...
Claim: A statement (in the sense of [IDCclaim]). Claims are conveyed by a Requester on behalf of a Requesting Party to an Authorization Manager in an attempt to satisfy user policy. (Protected Resources may also contain Claims, but this is outside the view of the UMA protocol.)
...
Parties and legal responsibilities
The following diagram attempts to summarize the options for parties, as discussed below.
For our purposes in UMA 1.0, an authorizing user is always a natural person (a human being). We foresee use cases where the authorizing party could be a non-human, but our 1.0 scope sticks to human beings in this role to ensure that we think about how to craft the user experience for this person (who is the all-important "user" in UMA!). An authorizing user may set policies at the AM that end up legally binding him/her, depending on the claims coming from the requesting party in response.
...
Where the primary resource user and the authoring user differ, there is likely to be an interaction (invisible to UMA) at the host service that allows (or forces) the primary resource user to designate an authorizing user, and an agreement that the authorizing user acts as the primary resource user's agent or guardian or similar.
References
...
| Anchor | ||||
|---|---|---|---|---|
|
http://tools.ietf.org/html/draft-hardt-oauth-01
...