Sorry, sent the e-mail before completing it :). Please, ignore the first one. Hi All, Keycloak [1] project is now supporting UMA 2.0. Except for claims gathering flow, most of the specification is implemented. Documentation is available here [2]. The main features we support are: * Resource registration * Permission Ticket management In a nutshell, the only thing we don't have yet from UMA specs is claims gathering flow. Documentation is here [1]. A simple example app (photoz) using UMA can be checked here [2]. We have extended the Protection API to include a new endpoint to manage user permissions [3]. It was a result of contributions from the community in order allow RSs to associate/manage custom policies for resources while still letting users manage them. While we don't have support for claims gathering, RSs are allowed to push claims when creating a permission ticket [4]. Will summarize those points and prepare the e-mail. [1] https://www.keycloak.org <https://www.keycloak.org/docs/latest/authorization_services/index.html#_service_user_managed_access> [2] https://www.keycloak.org/docs/latest/authorization_servi ces/index.html#_service_user_managed_access Thanks. Pedro Igor On Tue, Aug 7, 2018 at 9:14 AM, Pedro Igor Silva <psilva@redhat.com> wrote:
Hi All,
Keycloak [1] project is now supporting UMA 2.0. Except for claims gathering flow, most of the specification is implemented.
The main features we support are:
* Resource registration
In a nutshell, the only thing we don't have yet from UMA specs is claims gathering flow. Documentation is here [1]. A simple example app (photoz) using UMA can be checked here [2].
We have extended the Protection API to include a new endpoint to manage user permissions [3]. It was a result of contributions from the community in order allow RSs to associate/manage custom policies for resources while still letting users manage them.
While we don't have support for claims gathering, RSs are allowed to push claims when creating a permission ticket [4].
Will summarize those points and prepare the e-mail.
Thanks. Pedro Igor
[1] https://www.keycloak.org/docs/latest/authorization_servi ces/index.html#_service_user_managed_access [2] https://github.com/keycloak/keycloak-quickstarts/tree/ latest/app-authz-uma-photoz [3] https://www.keycloak.org/docs/latest/authorization_servi ces/index.html#_service_authorization_uma_policy_api [4] https://www.keycloak.org/docs/latest/authorization_servi ces/index.html#_service_protection_permission_api_papi