Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

ForgeRock

Status
colourGreen
titleDec Mar '1820
 The company ForgeRock (also at @ForgeRock) has an Identity Platform that includes an implementation of UMA 2.0, with both an "UMA Provider" (authorization server component) and an "UMA Protector" (resource server component), targeted at individual consent and data sharing use cases. The case studies Users Managing Delegated Access to Online Government Services and and Aggregating and Sharing Pension Information were based on POCs performed with earlier versions of the ForgeRock Identity Platform. In addition, ForgeRock has developed an open-source resource server reference implementation (also available and further described on the ForgeRock Marketplace, and in a series of blog posts – Why ForgeRock Secure Sharing: Trust and EnforceForgeRock Secure Sharing Ingredients: Who, What and How, and ForgeRock Secure Sharing: The Framework).

Gluu

Status
colourGreen
titleMay '18
 Open source software vendor Gluu (Twitter @GluuFederation) has implemented UMA 2.0 Authorization Server endpoints (including claims gathering) since Gluu Server 3.1.2. The Gluu Gateway is an API Gateway that can use UMA (acting as the RS) to enable admins to specify which UMA scopes are required to access certain API's.  Gluu also provides a free open source middleware service, oxd, that makes it easy for Clients and RS software developers to use UMA, and enables the generation of client libraries using an OpenAPI (Swagger) document.  The Gluu Server is used to map policies to UMA scopes. Policies are defined in python-syntax scripts. If policy fails, the Gluu Server claims gathering interception scripts enable admins to define multi-step workflows. For example, claims gathering can be implemented to support stepped-up authentication. Claims gathering also can be used to implement policy where the web browser cookie (i.e. SSO session) is preferred to gather user claims, versus using the pushed claim token mechanism.  

...