Relationship Manager User Stories
Hi, as requested have collected the user stories we've looked at around the Wallet/ Relationship Manager drafts for discussion tomorrow From: https://kantarainitiative.org/confluence/display/uma/UMA+telecon+2020-11-19 As RqP Bob, I want to be able to request access to a set of Alice's resources directly from Alice's AS without knowledge of their location, because I don't have to bother getting or caring about all the locations from Alice first. As client C used by RqP Bob, want to be able to request access to a set of Alice's resources directly from Alice's AS on Bob's behalf without knowledge of their location, because I don't have to retrieve the locations first. — From: https://groups.google.com/g/kantara-initiative-uma-wg/c/f0g98sr22Rw/m/M5jK9z... As a RO, I want to manage my resources independently of each individual RS (UMA core prop) As an AS, I want to decouple the consent management UX from the authorization services, As a RO, I need a personally controlled user-agent (UMA Wallet) to manage my key material, in order to maintain personal-agency in ecosystems As a RO, I want to authorize a "UMA Wallet" to manage RS resources, so that I have a single view into my available RS's and Resources As a RS, I need Alice to authenticate in order to determine which resources she can manage, in order to ensure appropriate management access As a RS, I need Alice to establish credentials (pub key), so that I can trust externally asserted policy was issued with Alice AS a RS, I need to trust delegations signed by Alice's key, so that Alice can allow Bob (other keys...) or <<claims gathering condition>> to access her resources As a RS, I may delegate resource management user experience, so that I can focus of my core service to the RO As an RS, I need to know which AS(s) Alice wants to use, in order to delegate access control (uma core) As an AS, I want to delegate RqP identification to a UMA Wallet, so that - a RqP can choose their private key and consent management provider - I can avoid directly holding or seeing a users personal details Best, - Alec
Hi all, A couple slides with diagrams, challenges and user stories Cheers, - Alec On Wed, Jun 23, 2021 at 1:21 PM Alec Laws <malcolm.laws@gmail.com> wrote:
Hi, as requested have collected the user stories we've looked at around the Wallet/ Relationship Manager drafts for discussion tomorrow
From: https://kantarainitiative.org/confluence/display/uma/UMA+telecon+2020-11-19
As RqP Bob, I want to be able to request access to a set of Alice's resources directly from Alice's AS without knowledge of their location, because I don't have to bother getting or caring about all the locations from Alice first.
As client C used by RqP Bob, want to be able to request access to a set of Alice's resources directly from Alice's AS on Bob's behalf without knowledge of their location, because I don't have to retrieve the locations first.
— From: https://groups.google.com/g/kantara-initiative-uma-wg/c/f0g98sr22Rw/m/M5jK9z...
As a RO, I want to manage my resources independently of each individual RS (UMA core prop)
As an AS, I want to decouple the consent management UX from the authorization services,
As a RO, I need a personally controlled user-agent (UMA Wallet) to manage my key material, in order to maintain personal-agency in ecosystems
As a RO, I want to authorize a "UMA Wallet" to manage RS resources, so that I have a single view into my available RS's and Resources
As a RS, I need Alice to authenticate in order to determine which resources she can manage, in order to ensure appropriate management access
As a RS, I need Alice to establish credentials (pub key), so that I can trust externally asserted policy was issued with Alice
AS a RS, I need to trust delegations signed by Alice's key, so that Alice can allow Bob (other keys...) or <<claims gathering condition>> to access her resources
As a RS, I may delegate resource management user experience, so that I can focus of my core service to the RO
As an RS, I need to know which AS(s) Alice wants to use, in order to delegate access control (uma core)
As an AS, I want to delegate RqP identification to a UMA Wallet, so that - a RqP can choose their private key and consent management provider - I can avoid directly holding or seeing a users personal details
Best, - Alec
participants (1)
-
Alec Laws