NOTICE

The User Managed Access (UMA) specification does not support a mechanism for the Requesting Party (RqP) to "find" resources that are currently shared to them. This scenario provides a "value add" feature of the Resource Server (RS), the ability to "find" resources that are "Shared With" a given Requesting Party (RqP).

The Process

A Requesting Party (RqP) wants to find resources that are currently being "shared with" them. A list of shared resources is provided. The Requesting Party(RqP) can use the list of information to issue a UMA access request for a given resource.

The Sequence

• Requesting Party (RqP):
  • Authenticate to the Authorization Server (AS)
  • Submit request to Resource Server (RS) for resources that are "Shared With Me"
• Resource Server (RS):
  • Submit request to the Authorization Server (AS) for resources that are shared with the user (RqP)
• Authorization Server (AS):
  • Returns list of registered resources
• Resource Server (RS):
  • Obtains resource meta data related to the registered resource
  • Returns an array of resources