Versions Compared

Old Version 18

changes.mady.by.user Former user

Saved on

compared with

New Version 19

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Spec

Description

Status

UMA Scenarios and Use Cases

Records the scenarios and use cases governing the development of the User-Managed Access protocol and guiding associated implementations and deployments.

Currently maintained directly on this wiki. Latest version is here. We are behind on assessing and adding scenarios; see below on this page for the "scenario docket".

UMA Requirements

Records the specific requirements governing the development of the User-Managed Access protocol and guiding associated implementations and deployments.

Currently maintained directly on this wiki. Latest version is here. We treat design principles (beyond the ones in our charter) as emergent, and collect them as we see fit.

UMA 1.0 Core Protocol

Defines the User-Managed Access (UMA) 1.0 core protocol. This protocol provides a method for users to control access to their protected resources, residing on any number of host sites, through an authorization manager that makes access decisions based on user policy.

Active development currently takes place on github. Snapshots for the core spec and the dynamic client registration spec are here (the working draft on this site is not current). See also Maciej's contributions on dynamic client binding and resource registration.

Protocol Issues

Random list of issues we need to burn down in working on the specs.

This list is known not to be complete. We are also putting specific spec design issues directly into the specs on github.

Claims 2.0

Defines a JSON-based format for expressing claims and requests for claims.

Currently maintained directly on this wiki. Latest version is here. (See also Domenico's contribution on proposal (slides, document) for trust models for third-party-asserted claims.)

Simple Access Authorization Claims

Uses the Claims 2.0 specification to define a small set of basic claims to be used in the process of User-Managed Access (UMA) access authorization.

Currently maintained directly on this wiki. Latest version is here.

Lexicon

Compendium of official and unofficial terms and definitions related to UMA.

This document has served as an aid to figuring out legal considerations; now it is not very actively maintained. Latest version is here.

Legal Considerations in UMA Authorization

Explores legal issues raised by the act of using User-Managed Access (UMA) to authorize another party to get web resource access.

Currently maintained directly on this wiki. Latest version is here. Awaiting incorporation of many comments, include a contribution by JeffS.

...