<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-family: Calibri, sans-serif;">
<div>
<div>
<div>
<div>Humm, where is “resource_set_registration_endpoint”? See below what I’m getting from the well-known endpoint. What is the usual value for “resource_set_registration_endpoint” e.g. considering the root as http://localhost:8080/uma-server-webapp-1.2.2?</div>
<div><br>
</div>
<div>{</div>
<div> "request_parameter_supported":true,</div>
<div> "claims_parameter_supported":false,</div>
<div> "introspection_endpoint":"http://localhost:8080/uma-server-webapp-1.2.2/introspect",</div>
<div> "scopes_supported":[</div>
<div> "openid",</div>
<div> "profile",</div>
<div> "email",</div>
<div> "address",</div>
<div> "phone",</div>
<div> "offline_access"</div>
<div> ],</div>
<div> "issuer":"http://localhost:8080/uma-server-webapp-1.2.2/",</div>
<div> "userinfo_encryption_enc_values_supported":[</div>
<div> "A256CBC+HS512",</div>
<div> "A256GCM",</div>
<div> "A192GCM",</div>
<div> "A128GCM",</div>
<div> "A128CBC-HS256",</div>
<div> "A192CBC-HS384",</div>
<div> "A256CBC-HS512",</div>
<div> "A128CBC+HS256"</div>
<div> ],</div>
<div> "id_token_encryption_enc_values_supported":[</div>
<div> "A256CBC+HS512",</div>
<div> "A256GCM",</div>
<div> "A192GCM",</div>
<div> "A128GCM",</div>
<div> "A128CBC-HS256",</div>
<div> "A192CBC-HS384",</div>
<div> "A256CBC-HS512",</div>
<div> "A128CBC+HS256"</div>
<div> ],</div>
<div> "authorization_endpoint":"http://localhost:8080/uma-server-webapp-1.2.2/authorize",</div>
<div> "service_documentation":"http://localhost:8080/uma-server-webapp-1.2.2/about",</div>
<div> "request_object_encryption_enc_values_supported":[</div>
<div> "A256CBC+HS512",</div>
<div> "A256GCM",</div>
<div> "A192GCM",</div>
<div> "A128GCM",</div>
<div> "A128CBC-HS256",</div>
<div> "A192CBC-HS384",</div>
<div> "A256CBC-HS512",</div>
<div> "A128CBC+HS256"</div>
<div> ],</div>
<div> "userinfo_signing_alg_values_supported":[</div>
<div> "HS256",</div>
<div> "HS384",</div>
<div> "HS512",</div>
<div> "RS256",</div>
<div> "RS384",</div>
<div> "RS512",</div>
<div> "ES256",</div>
<div> "ES384",</div>
<div> "ES512",</div>
<div> "PS256",</div>
<div> "PS384",</div>
<div> "PS512"</div>
<div> ],</div>
<div> "claims_supported":[</div>
<div> "sub",</div>
<div> "name",</div>
<div> "preferred_username",</div>
<div> "given_name",</div>
<div> "family_name",</div>
<div> "middle_name",</div>
<div> "nickname",</div>
<div> "profile",</div>
<div> "picture",</div>
<div> "website",</div>
<div> "gender",</div>
<div> "zone_info",</div>
<div> "locale",</div>
<div> "updated_at",</div>
<div> "birthdate",</div>
<div> "email",</div>
<div> "email_verified",</div>
<div> "phone_number",</div>
<div> "phone_number_verified",</div>
<div> "address"</div>
<div> ],</div>
<div> "claim_types_supported":[</div>
<div> "normal"</div>
<div> ],</div>
<div> "op_policy_uri":"http://localhost:8080/uma-server-webapp-1.2.2/about",</div>
<div> "token_endpoint_auth_methods_supported":[</div>
<div> "client_secret_post",</div>
<div> "client_secret_basic",</div>
<div> "client_secret_jwt",</div>
<div> "private_key_jwt",</div>
<div> "none"</div>
<div> ],</div>
<div> "token_endpoint":"http://localhost:8080/uma-server-webapp-1.2.2/token",</div>
<div> "response_types_supported":[</div>
<div> "code",</div>
<div> "token"</div>
<div> ],</div>
<div> "request_uri_parameter_supported":false,</div>
<div> "userinfo_encryption_alg_values_supported":[</div>
<div> "RSA-OAEP",</div>
<div> "RSA-OAEP-256",</div>
<div> "RSA1_5"</div>
<div> ],</div>
<div> "grant_types_supported":[</div>
<div> "authorization_code",</div>
<div> "implicit",</div>
<div> "urn:ietf:params:oauth:grant-type:jwt-bearer",</div>
<div> "client_credentials",</div>
<div> "urn:ietf:params:oauth:grant_type:redelegate"</div>
<div> ],</div>
<div> "revocation_endpoint":"http://localhost:8080/uma-server-webapp-1.2.2/revoke",</div>
<div> "userinfo_endpoint":"http://localhost:8080/uma-server-webapp-1.2.2/userinfo",</div>
<div> "token_endpoint_auth_signing_alg_values_supported":[</div>
<div> "HS256",</div>
<div> "HS384",</div>
<div> "HS512",</div>
<div> "RS256",</div>
<div> "RS384",</div>
<div> "RS512",</div>
<div> "ES256",</div>
<div> "ES384",</div>
<div> "ES512",</div>
<div> "PS256",</div>
<div> "PS384",</div>
<div> "PS512"</div>
<div> ],</div>
<div> "op_tos_uri":"http://localhost:8080/uma-server-webapp-1.2.2/about",</div>
<div> "require_request_uri_registration":false,</div>
