Kantara will be closing its public review period for the User-Managed Access (UMA) V1.0 candidate specs on Friday, February 20. Now’s your chance to get comments in! The UMA Work Group, of which I’m the chair, will be considering all feedback and working through the Kantara Initiative Recommendation process over the coming weeks.
In the meantime, ForgeRockers on the OpenAM team have been hard at work implementing an “UMA Provider” (an UMA-conforming authorization server) as part of our OpenUMA project, and we plan to reveal the initial results to you all very soon.
If you are just joining us for the UMA story, it’s a web standard built on top of OAuth that enables you to add powerful new authorization, user consent, and claims-based access control features to application and API ecosystems.