Why would you transition? UMA is not “OAuth++”, it’s a different protocol that uses OAuth to do its job. It doesn’t solve the OAuth use case particularly smoothly, so if you’re doing OAuth and that fits, then keep doing that. If you have use cases that can be addressed by UMA (cross-domain authorization servers, user-supplied authorization servers, and user-to-user delegation), then you can build an UMA system alongside the OAuth system. But it doesn’t (and shouldn’t) replace it.

— Justin

On Mar 28, 2016, at 3:14 PM, Arlene Mordeno <Arlene.Mordeno@edgile.com> wrote:

Hello,

Would anyone have any material on how an enterprise can transition from using Oauth into UMA, say a year from now? I am looking for infrastructure considerations when doing an enterprise IAM strategy.

Thanks,

Arlene

_______________________________________________
WG-UMA mailing list
WG-UMA@kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/wg-uma