...
We suspect that certain sharing patterns lend themselves to choosing different profiles for UMA's step 2 (getting a token).
- Person-to-self sharing could possibly use any profile of the WRAP user delegation type, since the same person would have an account on the requester and AM sides.
- Person-to-service sharing could possibly use any profile of the WRAP autonomous client type, since the service itself operates the WRAP client that is embedded in the UMA requester.
- Person-to-person sharing could also possibly use any profile of the WRAP autonomous client type, since everyone and everything on the requesting side is "autonomous" with respect to the authorizing side. However, an entirely new set of profiles might be appropriate instead, to take into account the requesting person's personal involvement in providing claims, confirming agreements, etc.
...
- When Alice authorizes sharing of her TravelIt resource with Airplanr (in the context of "herself again" logged into Airplanr), a user authorization flow might possibly be appropriate as part of the process of Airplanr satisfying CopMonkey that it's really Alice again. ??
- When Alice authorizes sharing of her TravelIt resource with FrodoReviews acting on its own behalf, an autonomous client flow seems appropriate.
- When Alice authorizes sharing of her TravelIt resource with Bob through Schedewl, we're not sure if this should use an autonomous client flow or if something similar to it needs to be written specially to add the "on behalf of a totally different person" semantic.
...
| Anchor | ||||
|---|---|---|---|---|
|
...