Welcome to the home page of the Java Identity API specification. Information on the progress of the creation of the specification is available to the public from this page. Links on the left-hand-side panel lead to the various publicly readable mailing lists, source code repository and issues tracker.
The objective of this project is to define application programming interfaces and identity interaction models that facilitate and control the use of identity by applications and in access control decisions.
To meet this objective, we will define interfaces that are integrated with the Java security model and that enable a declarative application programming style. We will also define interfaces to attach meta-data to identity attributes (e.g., email address, social security number, bank account number, date of birth, nationality, gender) and a vocabulary of identity characterizing meta-data (e.g., issuer, validity period, usage constraints) to be used in support of the identity interaction models. We will define an attribute service as the point of governance and of interaction with distributed sources of identity. We will also define interfaces that do the following:
A developer creates a prescription renewal application for use by subscribers of a health care provider. The developer uses the Java Identity API to reference attributes of the subscriber such as subscriber identifier, preferred pharmacy, renewable prescriptions, and service affiliation groups. The developer may also utilize attribute meta-data such as the last time the attributes were updated. The developer does not describe how the attributes are to be obtained. When the application is deployed by a specific health care provider, the attribute references are resolved against the distributed attribute sources and user authentication tokens in use by the health care provider. This linkage is established without recompiling or changing the application. Further, the governance aspects of the API support tracking and managing the use of attributes both within the application and in its communication with other components.