Smart User Managed Access Demo

From IIW

Session Topic: UMA SMART AM Demo (W2E)

Convener: Maciej M. ,Lukasz

Notes-taker(s): Maciej W.

Tags for the session - technology discussed/ideas considered:


Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

1. Smart AM, Gallerify, Smart fetch explanation - which party does what and how.


2. Registering an album at Gallerify.me


3. Loging into Smart AM by means of ID provider - Facebook for the
purpose of this use case.


4. Smart AM as a predefined AM - granting it access at Gallerify.


5. Explanation of providing sharing permissions to the AM form a Host
application (Gallerify.me in this case).


6. Suggestion of introducing a new feature of Import/export
permissions from/to another application.


7. Setting up sharing permissions.


8. Posting on the Facebook wall.

9. Accessing data by means of a requester application: http://smartfetch.netin this case.


10. OAuth flow - notification about the location of the data and
allowing saring permissions.


11. Q: Accessing registered resources as a Smart AM non-user.
Providing Smart AM only with a proof of identity (by means of Facebook
in this case).


12. Revoking access and changin permissions. Accessing data only with
an external application.


13. Denying access with host application (Gallerify.me in this case).


14. Redirection problem. Authorising Facebook to be and extension to
be also an ID provider.


15. Facebook friends for the purpose of this use case.


16. Future features.


17. Q: Does Gallerify.me know the access request to the Smart AM?