Skip to main content

Configuring Resource Definitions

The Resources and Scopes known to the Authorization Server (AS) can by found at the AS registry API: ex AS_BASE_URL/registry/resource/resource_definition/. These resource definitions combine Resource Types and Scopes into the API definition supported by the AS.

Note

For each Resource Definition (Resource Type and Scopes) at the Authorization Server, the Wallet should have a corresponding configuration.

Sample Requests

Add a Resource Definition managed by an Authorization Server

curl -X POST {{WS_ADMIN_URI}}/resource-type/1/resourceDefinitions' \
--header 'Content-Type: application/vnd.api+json' \
--header 'ApiVersion: v1.0' \
--header 'Authorization: {{WS_ADMIN_STATIC_TOKEN}}' \
--header 'Accept-Language: en' \
--data-raw '{
"data": {
"type": "resource-definition",
"id": 1,
"attributes": {
"identifier": "identity-profile-res-def",
"name": "Identity Profile Res Def",
"logoUrl": "http://localhost",
"informationUri": "http://localhost",
"styleColor": "#FFFFFF",
"styleFontColor": "#000000"
},
"relationships": {
"authorizationServer": {
"data": {
"type": "authorization-server",
"id": 1
}
},
"resourceScopes": {
"data": [{
"type": "resource-scope",
"id": 1
}]
}
}
}
}'

Get information about a Resource Definition

curl -X GET '{{WS_ADMIN_URI}}/resource-type/1/resourceDefinitions' \
--header 'Content-Type: application/vnd.api+json' \
--header 'ApiVersion: v1.0' \
--header 'Authorization: {{WS_ADMIN_STATIC_TOKEN}}' \

Update a Resource Definition

curl -X PATCH '{{WS_ADMIN_URI}}/resource-definition/1' \
--header 'Content-Type: application/vnd.api+json' \
--header 'ApiVersion: v1.0' \
--header 'Authorization: {{WS_ADMIN_STATIC_TOKEN}}' \
--header 'Accept-Language: en' \
--data-raw '{
"data": {
"type": "resource-definition",
"id": 1,
"attributes": {
"identifier": "health-record-res-def",
"name": "Health Record Res Def",
"logoUrl": "https://localhost",
"informationUri": "https://localhost",
"styleColor": "#AAAAAA",
"styleFontColor": "#000000"
},
"relationships": {
"authorizationServer": {
"data": {
"type": "authorization-server",
"id": 1
}
},
"resourceScopes": {
"data": [
{
"type": "resource-scope",
"id": 1
},
{
"type": "resource-scope",
"id": 2
}
]
}
}
}
}'

Verify using the Wallet Application API: https://WALLET_BASE_URL/registry/authorization-servers/identos/resources

Request Attributes

ParameterDescriptionExample valueRequiredLocalizable
identifierAn identifier for the resource definitionidentity-profile-res-defYesNo
nameA human-readable name for the resource definitionIdentity Profile Res DefYesYes
logoUrlA URL to fetch a logo image fromhttp://localhostYesNo
informationUriA URI where more information about the resource definition may be foundhttp://localhostNoNo
styleColorA background color in the Wallet UI#FFFFFFNoNo
styleFontColorFont color in the Wallet UI#000000NoNo
RelationshipDescriptionRequired
resourceTypeThe type of this resource definition. See the URL of the example request above.Yes
authorizationServerThe Authorization Server that protects the defined resource. See the example request above.Yes
resourceScopesOne or more scopes to associate with this resource definition. See the example request above.Yes

For details on how to add localization options for a Resource Definition, refer to the Localization for the Wallet Server API chapter.