This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
UMA 2.0 Grant for OAuth 2.0 Authorization
UMA 2.0 Grant for OAuth 2.0 Authorization

Version management

Difference between version and

At line 1 added 16 lines
!!! Overview[1]
[{$pagename}] ([UMAGrant]) defines an extension to the [OAuth 2.0] [Grant Types] and provides a means for a [OAuth Client], representing a [Requesting Party], to use a [Permission Ticket] to request an [OAuth 2.0] [Access Token] to gain access to a [Protected Resource] asynchronously from the time a [Resource Owner] authorizes access.
[{$pagename}] defines an extension [OAuth 2.0] [RFC 6749] grant. The grant enhances OAuth capabilities in the following ways:
* The resource owner authorizes protected resource access to clients used by entities that are in a requesting party role. This enables party-to-party authorization, rather than authorization of application access alone.
* The authorization server and resource server interact with the client and requesting party in a way that is asynchronous with respect to resource owner interactions. This lets a resource owner configure an authorization server with authorization grant rules (policy conditions) at will, rather than authorizing access token issuance synchronously just after authenticating.
For [example], bank customer ([Resource Owner]) [Alice] with a bank account service (Resource Server) can use a sharing management service (Authorization Server) hosted by the bank to manage access to her various [Protected Resources] by spouse [Bob], accounting professional Charline, and bank account aggregation company DecideAccount, all using different [client] [applications], to view account data and get access to payment or withdrawal functions.
An [OPTIONAL] second specification, [UMAFedAuthz], defines a means for an [UMA]-enabled [Authorization Server] and [Resource Server] to be loosely coupled, or federated, in a [Resource Owner] context. [{$pagename}] specification, together with [UMAFedAuthz], constitutes [UMA 2.0].
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [User-Managed Access (UMA) 2.0 Grant for OAuth 2.0 Authorization|https://docs.kantarainitiative.org/uma/wg/oauth-uma-grant-2.0-05.html#authorization-process|target='_blank'] - based on information obtained 2017-07-10-
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop