[WG-UMA] Looking for input on revamping the authz server config data

Eve Maler eve at xmlgrrl.com
Fri Dec 28 18:27:39 EST 2012

Recently, we changed the dynamic client registration line-item in the config data, going from a "is this feature supported?" flag to a declaration of an endpoint. But we have a design principle around declaring any optional features supported in the config data, and there are also some other line-items that could use a bit of reworking after our terminology changes.

Thomas and I met for some spec work yesterday and today, and wanted to float the following proposal to you all. How about a new chunk of config data line-items as follows?

pat_profiles_supported: bearer, etc... (meaning OAuth's bearer token profile; broken out from "oauth_token_types_supported", which is now an odd name)
aat_profiles_supported: bearer, etc... (ditto)
rpt_profiles_supported: bearer, etc... (meaning UMA's bearer token profile)
pat_grant_types_supported: authorization_code, etc... (broken out from "oauth_grant_types_supported", which is now an odd name)
aat_grant_types_supported: authorization_code, etc... (ditto)
dyn_client_registration: boolean (re-added, with more significant meaning now that the dyn client reg spec is a real thing)

Please weigh in, and we'll decide a direction in next Thursday's meeting. Thanks,


Eve Maler                                  http://www.xmlgrrl.com/blog
+1 425 345 6756                         http://www.twitter.com/xmlgrrl

More information about the WG-UMA mailing list