Hey again Pedro,
Wanted to let you know that the group took a look at the Keycloak news in
the call today, and I've updated the Implementations page with the details
and links. Congrats!!
We had some questions about the purpose of the permission endpoint and if
this is something that makes sense to standardized for any interop purpose,
or whether it would be internal to the ecosystem in question:
====
https://kantarainitiative.org/confluence/display/uma/UMA+telecon+2018-08-09
It appears that there is an extension to the permission endpoint
https://www.keycloak.org/docs/latest/authorization_services/index.html#_serv...
to
all the RS to push claims to that endpoint. "When creating tickets you can
also push arbitrary claims and associate these claims with the ticket ...
(example shown) ... Where these claims will be available to your policies
when evaluating permissions for the resource and scope(s) associated with
the permission ticket.". Is is something that would be interesting to
standardize for interop? We can ask Pedro in email. He had proposed an
extension (see issue 355
https://github.com/KantaraInitiative/wg-uma/issues/355) that would
shortcut using a permission ticket at all, for narrow-ecosystem enterprise
purposes.
====
What do you think? Thanks,
*Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
On Tue, Aug 7, 2018 at 11:38 AM, Mike Schwartz
Way to go Pedro!!! Great news!!!
The Gluu Gateway could act as the UMA RS, and we have a demo UMA client too. If you have an Internet accessible instance, we'd be interested to test that with you. Perhaps it could lead to a wider interop with WS02 and ForgeRock too (i.e. keep the RS and client constant).
If you want to chat, email me off list.
- Mike
------------------------ Michael Schwartz Gluu Founder / CEO mike@gluu.org https://www.linkedin.com/in/nynymike/
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org https://kantarainitiative.org/mailman/listinfo/wg-uma