Hi All,

Keycloak [1] project is now supporting UMA 2.0. Except for claims gathering flow, most of the specification is implemented.

The main features we support are:

* Resource registration

In a nutshell, the only thing we don't have yet from UMA specs is claims gathering flow. Documentation is here [1]. A simple example app (photoz) using UMA can be checked here [2].

We have extended the Protection API to include a new endpoint to manage user permissions [3]. It was a result of contributions from the community in order allow RSs to associate/manage custom policies for resources while still letting users manage them.

While we don't have support for claims gathering, RSs are allowed to push claims when creating a permission ticket [4].

Will summarize those points and prepare the e-mail.

Thanks.
Pedro Igor

[1] https://www.keycloak.org/docs/latest/authorization_services/index.html#_service_user_managed_access

[2] https://github.com/keycloak/keycloak-quickstarts/tree/latest/app-authz-uma-photoz

[3] https://www.keycloak.org/docs/latest/authorization_services/index.html#_service_authorization_uma_policy_api

[4] https://www.keycloak.org/docs/latest/authorization_services/index.html#_service_protection_permission_api_papi