This Work Group operates under the Kantara IPR Policy - Option Patent & Copyright: Reciprocal Royalty Free with Opt-Out to Reasonable And Non discriminatory (RAND) (HTML version). You can find any opt-outs on this page.

Home | Intro | Join | List | Archive (Mailman) | Archive (Google) | Calendar


Since UMA2 concepts and flows have been coming up in the IETF's OAuth Working Group related to ongoing discussions and drafts, and given the increasing number of UMA2 implementers, the UMA Work Group has contributed the specs as Internet-Drafts (draft-maler-oauth-umagrant and draft-maler-oauth-umafedauthz) and is encouraging their adoption as work items.

Check out our draft UMA Business Model report. Many other resources to understand UMA are also available. Don't miss the UMA2 masterclass delivered by two UMAnitarians at the Identiverse conference in Boston in June 2018 (slides and video). (The slides and video from the previous year's Authorization: Age of UMA session set in the Marvel Cinematic Universe was also a big hit!) The Release Notes are up to date with all final UMA2 changes. See also the UMA Implementer's Guide, our list of known Implementations, and discussions of Case Studies. Finally, see the detailed UMA Grant sequence diagram and FedAuthz sequence diagram.



User-Managed Access (UMA) is an award-winning OAuth-based protocol designed to give an individual a unified control point for authorizing who and what can get access to their digital data, content, and services, no matter where all those things live. Read the specs, join the group, check out the implementations, follow us on Twitter, like us on Facebook, get involved!

The UMA Roadmap for 2016 page guided the use cases and technical issues that the Work Group focused on in its UMA V2.0 effort. You can find other drivers in the Work Group's original compendium of Scenarios and Use Cases, its Case Studies page, and its User Stories page.

The short link for this page is http://tinyurl.com/umawg.


News:

  • 25 Mar '19: The contributed UMA2 specs were presented at the IETF 104 meeting, at the Monday OAuth WG session. You can see the presented slides and the video of the whole session.
  • 14 Mar '19: Congratulations and thanks to Tim Reiniger, who has been re-elected as our Legal Editor for another annual term! We are currently working on another UMA Business Model deliverable, so stay tuned for more about this important work. See the full Leadership Team list.
  • 22 Feb '19: Don't miss the latest updates to our Implementations page, which include a new implementation from IDENTOS.
  • 13 Feb '19: Individual Internet-Drafts representing the two UMA 2.0 specifications (draft-maler-oauth-umagrant and draft-maler-oauth-umafedauthz) submitted to the OAuth WG of the IETF. See the email announcement.
  • 21 Aug '18: Chair Eve Maler and Legal Editor Tim Reiniger presented to the new IEEE P7012 work group on Machine Readable Privacy Terms. You can see their presentation here.
  • 18 Jul '18: At the Identiverse conference in Boston, Mike Schwartz and Eve Maler presented an UMA 2.0 Deep Dive masterclass, including two walkthroughs of implementations. Check out the slides and video.
  • 24 May '18: At the EIC18 conference in Munich, Eve Maler presented Leveraging UMA's Power for Compliance and User Control, which reflected the current state of the group's work on its business model. See her presentation here.
  • 2 Mar '18: Our Legal subgroup has produced its first draft report: A Proposed Licensing Model for User-Managed Access (or, "How the UMA protocol enables a license-based model for controlling access rights to personal digital assets"). This paper is intended for professionals in the areas of law, privacy, risk, compliance, security policy, and business policy, particularly those responsible for building and running UMA-enabled services. Much more to come in this area. Want to get involved? Join us!
 
Leadership
  • Chair: Eve Maler
  • Vice-Chair: Maciej Machulak
  • Full leadership team list
  • Read about Kantara leadership roles
Teleconference Info