Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

UMA Trust Model

Abstract

This document explores the expectations and responsibilities of various parties interoperating in the User-Managed Access (UMA) context, with an overall goal of facilitating legal enforceability of any agreements made between authorizing users and requesting parties in the granting of access authorization.

Status

This document is a product of the User-Managed Access Work Group. It is currently under active development. Its latest version can always be found here. See the Change History at the end of this document for its revision number.

Editors
  • Susan Morrow
  • Eve Maler
Intellectual Property Notice

The User-Managed Access Work Group operates under Kantara IPR Policy - Option Patent & Copyright: Reciprocal Royalty Free with Opt-Out to Reasonable And Non discriminatory (RAND) and the publication of this document is governed by the policies outlined in this option.

Table of Contents

Introduction

UMA is a protocol that describes a technical "contract" for HTTP-based interactions (such as standardized request and response messages involving standardized data formats) that obtains among compliant software entities. The entities fill various roles in order to achieve "user-managed access" to Web resources. Such software entities are frequently known as endpoints. The UMA endpoints, as labeled in its specifications, are:

  • Authorizing user (or just "user"
  • No labels