Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Section
Column
width70%

This Work Group operates under the Kantara IPR Policy - Option Patent & Copyright: Reciprocal Royalty Free with Opt-Out to Reasonable And Non discriminatory (RAND) (HTML version). You can find any opt-outs on this page.

Home | FAQ | Protocol Spec | Trust Model Spec | Chat | Join → Join ← | List | Archive (Mailman) | Archive (Google) | Calendar


We've updated the main UMA architectural diagram, replacing the original UMA-specific terminology with OAuth names. In the process, the diagram also went from being a circle to being a "marvelous spiral". You can find several varieties of the diagram on the Attachments page. Thanks once again to our Graphics Editor, Domenico Catalano, for his excellent work.

Image Removed
Panel
borderColor#99cc00
bgColor#ffffff
borderWidth4pt
titleUMA terminology: just like OAuth
extension efforts

Image Added

We are undertaking some important new work on an UMA "relationship manager" extension to fully enable a resource owner dashboard experience, and more. You can check it out by reading our Meetings and Minutes. To understand more about our work on business-legal considerations, including identity relationship management (IRM)-based delegation use cases, see our Legal hub page. If you're interested to contribute to any of this, be sure to click our Join link above! ⬆︎

Here are the UMA Grant (PDF, HTML for deep linking) and UMA Federated Authorization Recommendations (PDF, HTML for deep linking). Don't miss the UMA2 masterclass delivered by two UMAnitarians at the Identiverse conference in Boston in June 2018 (slides and video). (The slides and video from the previous year's Authorization: Age of UMA session set in the Marvel Cinematic Universe was also a big hit!) The Release Notes review all final UMA1-to-UMA2 changes. See also the UMA Implementer's Guide, our list of known Implementations, and discussions of Case Studies. Finally, see the detailed UMA Grant sequence diagram and FedAuthz sequence diagram.

Panel
borderColor#7f7f7f
borderWidth0
Image Removed
The purpose of the UMA Work Group (charter) is to develop specs that let an individual control the authorization of data sharing and service access made between online services on the individual's behalf, and to facilitate interoperable implementations of the specs. Read the spec

Image Added

User-Managed Access (UMA) is an award-winning OAuth-based protocol designed to give an individual a unified control point for authorizing who and what can get access to their digital data, content, and services, no matter where all those things live. Read the specs, join the group, check out the implementations,

test your interop

follow us on Twitter, get involved!

Follow us on Twitter – our handle is @UMAWG and we often use the hashtag #UMAWG. (Short

The group is currently working on extensions to UMA V2.0.

The short link for this page is http://tinyurl.com/umawg

– spread the word.) Find us on Facebook too
  

.


News:

  • May 4: New case study: Access Management 2.0 for the Enterprise. UMA's not just for human beings! It can help organizations do API-friendly, developer-friendly, mobile-friendly access management too.
  • Learn about UMA at IIW 16! Several UMAnitarians will attend IIW on May 7-8 and are planning to convene sessions that highlight UMA-based case studies and demos.
  • February 18: Eve's presentation to the MIT Legal Hackathon is now available. Subject: The Three S's of Distributed Authorization: Safe, Simple, Scalable.
  • January 25: We've submitted a new Internet-Draft to IETF for consideration: Binding Obligations on User-Managed Access (UMA) Participants (nicer HTML)!
  • October 19: Eve presented on UMA to the XACML TC. Check out the slides.
  • October 19: Check out this YouTube video of our Google Tech Talk from Feb 2012, demoing selective Alice-to-Bob sharing through Bob's OpenID Connect claims. Thanks to Maciej Machulak for getting this published!
  • 6 Sep '21: Congratulations to UMA WG members from Origo on their role in the UK Pensions Dashboard Programme! See this page in the Kantara wiki for more information on using UMA for PDP purposes.
  • 10 Jun '21: Congratulations to the new leadership team members! Alec Laws (of Identos) is the Chair and Steve Venema (of ForgeRock) is the Vice-Chair. The WG extends its thanks to former Chair Eve Maler for her previous service as chair. Information about the entire leadership team is here.
  • 20 Apr '21: You can get the latest and greatest UMA 101 presentation delivered by UMAnitarians Eve and George at IIW here.
  • 3 Dec '20: The UMA Work Group is pleased to accept a new profile contribution (to be provided immently) related to UK Pensions Dashboards as shown on-screen at its meeting today. Read all about it on our updated Third-Party Profiles and Extensions page.
  • 15 Oct '20: We are undertaking some important new work on an UMA "policy manager" extension, and more. You can check it out by reading our Meetings and Minutes, and if you're interested to contribute, be sure to click our Join link above! ⬆︎
  • 1 Oct '20: WG chair Eve Maler presented UMA, including analyses and comparisons to some other technologies, to the Decentralized Identity Foundation Secure Data Storage WG. Here are her slides.
Column
 
Column
width5%

Column
width25%
Leadership
  • Chair: Eve MalerAlec Laws
  • Vice-Chair: Maciej MachulakSteve Venema
  • Full leadership team list
  • Read about Kantara leadership roles
Teleconference Info

 

 

Column
width5%
 
Section