Seen on Twitter last week:
This isn’t a weird sentiment at all -- and OAuth helps some -- but unfortunately OAuth doesn’t specialize in consumer-driven data sharing. Businesses are leaving data-sharing opportunities on the table. But to take advantage of those opportunities, they’ll need a different standard, User-Managed Access (UMA), the OAuth-based Kantara Initiative standard for adding “Share” functionality to services, apps, and devices. It gives a web user a unified control point for authorizing who, when, and what can get access to their online personal data.
The standards effort that produced UMA V1.0 is moving into an exciting new phase this week, and ForgeRock is thrilled to be part of it. A companion to the UMA Work Group, called the UMA Developer Resources Work Group (UMA Dev WG for short), is launching at Kantara with the goal of developing open-source implementation toolkits. The UMA standard has already received support from major government and healthcare organizations such as the Government of New Zealand and Philips.
Why is this activity valuable? According to recent Pew Research, 91 percent of Americans agree or strongly agree that consumers have lost control over collection and use of their personal information. ForgeRock’s OpenUMA support within our ForgeRock Identity Platform™ is designed to help empower customers and citizens to manage their own digital privacy. Protocol ecosystems thrive when all the stakeholders can reduce the costs of beginning to communicate -- and they can become more secure when open-source software can be inspected and vetted by many eyeballs. To attract app developers and deployers to the benefits of UMA, we think it’s a great idea to eliminate the difficulty of UMA-enabling those apps -- UMAfying them, if you will.
We invite all interested parties to check out the group wiki and join us on the group! As a bonus, check out our recent ForgeRock webinar on our forthcoming OpenUMA product, our press release, and our open-source OpenUMA project.