Schema Vocabulary Definitions

DataSchema

ArraySchema

BooleanSchema

NumberSchema

IntegerSchema

ObjectSchema

StringSchema

NullSchema

Security Vocabulary Definitions

SecurityScheme

NoSecurityScheme

AutoSecurityScheme

ComboSecurityScheme

BasicSecurityScheme

DigestSecurityScheme

APIKeySecurityScheme

BearerSecurityScheme

PSKSecurityScheme

OAuth2SecurityScheme

Hypermedia Controls Vocabulary Definitions

Link

Form

Mapping op Values to Data Schemas

Response-related Terms Usage

ExpectedResponse

AdditionalExpectedResponse

Default Value Definitions

TD Representation Format

Mapping to JSON Types

Omitting Default Values

Information Model Serialization

Thing Root Object

Human-Readable Metadata

version

securityDefinitions and security

Multiple Security Definitions

security in Forms

ComboSecurityScheme

OAuth 2.0 usage

API key usage

properties

actions

events

links

forms

uriVariables

contentType

response

additionalResponses

contentMediaType and contentEncoding

Top level forms

Data Schemas

Identification

Validation

Minimal Validation

Basic Validation

Full Validation

TD Context Extensions

Semantic Annotations

Example I: Additional Basic Metadata

Example II: State Annotations

Example III: Geolocation Annotations

`Thing`

`InteractionAffordance`

`PropertyAffordance`

`ActionAffordance`

`EventAffordance`

`VersionInfo`

`MultiLanguage`

`DataSchema`

`ArraySchema`

`BooleanSchema`

`NumberSchema`

`IntegerSchema`

`ObjectSchema`

`StringSchema`

`NullSchema`

`SecurityScheme`

`NoSecurityScheme`

`AutoSecurityScheme`

`ComboSecurityScheme`

`BasicSecurityScheme`

`DigestSecurityScheme`

`APIKeySecurityScheme`

`BearerSecurityScheme`

`PSKSecurityScheme`

`OAuth2SecurityScheme`

`Link`

`Form`

`ExpectedResponse`

`AdditionalExpectedResponse`

`version`

`securityDefinitions` and `security`

`security` in Forms

`ComboSecurityScheme`

`properties`

`actions`

`events`

`links`

`forms`

`uriVariables`

`contentType`

`response`

`additionalResponses`

`contentMediaType` and `contentEncoding`

Top level `forms`

`application/td+json` Media Type Registration

`application/tm+json` Media Type Registration