[keycloak-dev] UMA 2.0

Stian Thorgersen sthorger at redhat.com
Mon Jun 19 02:56:29 EDT 2017


We can remove it in 3.3 or maybe even 3.4. Just add a JIRA to remove it to
3.3 and we can discuss exactly when later.

On 15 June 2017 at 15:03, Pedro Igor Silva <psilva at redhat.com> wrote:

> I see. Well, I think we can keep for a while. Shall we remove it in
> 3.2.0.Final ?
>
> On Thu, Jun 15, 2017 at 9:41 AM, Stian Thorgersen <sthorger at redhat.com>
> wrote:
>
>> Depends on amount of work. If it's not to much extra work I'd prefer to
>> have backwards compatibility for a while to allow users to migrate then
>> remove in the last 3.x release. If that is a lot of work then we should
>> just remove it.
>>
>> On 14 June 2017 at 14:50, Pedro Igor Silva <psilva at redhat.com> wrote:
>>
>>> Hi,
>>>
>>> I would like to review our UMA implementation (which is based on v1), and
>>> get it aligned with the new version, v2.
>>>
>>> One of the main changes we need is that now UMA has a specific grant type
>>> that should be used by clients to obtain RPTs. The Authorization API no
>>> longer exists.
>>>
>>> Other changes are basically related with parts of the specs we are
>>> missing
>>> that don't really bring issues for people already using UMA in Keycloak.
>>> But new features and better UMA support.
>>>
>>> My question is if it is reasonable to have those changes in 3.2.0.CR1 and
>>> how ? For instance, if we decide to have those changes in, specially the
>>> new UMA grant type, should we keep/deprecate the legacy Authorization API
>>> for backward compatibility or just remove it from AuthZ REST API ?
>>>
>>> Regards.
>>> Pedro Igor
>>> _______________________________________________
>>> keycloak-dev mailing list
>>> keycloak-dev at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>>
>>
>>
>


More information about the keycloak-dev mailing list