User Managed Access (UMA)

The MIT-KIT is seeking project sponsors and participants interested in developing an open source implementation of the UMA Protocol from the Kantara Initiative.

UMA is a "profile" (or layer above) the OAuth2.0 authrization framework from the IETF.  The UMA design establishes the OAuth2.0 Authorization Server (AS) as a Policy Administration Point (PAP) and a Policy Decision Point (PDP).

UMA bring together OAuth2.0 as the means for authorization (ie. OAuth2.0 Tokens with JOSE-based signing/encryption), OIDC for Single-Sign-On and UMA for the single-point authorization management by the end-user.  Hence, UMA gives the individual a user-centric approach to managing access control for his/her resources that are spread all over the Internet. Below is a summary Venn diagram of the relationships among UMA, OAuth2.0 and OIDC (courtesy of Eve Maler).