IAM in Service Catalog
Using the terminology promoted in the Internet2 Grouper project, specific group namespaces are referred to as "stems". A stem is created for the purpose of creating and managing groups (and other stems) based on it, and to control access to these operations. The entity (or entities) responsible for managing a stem is a "naming authority" for that stem. A naming authority may delegate control of namespaces based on its stem to other naming authorities.
Names and URIs
In many cases a group name is used in a context where it is understood to be a group name in the UW infrastructure space (e.g., the "require group foo" context in UW web access control for Apache). A short form is available for these contexts, as described in sections 3 and 4. For more general contexts, a URI form is also defined so that each group has a globally unique name.
Character set: Name components are limited to lowercase letters \[infra:a-z\], digits \[infra:0-9\], dash ("-"), and period (".").