2016-11-29 15:30:53 +00:00
[[_resource_create]]
2022-04-18 14:10:57 +00:00
= Creating resources
2016-06-05 22:17:31 +00:00
2016-09-09 03:53:39 +00:00
Creating a resource is straightforward and generic. Your main concern is the granularity of the resources you create. In other words, resources can
2016-11-15 21:34:20 +00:00
be created to represent a set of one or more resources and the way you define them is crucial to managing permissions.
2016-06-05 22:17:31 +00:00
2022-07-25 20:36:51 +00:00
ifeval::[{project_community}==true]
To create a new resource, click *Create resource*.
endif::[]
ifeval::[{project_product}==true]
2016-11-15 21:34:20 +00:00
To create a new resource, click *Create* in the right upper corner of the resource listing.
2022-07-25 20:36:51 +00:00
endif::[]
2016-06-14 23:50:50 +00:00
2022-04-18 14:10:57 +00:00
.Add resource
image:{project_images}/resource/create.png[alt="Add resource"]
2016-06-14 23:50:50 +00:00
2017-08-28 12:50:14 +00:00
In {project_name}, a resource defines a small set of information that is common to different types of resources, such as:
2016-06-05 22:17:31 +00:00
* *Name*
+
2016-09-09 03:53:39 +00:00
A human-readable and unique string describing this resource.
2016-07-26 21:34:49 +00:00
2016-11-29 15:30:53 +00:00
[[_resource_create_type]]
2016-06-05 22:17:31 +00:00
* *Type*
+
2016-09-09 03:53:39 +00:00
A string uniquely identifying the type of a set of one or more resources. The type is a _string_ used to group different resource instances.
For example, the default type for the default resource that is automatically created is `urn:resource-server-name:resources:default`
2016-06-14 23:50:50 +00:00
2016-11-29 15:30:53 +00:00
[[_resource_create_uri]]
2018-07-16 08:25:03 +00:00
* *URIS*
2016-06-05 22:17:31 +00:00
+
2018-07-16 08:25:03 +00:00
URIS that provides the locations/addresses for the resource. For HTTP resources, the URIS
are usually the relative paths used to serve these resources.
2016-06-05 22:17:31 +00:00
+
* *Scopes*
+
2016-11-15 21:34:20 +00:00
One or more scopes to associate with the resource.
2016-06-05 22:17:31 +00:00
2022-04-18 14:10:57 +00:00
== Resource attributes
2018-03-19 16:19:35 +00:00
2018-03-21 12:50:34 +00:00
Resources may have attributes associated with them. These attributes can be used to provide additional information about
a resource and to provide additional information to policies when evaluating permissions associated with a resource.
2018-03-19 16:19:35 +00:00
2018-03-21 12:50:34 +00:00
Each attribute is a key and value pair where the value can be a set of one or many strings. Multiple values can be defined for an attribute by separating each value with a comma.
2018-03-19 16:19:35 +00:00
2022-04-18 14:10:57 +00:00
== Typed resources
2016-06-05 22:17:31 +00:00
2016-11-15 21:34:20 +00:00
The type field of a resource can be used to group different resources together, so they can be protected using a common set of permissions.
2016-06-05 22:17:31 +00:00
2022-04-18 14:10:57 +00:00
== Resource owners
2018-03-19 16:19:35 +00:00
2016-06-05 22:17:31 +00:00
Resources also have an owner. By default, resources are owned by the resource server.
2016-11-15 21:34:20 +00:00
However, resources can also be associated with users, so you can create permissions based on the resource owner. For example, only the resource owner is allowed to delete or update a given resource.
2016-06-05 22:17:31 +00:00
2022-04-18 14:10:57 +00:00
== Managing resources remotely
2016-06-05 22:17:31 +00:00
2017-08-28 12:50:14 +00:00
Resource management is also exposed through the <<_service_protection_api, Protection API>> to allow resource servers to remotely manage their resources.
2016-06-05 22:17:31 +00:00
When using the Protection API, resource servers can be implemented to manage resources owned by their users. In this case, you can
specify the user identifier to configure a resource as belonging to a specific user.
[NOTE]
2017-08-28 12:50:14 +00:00
{project_name} provides resource servers complete control over their resources. In the future, we should be able to
2017-10-09 06:38:46 +00:00
allow users to control their own resources as well as approve authorization requests and manage permissions, especially when using the UMA protocol.