You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to wg-uma@kantarainitiative.org WG
Hi all,
The UMA Authorization Code Grant defines a mechanism for user-to-user (sender-to-recipient) delegation of access. Figure 1 provides the schematic flow for the UMA Authorization Code Grant by which the sender (Resource Owner) delegates the Requesting Party Client to access the sender's resources on behalf of the recipient.
Figure 1.
Regards
-Igor
Igor Zboran
unread,
Mar 22, 2021, 1:03:43 PM3/22/21
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to wg-uma@kantarainitiative.org WG
Hmm, it seems to me that the resource id / ticket are in this grant redundant. Am I right?
-Igor
Alec L
unread,
Mar 22, 2021, 1:14:47 PM3/22/21
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Igor Zboran, wg-uma@kantarainitiative.org WG
Hi Igor, I'd agree it seems duplicated on first look.
The 'mail retrieving agent' (MRA) should only need the link(URI) to the resource, once the MRA makes the 'RPT-less' resource request it will be returned a fresh ticket and the location of the UMA AS (through WWW-Authenticate)
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Alec L, wg-uma@kantarainitiative.org WG
Hi Alec, the UMA Authorization Code Grant should also work with web portals. The AS may generate a link with a short-lived authorization code and send it to the RqP in an email either implicitly during a sharing process (synchronously) or later, at the explicit RqP request (asynchronously) – next, the RqP retrieves and opens the email, clicks on the link and the RqP client gets an RPT.