This Work Group operates under the Kantara IPR Policy - Option Patent & Copyright: Reciprocal Royalty Free with Opt-Out to Reasonable And Non discriminatory (RAND) (HTML version). You can find any opt-outs on this page.
Home | Intro | Join | List | Archive (Mailman) | Archive (Google) | Calendar
|title||The UMA Version 2.0 Draft Recommendations are available for Public Comment!|
| pleased to announce that it has published the UMA Version 2.0 Draft Recommendations, approved for their Public Comment and IPR Review period: |
Want to know if collaborative work on User-Managed Access is for you? Check out the group's charter document! The next phase of our efforts involves four prongs: 1) spec enhancements (such as extensions); 2) business model (aka "UMA Legal") work; 3) promoting adoption; and 4) promoting interop. If any of these could accelerate your own efforts, join us!
TheUMA 2.0 Grant for OAuth 2.0 Authorization (UMA Grant rev 05) and Federated Authorization for UMA 2.0 (FedAuthz rev 05). To comment, please email your comments to firstname.lastname@example.org with the subject "UMAWG COMMENT SUBMISSION". For all details about this period, see the Kantara announcement.Resources Recommendationscan be downloaded at the Kantara Reports & Recommendations page. Need to cite or deep-link? Find HTML versions here: Grant, FedAuthz.
Many resources to understand more about UMA are available and growing. For example, especially if you're familiar with UMA V1, check out this detailed swimlane to get the broad strokes of what has changed. We're fleshing out the Release Notes, updating the . Don't miss the slides and video from Authorization: Age of UMA, the "Introducing UMA 2.0" session delivered by two UMA coauthors at the Chicago Cloud Identity Summit. The Release Notes are up to date with all spec changes through the first Public Comment period. See also the UMA Implementer's Guide, and attending to similar tasks around the site. If you're interested to help, we invite you to join the group! Fill out the Group Participation Agreement form to get going.Click the image above to view the UMA Movie, which premiered at the 23rd Internet Identity Workshop in October 2016. If you're attending the Cloud Identity Summit, don't miss the UMA 2.0 talk on June 22 by editors Justin and Eveour list of known Implementations, and discussions of Case Studies, all of which continue to grow. Finally, see the UMA Grant sequence diagram and FedAuthz sequence diagram.
See the to see
User-Managed Access (UMA) is an award-winning OAuth-based protocol designed to give an individual a unified control point for authorizing who and what can get access to their digital data, content, and services, no matter where all those things live. Read the specs, join the group, check out the implementations, follow us on Twitter, like us on Facebook, get involved!
guided the use cases and technical issues that the Work Group
25: The Work Group is pleased to announce that it has published the UMA Version 2.0 Draft Recommendations, approved for their Public Comment period: UMA 2.0 Grant for OAuth 2.0 Authorization (UMA Grant rev 05) and Federated Authorization for UMA 2.0 (FedAuthz rev 05). To comment, please email your comments to email@example.com with the subject "UMAWG COMMENT SUBMISSION". For all details about this period, see the Kantara announcement .March 3: The UMA Legal subgroup is meeting again to look at important new deliverables. If you've got a legal specialty, or want to contribute to the connection between consent/permission/authorization/delegation and the regulatory data protection world, you're just the kind of person we're looking for.November 4: The UMA Legal subgroup has a new sharpened-up charter today! Check out the Legal page for links to interim deliverables. Particularly if you're a "legal eagle", are familiar with GDPR, or have business use cases involving delegation or proxies/guardians, we'd love for you to join us and help out. (See the Join link on this page.
- 24: At the EIC18 conference in Munich, Eve Maler presented Leveraging UMA's Power for Compliance and User Control, which reflected the current state of the group's work on its business model. See her presentation here.
- May 15: Check out the UMA Work Group update from the EIC18 Kantara Showcase. Follow along with the European Identity and Cloud Conference at #EIC18 and @KantaraNews.
- May 9: Head over to our Implementations page to see who has implemented UMA2 so far – the latest is RedHat Keycloak.
- Mar 2: Our Legal subgroup has produced its first draft report: A Proposed Licensing Model for User-Managed Access (or, "How the UMA protocol enables a license-based model for controlling access rights to personal digital assets"). This paper is intended for professionals in the areas of law, privacy, risk, compliance, security policy, and business policy, particularly those responsible for building and running UMA-enabled services. Much more to come in this area. Want to get involved? Join us!
- Feb 27: The group charter has been updated with a fresh roadmap of activities now that UMA 2.0 is complete – check it out!
- Feb 22: Congratulations to Tim Reiniger, our newly confirmed Legal Editor on the UMA Leadership Team! He has already contributed a great deal to our work on an UMA Business Model – stay tuned for publication of our first document. If you're interested in our Legal efforts specifically, get in touch with the chair.
- January 24: You can find slides from an IAM Meetup presentation on "GDPR, PSD2, CIAM, and UMA 2.0" by Eve Maler here.
- January 13: Read the press release about the publication of the UMA 2.0 specifications!
- January 9: The UMA 2.0 Grant for OAuth 2.0 Authorization and Federated Authorization for UMA 2.0 specifications have been published as Recommendations! You can download them at the Kantara Reports & Recommendations page. (Need to cite or deep-link? Find HTML versions here: Grant, FedAuthz.)