User-Managed Access (UMA)

Open BnGx opened this issue 4 years ago • 0 comments

Currently the OAuth2 framework alone does not support fine-grained management of resource permissions. An example would be: Alice would like to share, using read/write modes (scopes), a photo with Bob.

User-Managed Access for OAuth2 (UMA) is a layer, just like OpenID Connect, which adds this functionality. Is there any possibility that UMA 2.0 will be implemented according to the official specifications?:

Grant
Federated Authorization

A tiny and incomplete library is implemented by Maciej Bozemoj. It can represent a Proof-of-Concept or a starting point. Another, more robust but old, example is made available by Roland Hedberg.

Apr 05 '21 05:04 BnGx