This Work Group operates under the Kantara IPR Policy - Option Patent & Copyright: Reciprocal Royalty Free with Opt-Out to Reasonable And Non discriminatory (RAND) (HTML version). You can find any opt-outs on this page.

Home | Intro | Join | List | Archive (Mailman) | Archive (Google) | Calendar


 

The UMA V1.0.1 specifications are Kantara Recommendations! The UMA Core V1.0.1 Recommendation and the OAuth Resource Set Registration V1.0.1 Recommendation are now available (check out the Release Notes too). Many thanks to the Work Group, the Kantara staff, and the membership for their support.



User-Managed Access (UMA) is an award-winning OAuth-based protocol designed to give a web user a unified control point for authorizing who and what can get access to their online personal data, content, and services, no matter where all those things live on the web. Read the spec, join the group, check out the implementations, follow us on Twitter, like us on Facebook, get involved!

See the UMA Roadmap for 2016 page to see the use cases and technical issues that the Work Group is currently focusing on.

The short link for this page is http://tinyurl.com/umawg.

 

News:

  • November 4: The UMA Legal subgroup has a new sharpened-up charter today! Check out the Legal page for links to interim deliverables. Particularly you're a "legal eagle", are familiar with GDPR, or have business use cases involving delegation or proxies/guardians, we'd love for you to join us and help out. (See the Join link on this page.)
  • June 23: Today Eve Maler (@xmlgrrl), Maciej Machulak (@mmachulak), and Domenico Catalano (@domcat) were re-elected to their leadership team positions – chair, vice-chair, and user experience editor, respectively. Maciej was also elected to the new position of UMA Developer Resources Work Group liaison. See the Leadership Team page for all details. Thanks to all previously serving leadership team members for their service!
  • March 29: One of UMA's three trust elevation methods, claims gathering, was reported on January 27 to be affected by a session fixation attack. The WG has produced an extension specification to enable mitigation of the attack called UMA Claims-Gathering Extension for Enhanced Security, and a background document to further discuss the attack, the mitigation chosen, and other approaches considered and possible. Many thanks to the original reporters of the issue and the group for its quick action.
  • February 12: The new UMA Roadmap for 2016 page keeps track of the use cases we are prioritizing and currently focusing on.
 
Leadership
  • Chair: Eve Maler
  • Vice-Chair: Maciej Machulak
  • Full leadership team list
  • Read about Kantara leadership roles
Teleconference Info