Hi UMAnitarians,
I once mistakenly thought that a decentralized system with the UMA protocol could be built in combination with the OIDC authentication system. Of course, this is not possible because the OIDC provider has to be common to both the RO and the RqP, or at least has to be federated / centralized in some way. If the RO and RqP can use mutually independent OIDC providers it will be possible to build decentralized systems such as AEMS, chat or file sharing services. So I tried to adapt the OAuth2 Authorization Code Grant for UMA Authorization Code Grant. I completely lost my thread on this point. My apologies for any inconvenience this non-umanitarian approach may have caused.
After some thought and experimentation, I discarded the previous concept and replaced it with another one – this time UMA-compliant. At the core of this new idea is the use of a DKIM signed Delegation Of Authority Email stored in a jwt/token claim. I need some time to refine this idea, hope it turns out well this time.