About IG As an UMA Resource Server

The following figure shows an UMA environment, with IG protecting a resource, and AM acting as an authorization server. For information about UMA, see AM's User-Managed Access (UMA) 2.0 Guide.

UMA Architecture

The following figure shows the data flow when the resource owner registers a resource with AM, and sets up a share using a Protection API Token (PAT):

UMA 2.0 Protecting a Resource Flow

The following figure shows the data flow when the client accesses the resource, using a Requesting Party Token (RPT):

UMA 2.0 Grant Flow Process

For information about CORS support, see Configuring CORS Support in AM's Security Guide. This procedure describes how to modify the AM configuration to allow cross-site access.

Read a different version of :