<div> "id_token_encryption_alg_values_supported":[</div>
<div> "RSA-OAEP",</div>
<div> "RSA-OAEP-256",</div>
<div> "RSA1_5"</div>
<div> ],</div>
<div> "jwks_uri":"http://localhost:8080/uma-server-webapp-1.2.2/jwk",</div>
<div> "subject_types_supported":[</div>
<div> "public",</div>
<div> "pairwise"</div>
<div> ],</div>
<div> "id_token_signing_alg_values_supported":[</div>
<div> "HS256",</div>
<div> "HS384",</div>
<div> "HS512",</div>
<div> "RS256",</div>
<div> "RS384",</div>
<div> "RS512",</div>
<div> "ES256",</div>
<div> "ES384",</div>
<div> "ES512",</div>
<div> "PS256",</div>
<div> "PS384",</div>
<div> "PS512",</div>
<div> "none"</div>
<div> ],</div>
<div> "registration_endpoint":"http://localhost:8080/uma-server-webapp-1.2.2/register",</div>
<div> "request_object_signing_alg_values_supported":[</div>
<div> "HS256",</div>
<div> "HS384",</div>
<div> "HS512",</div>
<div> "RS256",</div>
<div> "RS384",</div>
<div> "RS512",</div>
<div> "ES256",</div>
<div> "ES384",</div>
<div> "ES512",</div>
<div> "PS256",</div>
<div> "PS384",</div>
<div> "PS512"</div>
<div> ],</div>
<div> "request_object_encryption_alg_values_supported":[</div>
<div> "RSA-OAEP",</div>
<div> "RSA-OAEP-256",</div>
<div> "RSA1_5"</div>
<div> ]</div>
<div>}</div>
</div>
<div>
<div id="MAC_OUTLOOK_SIGNATURE"></div>
</div>
</div>
</div>
<div><br>
</div>
<div>Regards,</div>
<div>Luiz</div>
<div><br>
</div>
<span id="OLK_SRC_BODY_SECTION">
<div style="font-family:Calibri; font-size:12pt; text-align:left; color:black; BORDER-BOTTOM: medium none; BORDER-LEFT: medium none; PADDING-BOTTOM: 0in; PADDING-LEFT: 0in; PADDING-RIGHT: 0in; BORDER-TOP: #b5c4df 1pt solid; BORDER-RIGHT: medium none; PADDING-TOP: 3pt">
<span style="font-weight:bold">From: </span><<a href="mailto:mitreid-connect-bounces@mit.edu">mitreid-connect-bounces@mit.edu</a>> on behalf of Justin Richer<br>
<span style="font-weight:bold">Date: </span>Monday, November 23, 2015 at 6:23 PM<br>
<span style="font-weight:bold">To: </span>"<a href="mailto:mitreid-connect@mit.edu">mitreid-connect@mit.edu</a>"<br>
<span style="font-weight:bold">Subject: </span>Re: [mitreid-connect] UMA Resource Set creation<br>
</div>
<div><br>
</div>
<div>
<div bgcolor="#FFFFFF" text="#000000">This is a broken part of the UMA spec. You need to add "/resource_set" to the end of the value in "resource_set_registration_endpoint" in the discovery document. "registration_endpoint" is for dynamic client registration.
<br>
<br>
There is not currently any UI to interact with the resource set registration because this is intended to be an action taken by *resource servers* and not by users directly. The self-service developer protected resource registration is not for UMA-style protected
resources but rather for OAuth protected resources that are set up to use token introspection.<br>
<br>
Hope that helps,<br>
-- Justin<br>
<br>
<div class="moz-cite-prefix">On 11/23/2015 4:20 PM, Luiz Omori wrote:<br>
</div>
<blockquote cite="mid:0351AB20-37B4-43EA-93C6-C9EA6BAE0116@dm.duke.edu" type="cite">
<div>Hi,</div>
<div><br>
</div>
<div>We are looking into the UMA implementation and have some basic questions. Is there a way to register resource sets (as in <a moz-do-not-send="true" href="https://docs.kantarainitiative.org/uma/draft-oauth-resource-reg.html">https://docs.kantarainitiative.org/uma/draft-oauth-resource-reg.html</a>)
through the UI? If not, what is the endpoint for that? We tried the registration endpoint from the well-known response but it didn’t work (<a moz-do-not-send="true" href="http://localhost:8080/uma-server-webapp-1.2.2/.well-known/openid-configuration">http://localhost:8080/uma-server-webapp-1.2.2/.well-known/openid-configuration</a> ->
"registration_endpoint":"<a class="moz-txt-link-freetext" href="http://localhost:8080/uma-server-webapp-1.2.2/register”">http://localhost:8080/uma-server-webapp-1.2.2/register”</a>)</div>
<div><br>
</div>
<div>Regards,</div>
<div>Luiz</div>
<div></div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset> <br>
<pre wrap="">_______________________________________________
mitreid-connect mailing list
<a class="moz-txt-link-abbreviated" href="mailto:mitreid-connect@mit.edu">mitreid-connect@mit.edu</a><a class="moz-txt-link-freetext" href="http://mailman.mit.edu/mailman/listinfo/mitreid-connect">http://mailman.mit.edu/mailman/listinfo/mitreid-connect</a></pre>
</blockquote>
<br>
</div>
</div>
</span>
</body>
</html>