2. Create a Basic Resource
🌟 Key Concept: A Resource is a piece of digital content that's accessible over the web. Resources can vary in complexity from a simple email address to more complex content such as web pages and healthcare data.
This example setup demonstrates how to create a basic Resource using the IDENTOS Authorization Server.
TODO: Add overview diagram with step emphasized.
This setup will use a fake Resource that... TODO: Introduce example.
Introspection?
To create a Resource in the Authorization Server, we need to:
- Define basic scopes (permissions such as read, write, etc.) in the Authorization Server (if not already defined).
- Create a Resource Definition in the Authorization Server and specify what scope(s) can be used to access it.
- Create a Resource in the Authorization Server that corresponds to an actual Resource in the Resource Server.
For our example, we'll assume that our Resource Server is already populated with Resources (patient records containing blood glucose levels).
For the Authorization Server to read the blood glucose levels, we'll need to define the read scope (1), create the blood-glucose-level Resource Definition (2), and create a Resource representing an actual blood glucose level stored in the Resource Server (3).
For a full explanation of each operation and its parameters, see Create a Resource.
Define Scopes
Run the Admin API call below to add the read scope and write scopes to the Authorization Server's scope database.
Since these are the first scopes in our Authorization Server, the read scope will be id = 1 in the scope database, and the write scope will be id = 2.
Create a Resource Definition
Run the Admin API call below to add the blood-glucose-level Resource Definition to the Authorization Server's resource-definition database, and allow Resources of this type to be accessed with both the read scope (id = 1) and write scope (id = 2).
Since blood-glucose-level is the first Resource Definition in the Authorization Server, it will be id = 1 in the resource-definition database.
Create a Resource
Run the Admin API call below to add the bg1_patient-rs Resource located at https://patient-rs.fakehospital.com/resource/patient-record to the Authorization Server's resource database, and make it so that this particular Resource can only be accessed with the read scope (id = 1).
We'll also need to associate it with the blood-glucose-level Resource Definition (id = 1) and the Patient Resource Server Resource Server (id = 1).
View the Resource (Optional)
Now run the API call below to view the Resource in the Authorization Server.
Next Steps
✅ You just created a basic Resource in the Authorization Server!
- Next step: Proceed to 3. Create a Basic Client to learn how to define a Client with permissions for accessing the basic Resource you created.
- Learn more: Read the Create a Resource guide to learn more about creating, updating, and deleting resources in the Authorization Server