[keycloak-dev] UMA 2.0

Stian Thorgersen sthorger at redhat.com
Thu Jun 15 08:41:27 EDT 2017

Depends on amount of work. If it's not to much extra work I'd prefer to
have backwards compatibility for a while to allow users to migrate then
remove in the last 3.x release. If that is a lot of work then we should
just remove it.

On 14 June 2017 at 14:50, Pedro Igor Silva <psilva at redhat.com> wrote:

> Hi,
> I would like to review our UMA implementation (which is based on v1), and
> get it aligned with the new version, v2.
> One of the main changes we need is that now UMA has a specific grant type
> that should be used by clients to obtain RPTs. The Authorization API no
> longer exists.
> Other changes are basically related with parts of the specs we are missing
> that don't really bring issues for people already using UMA in Keycloak.
> But new features and better UMA support.
> My question is if it is reasonable to have those changes in 3.2.0.CR1 and
> how ? For instance, if we decide to have those changes in, specially the
> new UMA grant type, should we keep/deprecate the legacy Authorization API
> for backward compatibility or just remove it from AuthZ REST API ?
> Regards.
> Pedro Igor
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev

More information about the keycloak-dev mailing list