Configuring a Resource Server

Scope and Audience

This section is meant for an administrator of an FPX network and covers how to register a new Resource Server or update an existing one in an FPX environment using the Admin API.

Required Reference

The reader of this document should be familiar with the architecture and terminology associated with the FPX specification. This specification extends the UMA 2.0 specification by enabling privacy preservation and governable network actors.

If you are unfamiliar with Resource Definitions or Scopes, refer to the Glossary and the Partners section of the guide for more information before trying to add a resource definition.

Overview

Before a Resource Server can interact with a Federated Privacy Exchange (FPX) Network, an FPX Admin User must register their service at the Authorization Server (AS). This process can be done through the AS Admin API, either manually or through a scripted API sequence.

Onboarding is a two-step process. First, the Resource Server must be registered and set up as an OAuth 2.0 Client of the Authorization Server. Secondly, the FPX Admin User can register Resources to this Resource Server. If the FPX network is not set up to allow Resource Servers from registering their resources, this step is required.

Resources which are registered by the Admin User on the Resource Server's behalf, or registered by the Resource Server using the Resource Server's own PAT, are more general than standard UMA 2.0 resources. These resources may be mapped to a specific user's data during introspection through the ROT, a unique extension of FPX. For more information on the purpose and use of ROTs, refer to the Glossary and the Partners section of this guide.

Until Resources are defined, users will still be able to connect to the Resource Server but will be unable to share any data with Clients.