Skip to main content

User-Managed Access (UMA) Claim Profiles Framework

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors Domenico Catalano , Maciej Machulak
Last updated 2015-01-22 (Latest revision 2014-07-21)
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


User-Managed Access (UMA) is a profile of OAuth 2.0. UMA defines how resource owners can control protected-resource access by clients operated by arbitrary requesting parties, where the resources reside on any number of resource servers, and where a centralized authorization server governs access based on resource owner policy. This specification defines a generic framework for building UMA claim profiles that can be used by client applications to obtain the necessary authorization to access protected resources. This revision of the specification is part of V0.9.


Domenico Catalano
Maciej Machulak

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)