...
Following is a "call tree" of key specifications and other documents that are currently referenced normatively in the UMA core spec. Support isn't necessarily required for all (or any) features of these specs; read the UMA spec for details.
- Binding Obligations on User-Managed Access (UMA) Participants (required)
- OAuth2 (required)
- OAuth2 bearer tokens (required)
- OAuth2 SAML bearer tokens (recommended in enterprise settings)
- OpenID Connect Standard (optional)
- JSON (required)
- hostmeta (required)
- .well-known (required)
...