User-Managed Access (UMA) Claim Profiles Framework

Document Type Expired Internet-Draft (individual)
Authors Domenico Catalano  , Maciej Machulak 
Last updated 2015-01-22 (latest revision 2014-07-21)
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


User-Managed Access (UMA) is a profile of OAuth 2.0. UMA defines how resource owners can control protected-resource access by clients operated by arbitrary requesting parties, where the resources reside on any number of resource servers, and where a centralized authorization server governs access based on resource owner policy. This specification defines a generic framework for building UMA claim profiles that can be used by client applications to obtain the necessary authorization to access protected resources. This revision of the specification is part of V0.9.


Domenico Catalano (
Maciej Machulak (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)