authorizing user: An UMA-defined variant of an [OAuth20] resource owner; a web user who configures an authorization manager with policies that control how it makes access decisions when a requester attempts to access a protected resource at a host.
authorization manager (AM): An UMA-defined variant of an [OAuth20] authorization server that carries out an authorizing user's policies governing access to a protected resource.
protected resource: An access-restricted resource at a host.
host: An UMA-defined variant of an [OAuth20] resource server that enforces access to the protected resources it hosts, as decided by an authorization manager.
token validation URL: The URL at an authorization manager that a host can use to validate an access token.
claim: A statement (in the sense of [IDCclaim]). Claims are conveyed by a requester on behalf of a requesting party to an authorization manager in an attempt to satisfy an authorizing user's policy.
requester: An UMA-defined variant of [OAuth20] client that seeks access to a protected resource.
requesting party: A web user, or a corporation (or other legal person), that uses a requester to seek access to a protected resource.