[keycloak-dev] UMA 2.0

Pedro Igor Silva psilva at redhat.com
Thu Jun 15 09:03:37 EDT 2017


I see. Well, I think we can keep for a while. Shall we remove it in
3.2.0.Final ?

On Thu, Jun 15, 2017 at 9:41 AM, Stian Thorgersen <sthorger at redhat.com>
wrote:

> Depends on amount of work. If it's not to much extra work I'd prefer to
> have backwards compatibility for a while to allow users to migrate then
> remove in the last 3.x release. If that is a lot of work then we should
> just remove it.
>
> On 14 June 2017 at 14:50, Pedro Igor Silva <psilva at redhat.com> wrote:
>
>> Hi,
>>
>> I would like to review our UMA implementation (which is based on v1), and
>> get it aligned with the new version, v2.
>>
>> One of the main changes we need is that now UMA has a specific grant type
>> that should be used by clients to obtain RPTs. The Authorization API no
>> longer exists.
>>
>> Other changes are basically related with parts of the specs we are missing
>> that don't really bring issues for people already using UMA in Keycloak.
>> But new features and better UMA support.
>>
>> My question is if it is reasonable to have those changes in 3.2.0.CR1 and
>> how ? For instance, if we decide to have those changes in, specially the
>> new UMA grant type, should we keep/deprecate the legacy Authorization API
>> for backward compatibility or just remove it from AuthZ REST API ?
>>
>> Regards.
>> Pedro Igor
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
>
>


More information about the keycloak-dev mailing list