[keycloak-dev] UMA 2.0
Pedro Igor Silva
psilva at redhat.com
Thu Jun 15 09:05:15 EDT 2017
On Wed, Jun 14, 2017 at 6:11 PM, Alexey Kazakov <alkazako at redhat.com> wrote:
> IMO it's not a good approach in general to remove any public API without
> deprecating it first. Give users some time to adopt the changes :)
I won't dare to break you guys :)
> On 06/14/2017 05:50 AM, Pedro Igor Silva wrote:
> I would like to review our UMA implementation (which is based on v1), and
> get it aligned with the new version, v2.
> One of the main changes we need is that now UMA has a specific grant type
> that should be used by clients to obtain RPTs. The Authorization API no
> longer exists.
> Other changes are basically related with parts of the specs we are missing
> that don't really bring issues for people already using UMA in Keycloak.
> But new features and better UMA support.
> My question is if it is reasonable to have those changes in 3.2.0.CR1 and
> how ? For instance, if we decide to have those changes in, specially the
> new UMA grant type, should we keep/deprecate the legacy Authorization API
> for backward compatibility or just remove it from AuthZ REST API ?
> Pedro Igor
> keycloak-dev mailing listkeycloak-dev at lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-dev
More information about the keycloak-dev