Eve Maler
Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl

On Tue, Aug 7, 2018 at 5:28 AM, Pedro Igor Silva <psilva@redhat.com> wrote:

Hi All,

Keycloak [1] project is now supporting UMA 2.0. Except for claims gathering flow, most of the specification is implemented. Documentation is available here [2].

We would appreciate any feedback in order to improve our UMA 2.0 support.

The main features we support are:

* Resource and Permission management through Protection API
* Policy enforcers (for different web containers) supporting UMA 2.0 flow
* Changes to Keycloak Account Service to allow resource owners to manage permissions for their resources

If you want to try it out, we have an example application (photoz) [3] that is available in our repository.

Thanks and sorry for sending all these e-mails :)

Regards.
Pedro Igor

[1] https://www.keycloak.org
[2] https://www.keycloak.org/docs/latest/authorization_services/index.html#_service_user_managed_access
[3] https://github.com/keycloak/keycloak-quickstarts/tree/latest/app-authz-uma-photoz

Thanks.

On Tue, Aug 7, 2018 at 9:17 AM, Pedro Igor Silva <psilva@redhat.com> wrote:
Sorry, sent the e-mail before completing it :). Please, ignore the first one.

Hi All,

Keycloak [1] project is now supporting UMA 2.0. Except for claims gathering flow, most of the specification is implemented. Documentation is available here [2].

The main features we support are:

* Resource registration
* Permission Ticket management

In a nutshell, the only thing we don't have yet from UMA specs is claims gathering flow. Documentation is here [1]. A simple example app (photoz) using UMA can be checked here [2].

We have extended the Protection API to include a new endpoint to manage user permissions [3]. It was a result of contributions from the community in order allow RSs to associate/manage custom policies for resources while still letting users manage them.

While we don't have support for claims gathering, RSs are allowed to push claims when creating a permission ticket [4].

Will summarize those points and prepare the e-mail.

[1] https://www.keycloak.org
[2] https://www.keycloak.org/docs/latest/authorization_services/index.html#_service_user_managed_access

Thanks.
Pedro Igor

On Tue, Aug 7, 2018 at 9:14 AM, Pedro Igor Silva <psilva@redhat.com> wrote:
Hi All,

Keycloak [1] project is now supporting UMA 2.0. Except for claims gathering flow, most of the specification is implemented.

The main features we support are:

* Resource registration

In a nutshell, the only thing we don't have yet from UMA specs is claims gathering flow. Documentation is here [1]. A simple example app (photoz) using UMA can be checked here [2].

We have extended the Protection API to include a new endpoint to manage user permissions [3]. It was a result of contributions from the community in order allow RSs to associate/manage custom policies for resources while still letting users manage them.

While we don't have support for claims gathering, RSs are allowed to push claims when creating a permission ticket [4].

Will summarize those points and prepare the e-mail.

Thanks.
Pedro Igor

[1] https://www.keycloak.org/docs/latest/authorization_services/index.html#_service_user_managed_access
[2] https://github.com/keycloak/keycloak-quickstarts/tree/latest/app-authz-uma-photoz
[3] https://www.keycloak.org/docs/latest/authorization_services/index.html#_service_authorization_uma_policy_api
[4] https://www.keycloak.org/docs/latest/authorization_services/index.html#_service_protection_permission_api_papi

_______________________________________________
WG-UMA mailing list
WG-UMA@kantarainitiative.org
https://kantarainitiative.org/mailman/listinfo/wg-uma