Hi, I’ve worked a little bit around set math for the authorization assessment, using a formal language and symbols, I hope it works :-) Set Math for UMA Authorization Assessment Let define a superset 𝑺 of all possible assignable scopes to protected resources in a UMA context. Let 𝑠 an element of 𝑺 (𝑠 ∈ 𝑺). Let define the following subsets of 𝑺: 𝐴 = ClientRegistered = {𝑠, scopes registered at AS by the Client , s.t. 𝑠 ∈ 𝑺}, A ⊆ 𝑺; 𝐵 = ClientRequested = {𝑠, scopes requested at Resource Server by the Client. s.t. 𝑠 ∈ 𝑺}, 𝐵 ⊆ 𝑺; 𝐶 = PermissionTicket = {𝑠, scopes recently used by the Client, s.t. 𝑠 ∈ 𝑺 }, 𝐶 ⊆ 𝑺; 𝐷 = ResourceRegisteredScopes = {𝑠, scopes registered with a protected Resource at AS by the RO, s.t. 𝑠 ∈ 𝑺}, 𝐷 ⊆ 𝑺; Calculate the RequestedScopes (𝑬 ) set as following: 𝑬 = RequestedScopes = PermissionTicket ⋃ (ClientRegistered ⋂ ClientRequested); 𝑬 = 𝐶 ⋃ (𝐴 ⋂ 𝐵); Let define SatisfiedPolicyCondition (𝑭 ) as the set all the scopes for which the client satisfies the policy condition related to. 𝑭 = SatisfiedPolicyCondition = {𝑠 ⇔ Client satisfies policy condition ∀ 𝑠 ∈ 𝑫}; Calculate the CandidateGrantedScopes (𝑮) set as following: 𝑮 = CandidateGrantedScopes = RequestedScopes ⋂ SatisfiedPolicyCondition; 𝑮 = 𝑬 ⋂ 𝑭; Thanks Domenico