[uma2] discovery endpoint

lusoalex commented 4 years ago

https://docs.kantarainitiative.org/uma/wg/rec-oauth-uma-grant-2.0.html#as-config https://docs.kantarainitiative.org/uma/wg/rec-oauth-uma-federated-authz-2.0.html#as-config

User-Managed Access (UMA) 2.0 contains these two specifications :

UMA 2.0 Grant for OAuth 2.0 Authorization
Federated Authorization for UMA 2.0

While the first one explains how to grant access, the second defines a means for AS & RS to be loosely coupled.
Both require additional metadata attributes extending the original oauth2 provider configuration metadata.

UMA Grant requires : See here

claims_interaction_endpoint
uma_profiles_supported

Federated requires : see here. They are part of the UMA2 AS Protection API

permission_endpoint
- resource_registration_endpoint
- introspection_endpoint (already available in the oauth2 spec)

See Original Oauth2 metadata here

lusoalex commented 4 years ago

@brasseld I am going further than just the discovery for this issue, as I put the resource_registration_endpoint, I am implementing it in the meantime.
So this issue will contain resource_set & permission endpoint. (Protection API).

tcompiegne commented 4 years ago

closed by https://github.com/gravitee-io/graviteeio-access-management/commit/7ff3d5d372d8f30bcef33f03bdcc3d90f8918ed0

gravitee-io / issues

[uma2] discovery endpoint #3716