The premise of the Work Group is sorting through the comments we received, and determining and implementing responses as appropriate. You can follow along in our Disposition of Comments document-in-progress. We have published an interim set of resulting specifications: UMA 2.0 Grant for OAuth 2.0 Authorization (UMA Grant rev 06) and Federated Authorization for UMA 2.0 (FedAuthz rev 06).Resources to understand more about UMA are available and growing. Don't miss the slides from Authorization: Age of UMA, the Introducing UMA 2.0 session delivered by two UMA coauthors at the Chicago Cloud Identity Summit (and stay tuned for the video). We're fleshing out the Release Notes, updating the UMA Implementer's Guide, and attending to similar tasks around the site. Also see these UMA Grant and FedAuthz sequence diagrams. If you're interested to help, we invite you to join the group! Fill out the Group Participation Agreement form to get going's report A Proposed Licensing Model for User-Managed Access is that UMA enables the individual to centrally manage access and use rights with respect to personal digital assets by converting permission tokens into machine-readable licenses. The group is working on a companion document that outlines a larger business-legal framework for achieving a wide variety of rights delegation use cases involving UMA technology.
Here are the UMA Grant (PDF, HTML for deep linking) and UMA Federated Authorization Recommendations (PDF, HTML for deep linking). Don't miss the UMA2 masterclass delivered by two UMAnitarians at the Identiverse conference in Boston in June 2018 (slides and video). (The slides and video from the previous year's Authorization: Age of UMA session set in the Marvel Cinematic Universe was also a big hit!) The Release Notes review all final UMA1-to-UMA2 changes. See also the UMA Implementer's Guide, our list of known Implementations, and discussions of Case Studies. Finally, see the detailed UMA Grant sequence diagram and FedAuthz sequence diagram.