Versions Compared

Old Version 68

changes.mady.by.user Eve Maler

Saved on

compared with

New Version 69

changes.mady.by.user Eve Maler

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This page gathers information about implementation efforts and interest, along with interoperability testing plans. Maciej Machulak is the UMA group's implementation coordinator. Key existing implementations that we know about are noted below, in alphabetical order of the project or organization.

...

Status
colourGreen
titleDec '18
 The company ForgeRock (also at @ForgeRock) has an Identity Platform that includes an implementation of UMA 2.0, with both an "UMA Provider" (authorization server component) and an "UMA Protector" (resource server component), targeted at individual consent and data sharing use cases. The case studies Users Managing Delegated Access to Online Government Services and and Aggregating and Sharing Pension Information were based on POCs performed with earlier versions of the ForgeRock Identity Platform.

Gluu

Status
colourGreen
titleMay '18
 Open source software vendor Gluu (Twitter @GluuFederation) has implemented UMA 2.0 Authorization Server endpoints since Gluu Server 3.1.2. Its client middleware service, oxd, also provides software for UMA RS and Client software.  Gluu uses it's UMA software in its API access management product and also to protect the Gluu Server SCIM endpoints for user provisioning. Gluu has been an early adopter of UMA since version 1.0, as well as federation standards such as SAML, OpenID Connect and OAuth. 

...

Status
colourGreen
titleMar '18
 HealthyMePHR, which enables secure patient-mediated clinical data exchange, was implemented by Lush Group, Inc. It implements UMA 1.0, with plans to update to full UMA 2 support. The software is currently in prototype form. It implemented the HEART profiles in conjunction with HEART specification development; it consists of a FHIR-based RS, AS and Client. 

HealthyMePHR was selected as a Phase 2 winner of The Department of Health and Human Service’s Move Health Data Forward Challenge. Since the intention was to free the patient from the many roadblocks currently in place, the implementers wanted to implement a wide ecosystem for exchange, adding an external OpenID Connect IdP to support that goal. Since other components were not available at the time of development, the solution was developed to be free standing. It is the intention that any of the components could be substituted. While the initial client is a HEART based viewer, it is actually accessing discrete data. This approach demonstrates an important building block for accessing discrete data via an API, under the control of patient-directed consent. HealthyMePHR has also been connected to EMRs via CDS hooks, providing physician’s with the ability to access the patient’s data which may be external to the EMR. For more information, see the Case Studies page or contact info@lgisoftware.com.

HIE of One - Trustee

Status
colourGreen
titleAug Jan '1819
 The HIE of One open-source project is run by Michael Chen, MD and Adrian Gropper, MD. It implements an UMA2 authorization server, and supports dynamic client registration for resource servers and clients. HIE of One serves as an OpenID Connect relay to other OIDC services, such as Google and Twitter. This authorization server is meant to be deployed as a single instance per patient (user). It is licensed through GNU AGPLv3. Support information is available at the distro link. "Trustee" is an application using HIE of One. A demonstration video can be seen here.

...

This implementation leverages third-party OAuth and OpenID Connect implementations Google OAuth2, Twitter OAuth2, and mdNOSH (this is for demo purposes for physician single-sign-on, not federated). HIE of One also implements blockchain-based authentication using the uPort implementation and the project is tracking the Decentralized ID (DID) standards for self-sovereign identity and W3C verifiable claims as these progress.

Pauldron

Status
colourGreen
titleJan '18
 Pauldron is an open-source (MIT license) UMA authorization server, with several extensions catering to use cases that have come out of healthcare-related work in the HL7 environment, available on GitHub.

...

The company Cloud Identity Limited (since acquired by Synergetics) developed an UMA Authorization Server - NuveAM (Online Demo). NuveAM implements the UMA protocol and supports other open standards including OAuth 2.0, OpenID Connect, and SAML 2.0The company also developed Java and Python SDKs. More information is on the company's website and the company's YouTube channelThe company integrated UMA with its NuveLogin service to simplify the flow for Resource Server and Client applications.

Telia

The Telia telecom company has an identity solution that provides UMA support.

...