Title: User-Managed Access (UMA) Profile of OAuth 2.0
Editor: Thomas Hardjono
Status: This specification was developed by the User-Managed Access Work Group and approved by the Membership of the Kantara Initiative as a Recommendation according to its Operating Procedures.
Abstract: User-Managed Access (UMA) is a profile of OAuth 2.0. UMA defines how resource owners can control protected-resource access by clients operated by arbitrary requesting parties, where the resources reside on any number of resource servers, and where a centralized authorization server governs access based on resource owner policies.