The document discusses a concept for centralized web access management using open source SAML and OAuth2 software. It involves using a UMA Authorization Server where a user authenticates via SAML single sign-on to an identity provider. The UMA Authorization Server then authorizes access tokens for a given scope to consolidated UMA Resource and Relying Party servers. However, it is noted that in some cases the Relying Party should not act as the Resource Server, such as when a mobile app is the client rather than the resource server itself.