There are two steps for registering a resource server. The first is the “OAuth client” registration, and that will use RFC7591’s protocol as-is. There should be some additional pieces to the registration’s data object that I’ve raised issues for already, but they haven’t made it into the spec yet. As it stands today, you can use it directly as written.

The second step is getting the PAT to the resource server, and that’s a fairly standard OAuth transaction with Alice, but asking for the special UMA authorization API scope. This doesn’t involve RFC7591 (and obviously can work without it). 

 — Justin

On Jul 19, 2015, at 9:14 PM, Adrian Gropper <agropper@healthurl.com> wrote:

How much of RFC7591 would be different in a specification for how a resource owner registers their home-built authorization server with a protected resource?

Adrian

On Saturday, July 18, 2015, Eve Maler <notifications@github.com> wrote:

UMA Core contains a number of references to [DynClientReg], which spec is now IETF RFC 7591. The normative reference should be updated to point to the final document:

https://tools.ietf.org/html/rfc7591


Reply to this email directly or view it on GitHub.



--
Adrian Gropper MD
Ensure Health Information Privacy. Support Patient Privacy Rights.
http://patientprivacyrights.org/donate-2/ 


_______________________________________________
WG-UMA mailing list
WG-UMA@kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/wg-uma