Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Section
 
Column
width70%

This Work Group operates under the Kantara IPR Policy - Option Patent & Copyright: Reciprocal Royalty Free with Opt-Out to Reasonable And Non discriminatory (RAND) (HTML version). You can find any opt-outs on this page.

Home | FAQ | Protocol Spec | Trust Model Spec | Chat | Intro | Join | List | Archive (Mailman) | Archive (Google) | Calendar


Mike Schwartz of Gluu reports that "OpenID Connect and UMA Apache HTTPD Plugins Are On the Way!" Gluu even commissioned a piece of artwork for the occasion. Stay tuned for news on how you can leverage these plugins
Panel
borderColor#99cc00
bgColor#ffffff
borderWidth4pt
titleCrowdTilt campaign has tilted!
UMA2 has an active business-legal framework workstream

Image Added

The premise of the Work Group's report A Proposed Licensing Model for User-Managed Access is that UMA enables the individual to centrally manage access and use rights with respect to personal digital assets by converting permission tokens into machine-readable licenses. The group is working on a companion document that outlines a larger business-legal framework for achieving a wide variety of rights delegation use cases involving UMA technology.

Here are the UMA Grant (PDF, HTML for deep linking) and UMA Federated Authorization Recommendations (PDF, HTML for deep linking). Don't miss the UMA2 masterclass delivered by two UMAnitarians at the Identiverse conference in Boston in June 2018 (slides and video). (The slides and video from the previous year's Authorization: Age of UMA session set in the Marvel Cinematic Universe was also a big hit!) The Release Notes review all final UMA1-to-UMA2 changes. See also the UMA Implementer's Guide, our list of known Implementations, and discussions of Case Studies. Finally, see the detailed UMA Grant sequence diagram and FedAuthz sequence diagram.

Panel
borderColor#7f7f7f
borderWidth0
Image Removed
The purpose of the UMA Work Group (charter) is to develop specs that let an individual control the authorization of data sharing and service access made between online services on the individual's behalf, and to facilitate interoperable implementations of the specs. Read the spec

Image Added

User-Managed Access (UMA) is an award-winning OAuth-based protocol designed to give an individual a unified control point for authorizing who and what can get access to their digital data, content, and services, no matter where all those things live. Read the specs, join the group, check out the implementations,

test your interop

follow us on Twitter, like us on Facebook, get involved!

Follow us on Twitter – our handle is @UMAWG and we often use the hashtag #UMAWG. (Short

The UMA Roadmap for 2016 guided the use cases and technical issues that the Work Group focused on in its UMA2 effort. You can find other drivers in the Work Group's original compendium of Scenarios and Use Cases, its Case Studies page, and its User Stories page.

The short link for this page is http://tinyurl.com/umawg

– spread the word

.

) Find us on Facebook too.


News:

September 12: Lots of news lately. There
  • 22 Nov '19: There's a new
FAQ about UMA's relationship to the NSTIC IDESG effort. And the CrowdTilt campaign to build UMA and OpenID Connect Apache plugins "tilted"! Development is already under way.
  • September 9: Updated "UMA 101" slides are now available! These slides map out how potential UMA-enabled data sharing ecosystems might unfold, giving extra detail to the applicable scenarios and use cases.
  • August 24: The Interop Testing wiki section is getting fleshed out. Check out the feature tests and register now to participate!
  • August 1: The Work Group just approved the current drafts of the core UMA spec, the Resource Set Registration spec, and the Binding Obligations spec as Kantara Initiative Draft Recommendations. (Links are to pretty-printed versions of the IETF individual Internet-Drafts that were approved.)
  • June 30: Find a list of known third-party profiles related to UMA on the new Third-Party Profiles wiki page! If you know of other written profiles, please give us a heads-up.
  • May 4: New case study: Access Management 2.0 for the Enterprise. UMA's not just for human beings! It can help organizations do API-friendly, developer-friendly, mobile-friendly access management too.
  •  
    • implementation up on the Implementations page: PatientShare from Lush Group. It's also an implementation of the HEART profiles. Read all about it and check it out!
    • 3 Oct '19: Chair Eve Maler and vice-chair Maciej Machulak have been re-elected to their positions for an annual term. See the Leadership Team page for a full list.
    • 1 Oct '19: Did you know that the UMA Work Group has an active business-legal framework workstream in addition to a technical workstream? You can check out our latest notes here, and contribute by joining the group!
    • 30 Apr '19: Chair Eve Maler presented an UMA 101 session at IIW 28 in Mountain View.
    • 23 Apr '19: UMA was a big part of a two-hour HEART (Health Relationship Trust) webinar and workshop; you can view the YouTube recording here.
    • 25 Mar '19: The contributed UMA2 specs were presented at the IETF 104 meeting, at the Monday OAuth WG session. You can see the presented slides and the video of the whole session.
    • 22 Feb '19: Don't miss the latest updates to our Implementations page, which include a new implementation from IDENTOS.
    Column
     
    Column
    width5%

    Column
    width25%
    Leadership
    • Chair: Eve Maler
    • Vice-Chair: Maciej Machulak
    • Full leadership team list
    • Read about Kantara leadership roles
    Teleconference Info

     

     

    Column
    width5%
     
    Section