== Enabling Authorization Services To turn your client application into a resource server and enable fine-grained authorization, click on the `Authorization Services Enable` switch and turn it `ON`. .Enabling Authorization Services image:../../images/resource-server/client-enable-authz.png[alt="Enabling Authorization Services"] Finally, click `Save`. When you do that, a new `Authorization` tab will show up. Click on this tab and you should see a page like that. .Resource Server Settings image:../../images/resource-server/authz-settings.png[alt="Resource Server Settings"] The `Authorization` tab provides a few additional tabs covering the different steps that you should follow to actually protect your application's resources. Each tab is covered separately by a specific topic in this documentation. But here is a quick description about each one: * *Settings* + General settings for your resource server. More details about this page in this section. * *Resource* + From this tab, you can manage your application's link:../resource/overview.html[Resources]. * *Scope* + From this tab, you can manage link:../resource/overview.html[Scopes]. * *Policies* + From this tab, you can manage link:../policy/overview.html[Authorization Policies] and define the conditions that must be met in order to grant a permission. * *Permissions* + From this tab, you can manage the link:../permission/overview.html[Permissions] for your protected resources and scopes by linking them with the policies you created. * *Evaluate* + From this tab, you can link:../policy-evaluation-tool/overview.html[Simulate Authorization Requests] and check the result of the evaluation of the permissions and authorization policies you have defined. === Resource Server Settings Let’s walk through each configuration item on this page. * *Policy Enforcement Mode* + Dictates how policies are enforced when processing authorization requests sent to the server. + ** *Enforcing* + This is the default mode. Requests are denied by default even when there is no policy associated with a given resource. + ** *Permissive* + Requests are allowed even when there is no policy associated with a given resource. ** *Disabled* + Completely disables the evaluation of policies and allow access to any resource. + * *Allow Remote Resource Management* + Should resources be managed remotely by the resource server? If false, resources can only be managed from this admin console. + * *Export Settings* + In this section you can export all settings to a JSON file. It provides a single `Export` button that you can click to download a JSON file containing every single configuration defined for a resource server: protected resources, scopes, permissions and policies.