This Work Group operates under the Kantara IPR Policy - Option Patent & Copyright: Reciprocal Royalty Free with Opt-Out to Reasonable And Non discriminatory (RAND) (HTML version). You can find any opt-outs on this page.

Home | Intro | Join | List | Archive (Mailman) | Archive (Google) | Calendar


Want to know if collaborative work on User-Managed Access is for you? Check out the group's charter document! The next phase of our efforts involves four prongs: 1) spec enhancements (such as extensions); 2) business model (aka "UMA Legal") work; 3) promoting adoption; and 4) promoting interop. If any of these could accelerate your own efforts, join us!

The UMA 2.0 Grant for OAuth 2.0 Authorization and Federated Authorization for UMA 2.0 Recommendations can be downloaded at the Kantara Reports & Recommendations page. Need to cite or deep-link? Find HTML versions here: Grant, FedAuthz.

Many resources to understand more about UMA are available. Don't miss the slides and video from Authorization: Age of UMA, the "Introducing UMA 2.0" session delivered by two UMA coauthors at the Chicago Cloud Identity Summit. The Release Notes are up to date with all spec changes through the first Public Comment period. See also the UMA Implementer's Guide, our list of known Implementations, and discussions of Case Studies, all of which continue to grow. Finally, see the UMA Grant sequence diagram and FedAuthz sequence diagram.



User-Managed Access (UMA) is an award-winning OAuth-based protocol designed to give an individual a unified control point for authorizing who and what can get access to their digital data, content, and services, no matter where all those things live. Read the specs, join the group, check out the implementations, follow us on Twitter, like us on Facebook, get involved!

The UMA Roadmap for 2016 page guided the use cases and technical issues that the Work Group focused on in its UMA V2.0 effort. You can find other drivers in the Work Group's original compendium of Scenarios and Use Cases, its Case Studies page, and its User Stories page.

The short link for this page is http://tinyurl.com/umawg.


News:

  • Mar 2: Our Legal subgroup has produced its first draft report: A Proposed Licensing Model for User-Managed Access (or, "How the UMA protocol enables a license-based model for controlling access rights to personal digital assets"). This paper is intended for professionals in the areas of law, privacy, risk, compliance, security policy, and business policy, particularly those responsible for building and running UMA-enabled services. Much more to come in this area. Want to get involved? Join us!
  • Feb 27: The group charter has been updated with a fresh roadmap of activities now that UMA 2.0 is complete – check it out!
  • Feb 22: Congratulations to Tim Reiniger, our newly confirmed Legal Editor on the UMA Leadership Team! He has already contributed a great deal to our work on an UMA Business Model – stay tuned for publication of our first document. If you're interested in our Legal efforts specifically, get in touch with the chair.
  • January 24: You can find slides from an IAM Meetup presentation on "GDPR, PSD2, CIAM, and UMA 2.0" by Eve Maler here.
  • January 13: Read the press release about the publication of the UMA 2.0 specifications!
  • January 9: The UMA 2.0 Grant for OAuth 2.0 Authorization and Federated Authorization for UMA 2.0 specifications have been published as Recommendations! You can download them at the Kantara Reports & Recommendations page.
 
Leadership
  • Chair: Eve Maler
  • Vice-Chair: Maciej Machulak
  • Full leadership team list
  • Read about Kantara leadership roles
Teleconference Info