35.2.2 Creating a Resource

A Resource Server hosts protected resources. The resource server is capable of accepting and responding to protected resource requests using access tokens.

The important parameters used in the curl command to create a resource are:

• Name: Name of the Resource Server

• Scopes: The following two parameters are used

  • scopeName - Name of the scope

  • description - Description of the scope

• idDomain - Name of the IdentityDomain under which this resource server is created

• tokenAttributes - List of custom attributes that are sent by the server, as part of the access token. The attributes can be "STATIC" in which case the value is substituted as is. If "DYNAMIC", the attributeValue is evaluated and populated in the final AccessToken.

  Note:

  Scopes are referred to by prefixing the resource server name. This makes them unique across resource servers. 

Endpoint for CRUD operations:

http:<AdminServerHost:Port>/oam/services/rest/ssa/api/v1/oauthpolicyadmin/application

Note:

Use Content-Type:application/json in the REST API HTTP request. 

1. A sample curl command to create a resource using scopes is shown below.

   {"name":"ResServer1","description":"TestResourceServer","scopes":[{"scopeName":"scope1","description":"ViewPage"},{"scopeName":"scope2","description":"UpdatePage"},{"scopeName":"scope3","description":"ModifyPage"}],"tokenAttributes":[{"attrName":"sessionId","attrValue":"$session.id","attrType":"DYNAMIC"},{"attrName":"resSrvAttr","attrValue":"RESOURCECONST","attrType":"STATIC"}],"idDomain":"TestDomain1","audienceClaim":{"subjects":["ab0"]}}

   For more information on OAuth REST APIs, See REST API for OAuth in Oracle Access Manager.