Hi All,Keycloak [1] project is now supporting UMA 2.0. Except for claims gathering flow, most of the specification is implemented. Documentation is available here [2].We would appreciate any feedback in order to improve our UMA 2.0 support.The main features we support are:* Resource and Permission management through Protection API* Policy enforcers (for different web containers) supporting UMA 2.0 flow* Changes to Keycloak Account Service to allow resource owners to manage permissions for their resourcesIf you want to try it out, we have an example application (photoz) [3] that is available in our repository.Thanks and sorry for sending all these e-mails :)Regards.Pedro IgorThanks.On Tue, Aug 7, 2018 at 9:17 AM, Pedro Igor Silva <psilva@redhat.com> wrote:Sorry, sent the e-mail before completing it :). Please, ignore the first one.Hi All,Keycloak [1] project is now supporting UMA 2.0. Except for claims gathering flow, most of the specification is implemented. Documentation is available here [2].The main features we support are:* Resource registration* Permission Ticket managementIn a nutshell, the only thing we don't have yet from UMA specs is claims gathering flow. Documentation is here [1]. A simple example app (photoz) using UMA can be checked here [2].We have extended the Protection API to include a new endpoint to manage user permissions [3]. It was a result of contributions from the community in order allow RSs to associate/manage custom policies for resources while still letting users manage them.While we don't have support for claims gathering, RSs are allowed to push claims when creating a permission ticket [4].Will summarize those points and prepare the e-mail.Thanks.
Pedro IgorOn Tue, Aug 7, 2018 at 9:14 AM, Pedro Igor Silva <psilva@redhat.com> wrote:Hi All,Keycloak [1] project is now supporting UMA 2.0. Except for claims gathering flow, most of the specification is implemented.The main features we support are:* Resource registrationIn a nutshell, the only thing we don't have yet from UMA specs is claims gathering flow. Documentation is here [1]. A simple example app (photoz) using UMA can be checked here [2].We have extended the Protection API to include a new endpoint to manage user permissions [3]. It was a result of contributions from the community in order allow RSs to associate/manage custom policies for resources while still letting users manage them.While we don't have support for claims gathering, RSs are allowed to push claims when creating a permission ticket [4].Will summarize those points and prepare the e-mail.Thanks.
Pedro Igor[1] https://www.keycloak.org/docs/latest/authorization_servi ces/index.html#_service_user_m anaged_access
_______________________________________________
WG-UMA mailing list
WG-UMA@kantarainitiative.org
https://kantarainitiative.org/mailman/listinfo/wg-uma