© Michael Schwartz, Maciej Machulak 2018
Michael Schwartz and Maciej MachulakSecuring the Perimeterhttps://doi.org/10.1007/978-1-4842-2601-8_8

8. User-Managed Access

Michael Schwartz1  and Maciej Machulak2
(1)
Austin, TX, USA
(2)
London, UK
 

Today, you use OAuth 2.0 to authorize software to access your own stuff, but what if you want to let someone else access your stuff? We call this “Alice to Bob sharing”. This is one of the primary use cases for the User-Managed Access (UMA) protocol. Alice and Bob don’t have to be humans—either can be a non-person entity (NPE), such as a software process or company. With UMA, Alice can use any authorization server to share data with Bob. It’s up to Bob and the clients he is using, to interact with the authorization ...

Get Securing the Perimeter: Deploying Identity and Access Management with Free Open Source Software now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.