Access Management
Get Started

1. Create a Basic Resource Server

🌟 Key Concept: A Resource Server is a server that hosts protected Resources that can be accessed over the web through the Resource Server's API.

This example setup demonstrates how to create a basic Resource Server using the IDENTOS Authorization Server.

TODO: Add overview diagram with step emphasized.

This setup will use a fake Resource Server that... TODO: Introduce example.

Prerequisites

If you'd like to try this setup yourself, please note the following assumptions:

  1. You should have admin access to an IDENTOS Authorization Server that's already installed and running (this should already be setup for you).
  2. You should know how to make API calls using cURL (client URL command line utility).

Each step involves making one or more API calls to the Authorization Server. For each API call, you'll need to replace the following placeholders with the right values according to your Authorization Server's configuration:

Placeholder

Description

Example Value

{{AS_URL}}

The base URL of your Authorization Server.

http://localhost:9091

{{AS_ADMIN_URI}}

The URI of your Authorization Server's Admin API. In most cases, this URI will end with /json-api.

http://localhost:9091/json-api

{{AS_ADMIN_STATIC_TOKEN}}

A static authorization token for accessing your Authorization Server's Admin API.

c96584c7-05ca-4df3-b935-98a4fc7d7bbc

Not sure about something? Don't worry, we've got you covered! Visit our Learn the Basics section to explore key concepts and articles, or contact support for help with your IDENTOS configuration. Each step will also guide you through related concepts.

Step-by-Step Setup

To create a Resource Server in the Authorization Server, we need to:

  1. Define the Resource Server as an OAuth client in the Authorization Server.
  2. Create the Resource Server record in the Authorization Server.

For our example, we'll create a Resource Server named Patient Resource Server that's accessible at the URL https://patient-rs.fakehospital.com. For simplicity, we'll assume that the Resource Server has a clientSecret of badpassword.

For a full explanation of each operation and its parameters, see Create a Resource Server.

1

Define the Resource Server as an OAuth Client

Run the Admin API call below to define the patient-rs Resource Server as an OAuth 2.0 client in the Authorization Server's oauth-client-metadata and oauth-client databases.

Since this will be the first OAuth client in our Authorization Server, the blood-glucose-app will be id = 1 in both databases.

Curl

2

Create the Resource Server Record

Run the Admin API call below to also add the patient-rs Resource Server to the Authorization Server's resource-server database, and associate it with the OAuth client definition (id = 1) we created for it in the previous step.

Since this will be the first Resource Server in our Authorization Server, the patient-rs Resource Server will be id = 1 in the resource-server database.

For a full explanation of each operation and its parameters, see Create a Resource Server.

Curl

3

(Optional) View the Resource Server

Now run the API call below to check if the Resource Server exists.

Curl


Next Steps

✅ You just created a basic Resource in the Authorization Server!

  • Next step: Proceed to 2. Create a Basic Resource to learn how to define a Resource within the basic Resource Server you created.
  • Learn more: Read the Create a Resource Server guide to learn more about creating, updating, and managing Resource Servers in the Authorization Server.