Description
User-Managed Access (UMA) support
Problem
FusionAuth currently provides roles as part of our OpenID Connect JWTs that backends can use to authorize user's. This relies on OIDC integration in many cases. Although FusionAuth also returns JWTs as our OAuth access tokens, many third-party libraries don't support this. A more standardize OAuth only authorization workflow could provide a better solution for those that don't want to implement the OIDC integration of FUsionAuth.
Solution
One solution is UMA, which can leverage OAuth 2.0 along with tickets exchanged by backends to provide authorization. This solution is moving towards an accepted IETF specification.
Here is the UMA website that links to the specifications:
https://kantarainitiative.org/confluence/display/uma/Home
Related Links
https://docs.kantarainitiative.org/uma/wg/rec-oauth-uma-grant-2.0.html
How to vote
Please give us a thumbs up or thumbs down as a reaction to help us prioritize this feature. Feel free to comment if you have a particular need or comment on how this feature should work.