keycloak-scim/topics/permission/create-scope.adoc

== Creating Scope-based Permissions

A Scope-based permission defines a set of one or more scopes to protect using a set of one or more authorization policies. Unlike the resource-based permissions, this permission type
allows you to create permissions not only for a resource, but also for the scopes associated with it, providing more granularity when defining the permissions that govern your resources and the
actions that can be performed on them.

To create a new Scope-based permission, select the option *Scope-based* in the dropdown located in the right upper corner of the permission listing.

.Add Scope-Based Permission
image:../../images/permission/create-scope.png[alt="Add Scope-Based Permission"]

=== Configuration

* *Name*
+
A human-readable and unique string describing the permission. We strongly suggest you to use names that are closely related with your business and security requirements, so you
can identify them more easily and also know what they actually mean.
+
* *Description*
+
A string with more details about this permission.
+
* *Resource*
+
Restrict the scopes to those associated with the selected resource. If not selected all scopes would be available.
+
* *Scopes*
+
Defines a set of one or more scopes to protect.

* *Apply Policy*
+
Defines a set of one or more policies to associate with a permission.

* *Decision Strategy*
+
The link:decision-strategy.html[Decision Strategy] for this permission.
Fixes based on Stian feedback. 2016-07-26 21:34:49 +00:00			`== Creating Scope-based Permissions`
First bucket of documentation from docbook. 2016-05-31 20:36:14 +00:00
Fixing typos 2016-06-08 12:32:31 +00:00			`A Scope-based permission defines a set of one or more scopes to protect using a set of one or more authorization policies. Unlike the resource-based permissions, this permission type`
More screenshots. Reviewing getting started tutorials. 2016-06-14 23:50:50 +00:00			`allows you to create permissions not only for a resource, but also for the scopes associated with it, providing more granularity when defining the permissions that govern your resources and the`
More doc 2016-06-05 22:17:31 +00:00			`actions that can be performed on them.`

[KEYCLOAK-3546] - A lot of fixes and improvements to docs from srehorn. 2016-09-09 03:53:39 +00:00			`To create a new Scope-based permission, select the option Scope-based in the dropdown located in the right upper corner of the permission listing.`
More screenshots. Reviewing getting started tutorials. 2016-06-14 23:50:50 +00:00
			`.Add Scope-Based Permission`
			`image:../../images/permission/create-scope.png[alt="Add Scope-Based Permission"]`

			`=== Configuration`
More doc 2016-06-05 22:17:31 +00:00
			`* Name`
			`+`
			`A human-readable and unique string describing the permission. We strongly suggest you to use names that are closely related with your business and security requirements, so you`
[KEYCLOAK-3546] - A lot of fixes and improvements to docs from srehorn. 2016-09-09 03:53:39 +00:00			`can identify them more easily and also know what they actually mean.`
More doc 2016-06-05 22:17:31 +00:00			`+`
			`* Description`
			`+`
[KEYCLOAK-3546] - A lot of fixes and improvements to docs from srehorn. 2016-09-09 03:53:39 +00:00			`A string with more details about this permission.`
More doc 2016-06-05 22:17:31 +00:00			`+`
			`* Resource`
			`+`
[KEYCLOAK-3546] - A lot of fixes and improvements to docs from srehorn. 2016-09-09 03:53:39 +00:00			`Restrict the scopes to those associated with the selected resource. If not selected all scopes would be available.`
More doc 2016-06-05 22:17:31 +00:00			`+`
			`* Scopes`
			`+`
[KEYCLOAK-3546] - A lot of fixes and improvements to docs from srehorn. 2016-09-09 03:53:39 +00:00			`Defines a set of one or more scopes to protect.`
More doc 2016-06-05 22:17:31 +00:00
			`* Apply Policy`
			`+`
[KEYCLOAK-3546] - A lot of fixes and improvements to docs from srehorn. 2016-09-09 03:53:39 +00:00			`Defines a set of one or more policies to associate with a permission.`
More doc 2016-06-05 22:17:31 +00:00
			`* Decision Strategy`
			`+`
[KEYCLOAK-3546] - A lot of fixes and improvements to docs from srehorn. 2016-09-09 03:53:39 +00:00			`The link:decision-strategy.html[Decision Strategy] for this permission.`