Chapter 14. Protocols and profiles using OAuth 2.0

 

This chapter covers

  • User Managed Access (UMA), a protocol built on top of OAuth 2.0 for dynamic consent and policy management
  • Health Relationship Trust (HEART), a profile of OAuth 2.0, OpenID Connect (OIDC), and UMA for healthcare-related scenarios
  • International Government (iGov), a profile of OAuth 2.0 and OpenID Connect for government services

As you’ve seen by now, OAuth 2.0 is a powerful protocol, and it’s good at what it does: delegation of access rights and communication of that authorization across HTTP. OAuth can’t do many things on its own. If you need to go beyond what OAuth offers, it’s a valuable tool in the toolbox, but it’s not the only tool at your disposal. OAuth is a versatile building block in more complex systems.

14.1. User Managed Access (UMA)

14.2. Health Relationship Trust (HEART)

14.3. International Government Assurance (iGov)

14.4. Summary

sitemap