keycloak-scim/topics/permission/create-resource.adoc
2017-01-05 14:54:31 -02:00

41 lines
No EOL
1.4 KiB
Text
Executable file

[[_permission_create_resource]]
=== Creating Resource-Based Permissions
A resource-based permission defines a set of one or more resources to protect using a set of one or more authorization policies.
To create a new resource-based permission, select *Resource-based* in the dropdown list in the upper right corner of the permission listing.
.Add Resource-Based Permission
image:../../{{book.images}}/permission/create-resource.png[alt="Add Resource-Based Permission"]
==== Configuration
* *Name*
+
A human-readable and unique string describing the permission. A best practice is to use names that are closely related to your business and security requirements, so you
can identify them more easily.
+
* *Description*
+
A string containing details about this permission.
[[_permission_create_resource_apply_resource_type]]
* *Apply To Resource Type*
+
Specifies if the permission is applied to all resources with a given type. When selecting this field, you are prompted to enter the resource type to protect.
+
** Resource Type
+
Defines the resource type to protect. When defined, this permission is evaluated for all resources matching that type.
+
* *Resources*
+
Defines a set of one or more resources to protect.
* *Apply Policy*
+
Defines a set of one or more policies to associate with a permission.
* *Decision Strategy*
+
The <<fake/../decision-strategy.adoc#_permission_decision_strategies, Decision Strategy>> for this permission.