Hi Pedro-- In UMA1 (RSR Sec 2.1 <https://docs.kantarainitiative.org/uma/rec-oauth-resource-reg-v1_0_1.html#resource-set-desc>) the resource description had a uri parameter that could putatively be used to populate discovery service entries, either directly in a Webfinger resource or through indirection. We removed <https://kantarainitiative.org/confluence/display/uma/UMA+Release+Notes#UMAReleaseNotes-ResourceDescriptionsLoseuriParameter> it in UMA2 due to potential security and privacy considerations, but labeled it an area where people may want to add an extension. Of course, such a mechanism would be useful if the AS were used as a *central* discovery service for the RO. The RS itself could make the RO's resources discoverable any other way it wants to. *Eve Maler*Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl On Thu, Oct 19, 2017 at 5:59 AM, Pedro Igor Silva <psilva@redhat.com> wrote:

Hello,

Have you ever considered WebFinger [1] to discover resources protected by a resource server ? For instance, that could help clients to obtain from the RS itself the resource identifier and AS in order to obtain a RPT without a permission ticket.

[1] https://tools.ietf.org/html/rfc7033

Regards. Pedro Igor

_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org https://kantarainitiative.org/mailman/listinfo/wg-uma