Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Enhanced the Keycloak listing based on WG/list discussion.


titleAug '18
 RedHat's KeyCloak open-source authorization services offering supports UMA2, targeting primarily enterprise use cases (where "the RS is the RO" – the enterprise hosts the resources, and also serves as its own authorization server). Except for the interactive claims gathering flow, most of the specification is implemented, including resource registration. A simple example app (photoz) using UMA is provided. The protection API has been extended to include a new endpoint to manage user permissions (policies). This was a result of contributions from the community in order allow RSs to associate/manage custom policies for resources while still letting users manage them. While there isn't support for claims gathering, RSs are allowed Another extension allows the RS to push claims when creating a permission ticket. (See more discussion of this extension in this thread.)

SMART project (non-healthcare-related)