Closed lusoalex closed 4 years ago
@brasseld I am going further than just the discovery for this issue, as I put the resource_registration_endpoint, I am implementing it in the meantime.
So this issue will contain resource_set & permission endpoint. (Protection API).
https://docs.kantarainitiative.org/uma/wg/rec-oauth-uma-grant-2.0.html#as-config https://docs.kantarainitiative.org/uma/wg/rec-oauth-uma-federated-authz-2.0.html#as-config
User-Managed Access (UMA) 2.0 contains these two specifications :
While the first one explains how to grant access, the second defines a means for AS & RS to be loosely coupled.
Both require additional metadata attributes extending the original oauth2 provider configuration metadata.
UMA Grant requires : See here
Federated requires : see here. They are part of the UMA2 AS Protection API
See Original Oauth2 metadata here