KantaraInitiative wg-uma issues

KantaraInitiative / wg-uma

This is the repository of all specifications related to the User Managed Access Group

http://kantarainitiative.org/confluence/display/uma/

Other

27 stars 21 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Fix typos in oauth-uma-grant.xml

#366 Potherca opened 1 month ago
0
Policy Manager intro use cases & Relationship Manager scope

#365 aleclaws opened 3 years ago
0
Scope of Current Extension Effort

#364 aleclaws opened 3 years ago
3
Policy manager extension

#363 aleclaws closed 3 years ago
0
register the "UMA" auth scheme with IANA

#362 xmlgrrl opened 4 years ago
2
Need to edit Grant and FedAuthz specs to reflect that OAuth AS metadata spec is final

#361 xmlgrrl opened 5 years ago
0
Typo in Grant 2.0

#360 xmlgrrl opened 6 years ago
0
Comments received during AMB

#359 xmlgrrl closed 6 years ago
4
Authorization should be under the purview of the relying party

#358 xmlgrrl closed 6 years ago
5
Remove set math parenthetical clarification

#357 xmlgrrl closed 6 years ago
0
Add request_submitted code example

#356 xmlgrrl closed 6 years ago
0
Returning RPT from Resource Server

#355 pedroigor closed 2 years ago
3
No error for bad request body in FedAuthz RReg

#354 mrpotes closed 6 years ago
16
Make the permission ticket optional when "upgrading" the RPT for an UMA-native refresh flow

#353 xmlgrrl opened 6 years ago
0
Why is PAT used for ticket and introspection?

#352 mrpotes closed 6 years ago
4
Editorial issues on FedAuthz from Cigdem

#351 xmlgrrl closed 6 years ago
5
Which error code to return when candidate granted scopes is less than requested scopes

#350 joebandenburg closed 6 years ago
3
Undefined behaviour if submitted RPT for upgrade is invalid or expired

#349 joebandenburg closed 6 years ago
5
No means no! (Alice's right to revoke)

#348 mrpotes closed 6 years ago
6
UMA should not presume to know when scope is not an error

#347 mrpotes closed 6 years ago
10
ClientRegistered scopes should not be first class citizen

#346 mrpotes closed 6 years ago
3
Behaviour for bad claim_token_format values

#345 mrpotes closed 6 years ago
3
Behaviour for invalid/expired claim_token

#344 mrpotes closed 6 years ago
3
Token error response should defer to 6749

#343 mrpotes closed 6 years ago
3
Security considerations could be made clearer

#342 mrpotes closed 6 years ago
1
request_submitted ticket parameter should not be a MUST

#341 mrpotes closed 6 years ago
5
No error defined for policy evaluation failed

#340 mrpotes closed 6 years ago
13
Permission endpoint request implies array cannot be used for single resource identifier

#339 mrpotes closed 6 years ago
1
Incorrect Location value for resource creation response

#338 mrpotes closed 6 years ago
1
Variety of issues on revs 05

#337 xmlgrrl closed 6 years ago
15
Clarify that token_type_hint for RPT should be set to access_token

#336 xmlgrrl closed 6 years ago
0
Terminology and diagram comments

#335 xmlgrrl closed 6 years ago
5
Registration request for JWT permissions claims incomplete and may have other issues

#334 xmlgrrl closed 6 years ago
2
Enhance redirect_user example description in Grant Sec 3.3.6

#333 xmlgrrl closed 6 years ago
0
Are the PCT definition(s) fully satisfying to implementers?

#332 xmlgrrl closed 6 years ago
4
FedAuthz Sec 9.3 should describe the item being registered as a "name"

#331 xmlgrrl closed 6 years ago
1
FedAuthz Sec 9.2 should reference RFC 7519 as JWT Registry basis, not OIDCCore

#330 xmlgrrl closed 6 years ago
2
Xrefs to Sec 3.3.1 in Grant Sec 7.4.1 should be changed to Sec 3.3.6

#329 xmlgrrl closed 6 years ago
1
How are client-contributed scopes mapped to resources during authorization assessment?

#328 xmlgrrl closed 6 years ago
3
An array of (what)

#327 xmlgrrl closed 6 years ago
6
Definition of permission ticket

#326 xmlgrrl closed 6 years ago
0
rewrite claims/state security considerations language

#325 jricher closed 7 years ago
1
Minor typo claim_tokens -> claim_token

#324 potatosalad closed 7 years ago
1
Editorial items from Justin

#323 xmlgrrl closed 7 years ago
8
Should our token introspection object permissions structure be a MUST now?

#322 xmlgrrl closed 7 years ago
1
Errors are ill-defined

#321 xmlgrrl closed 7 years ago
2
Human-readable scope display should be explicit

#320 xmlgrrl closed 7 years ago
2
Editorial cleanup items pre-Draft Recommendation stage

#319 xmlgrrl closed 7 years ago
1
Change resource description's scopes parameter to resource_scopes

#318 xmlgrrl closed 7 years ago
1
Possible to get an RPT for a resource with no scopes?

#317 xmlgrrl closed 7 years ago
2