Looking at both Alice-to-Bob and Alice-to-Bot sharing
Great article! I agree that UMA is ready to serve! UMA is still in both the Gluu Server and also in the upstream open source Janssen Server, see https://jans.io. The best docs we have are from Gluu 4: https://gluu.org/docs/gluu-server/4.5/admin-guide/uma/
Also, see current Janssen Auth Server OpenAPI docs, for example for version 1.8, https://gluu.org/swagger-ui/?url=https://raw.githubusercontent.com/JanssenProject/jans/v1.8.0/jans-auth-server/docs/swagger.yaml#/UMA_(User_Managed_Access) There you'll see endpoints for claims gathering, rpt token requests and configuration.
BTW, perhaps another way to look at UMA: a front channel transaction token.
Thanks for weighing in, Mike! Great references here. And interesting idea about being a kind of transaction token.
Great article! I agree that UMA is ready to serve! UMA is still in both the Gluu Server and also in the upstream open source Janssen Server, see https://jans.io. The best docs we have are from Gluu 4: https://gluu.org/docs/gluu-server/4.5/admin-guide/uma/
Also, see current Janssen Auth Server OpenAPI docs, for example for version 1.8, https://gluu.org/swagger-ui/?url=https://raw.githubusercontent.com/JanssenProject/jans/v1.8.0/jans-auth-server/docs/swagger.yaml#/UMA_(User_Managed_Access) There you'll see endpoints for claims gathering, rpt token requests and configuration.
BTW, perhaps another way to look at UMA: a front channel transaction token.
Thanks for weighing in, Mike! Great references here. And interesting idea about being a kind of transaction token.