UMA telecon 2021-09-02

Date and Time

Agenda

Minutes

Roll call

Quorum was NOT reached.

Approve minutes

Deferred


European Identity Conference

https://www.kuppingercole.com/sessions/4591/1 

UMA content for 15 mins spot: https://docs.google.com/presentation/d/1GdvHFYEPVpWT55nXZtkShCZ8RQC696KJ5oghlHJrnuU/edit#slide=id.g8dc579d6b5_0_528 


Practitioners familiar with OAuth, getting pushed to implement UMA-like flows on their OAuth Authorization Server


Minimal Interop Profile

To look at the UMA Grant side


Goal: make sure that AS's are interoperable , eg one AS can be 'swappable' with other ASs. Understanding of 'extras'/vendor specific values that degrade that interop. As an RS the more ASs I can support define the 'wide' ecosystem I can support


Scope of test

Input to Mock Client Test Suites


Need to test the variations of the AS interface, however this required vendor specific configuration

There are way more required initial conditions to be setup at the AS, and the Client is validating that the expected result matches what happens

  1. Have many registered resources
  2. set specific policy settings against registered resources
  3. validate the AS executes the policy(s) correctly


Two Tables

  1. registered resource, specific policy ( pushing + token formats, interaction)
  2. permission ticket, expected flow


Test Setup Phase (Done by the AS operator)


Test Cases (Table 2)


needs_info, clarify optionals


Are there existing Kantara interop examples? Not really, there was some interop testing done for identiverse in 2017(?)
UMA1 Interop Features and Feature Tests




Attendees

As of October 26, 2020, quorum is 5 of 9. (Michael, Domenico, Peter, Sal, Thomas, Andi, Alec, Eve, Steve)

Voting:

  1. Andi
  2. Alec
  3. Domenico
  4. Steve

Non-voting participants:

  1. George
  2. Scott

Regrets: