Answers:

1. What is the scope of UAA?

A: To be a OAuth 2 and OpenID Connect 1.0 compliant authorization
server with support for federation with external identity providers.

2. Is it limited to an IAM of CF devops users?

A: No, it's being used stand along too.

3. If not, can it be deployed as a generic IAM solution? How scalable
it is?

It relies on a single database back end. The UAA application itself
scales horizontally.
We develop features first and address bottlenecks as they come up.
We've already accepted several pull requests on Github with performance
improvements. There are many areas where this can be improved and we try to
address them as soon as they become an issue.

4. Has anybody used it in production for application IAM? If yes,
please share your experience?

I'll let other members of the group answer this. The answer is yes.

5. Is SCIM 2.0 in roadmap? If yes, is ETA available?

We are evaluating this right now.

6. Is OTP in roadmap? If yes, is ETA available?

Yes, we are working on a proposal right now. Should publish it on this
list in the next couple of weeks.


On Tue, Jun 27, 2017 at 8:31 AM, Jugaadi Da <bibin.abraham.dev(a)gmail.com>
wrote:

Team,

Doubts:

1. What is the scope of UAA?
2. Is it limited to an IAM of CF devops users?
3. If not, can it be deployed as a generic IAM solution? How scalable
it is?
4. Has anybody used it in production for application IAM? If yes,
please share your experience?
5. Is SCIM 2.0 in roadmap? If yes, is ETA available?
6. Is OTP in roadmap? If yes, is ETA available?


Thanks and Regards

jugaadi :-)