How does a Resource Server operator advertise that they offer policy-based OAuth client access? (If they just want to support clients that they register directly, they can simply claim OAuth2).
Let's consider a connected lock vendor wants to make a claim that their lock works with "standard" OAuth authorization servers rather than asking all of the visitors to install yet another app on their smartphone. Let's also consider a hospital with a FHIR API that also wants to claim it works with "standard" OAuth2 authorization servers.
What label would apply to these authorization servers that says to folks: "Your standard AS accepted here?" Is it UMA, HEART, or do we invent some other trademark?
Adrian