If you check out the recording of the UMA webinar from last week, you'll see a
demo (starting at about the 33:00 mark) that shows individual user data being
accessed according to ACL-type authorization policy settings, with the resource
owner able to set these policies and then not have to be on
I would also recommend looking at User-Managed-Access which provides
this kind of layer on top of OAuth2.
http://kantarainitiative.org/confluence/display/uma/UMA+Explained
Thanks,
George
On 12/18/11 12:05 PM, Melvin Carvalho wrote:
Quick question. I was wondering if OAuth 2.0 can work with a
: oauth@ietf.org
Sent: Sunday, December 18, 2011 9:05 AM
Subject: [OAUTH-WG] OAuth 2.0 and Access Control Lists (ACL)
Quick question. I was wondering if OAuth 2.0 can work with access
control lists.
For example there is a protected resource (e.g. a photo), and I want
to set it up so that a two or
rom: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf Of
Melvin Carvalho
Sent: Sunday, December 18, 2011 12:06 PM
To: oauth@ietf.org
Subject: [OAUTH-WG] OAuth 2.0 and Access Control Lists (ACL)
Quick question. I was wondering if OAuth 2.0 can work with access
control lists.
For exa
On 18 December 2011 17:22, Doug Tangren wrote:
>
> On Sun, Dec 18, 2011 at 12:05 PM, Melvin Carvalho
> wrote:
>>
>> Is this kind of flow possibly with OAuth 2.0, and if so whose
>> responsibility is it to maintain the list of agents than can access
>> the resource?
>
> The scope parameter fulfill
On Sun, Dec 18, 2011 at 12:05 PM, Melvin Carvalho
wrote:
> Quick question. I was wondering if OAuth 2.0 can work with access
> control lists.
>
> For example there is a protected resource (e.g. a photo), and I want
> to set it up so that a two or more users (for example a group of
> friends) U1,
Quick question. I was wondering if OAuth 2.0 can work with access
control lists.
For example there is a protected resource (e.g. a photo), and I want
to set it up so that a two or more users (for example a group of
friends) U1, U2 ... Un will be able to access it after authenticating.
Is this ki