2. Create a Basic Resource

🌟 key concept a resource docid 3nrqijf dqk8pq bjkqh2 is a piece of digital content that's accessible over the web resources can vary in complexity from a simple email address to more complex content such as web pages and healthcare data this example setup demonstrates how to create a basic resource using the identos authorization server todo add overview diagram with step emphasized this setup will use a fake resource that todo introduce example introspection? prerequisites you've created the example resource server outlined in 1 create a basic resource server docid 43vmg opg9qs9umq0 j8t step by step setup to create a resource in the authorization server, we need to define basic scopes (permissions such as read , write , etc ) in the authorization server (if not already defined) create a resource definition in the authorization server and specify what scope(s) can be used to access it create a resource in the authorization server that corresponds to an actual resource in the resource server for our example, we'll assume that our resource server is already populated with resources (patient records containing blood glucose levels) for the authorization server to read the blood glucose levels, we'll need to define the read scope (1) , create the blood glucose level resource definition (2) , and create a resource representing an actual blood glucose level stored in the resource server (3) for a full explanation of each operation and its parameters, see create a resource docid\ soqsecqwnoezfvzfzddhy define scopes run the admin api call below to add the read scope and write scopes to the authorization server's scope database since these are the first scopes in our authorization server, the read scope will be id = 1 in the scope database, and the write scope will be id = 2 curl location g request patch '{{as admin uri}}' \\ \ header 'content type application/vnd api+json; ext=jsonpatch' \\ \ header 'authorization {{as admin static token}}' \\ \ header 'apiversion v1 0' \\ \ header 'accept language en' \\ \ data raw '\[ { "op" "add", "path" "/scope", "value" { "type" "scope", "id" 1, "attributes" { "description" "read value", "name" "read", "iconuri" null, "dtype" "scope" } } }, { "op" "add", "path" "/scope", "value" { "type" "scope", "id" 2, "attributes" { "description" "write value", "name" "write", "iconuri" null, "dtype" "scope" } } }, ]' create a resource definition run the admin api call below to add the blood glucose level resource definition to the authorization server's resource definition database, and allow resources of this type to be accessed with both the read scope ( id = 1 ) and write scope ( id = 2 ) since blood glucose level is the first resource definition in the authorization server, it will be id = 1 in the resource definition database curl location g request patch '{{as admin uri}}' \\ \ header 'content type application/vnd api+json; ext=jsonpatch' \\ \ header 'authorization {{as admin static token}}' \\ \ header 'apiversion v1 0' \\ \ header 'accept language en' \\ \ data raw '\[ { "op" "add", "path" "/resource definition", "value" { "type" "resource definition", "id" 1, "attributes" { "maxpermissionduration" 3000000000, "name" "blood glucose level", "resourceid" "blood glucose level", "type" "https //www identos com/resource definitions/blood glucose level", "description" "the blood glucose level (mmol/l) of a patient " }, "relationships" { "scopes" { "data" \[ { "id" 1, "type" "scope" }, { "id" 2, "type" "scope" } ] } } } }, ]' create a resource run the admin api call below to add the bg1 patient rs resource located at https //patient rs fakehospital com/resource/patient record to the authorization server's resource database, and make it so that this particular resource can only be accessed with the read scope ( id = 1 ) we'll also need to associate it with the blood glucose level resource definition ( id = 1 ) and the patient resource server resource server ( id = 1 ) curl location g request patch '{{as admin uri}}' \\ \ header 'content type application/vnd api+json; ext=jsonpatch' \\ \ header 'authorization {{as admin static token}}' \\ \ header 'apiversion v1 0' \\ \ header 'accept language en' \\ \ data raw '\[ { "op" "add", "path" "/resource", "value" { "type" "resource", "id" 1, "attributes" { "maxpermissionduration" 3000000000, "resourceid" "bg1 patient rs", "resourcelocation" "https //patient rs fakehospital com/resource/patient record" }, "relationships" { "allowedscopes" { "data" \[ { "id" 1, "type" "scope" }, ] }, "resourcedefinition" { "data" { "id" 1, "type" "resource definition" } }, "resourceserver" { "data" { "id" 1, "type" "resource server" } } } } } ]' view the resource (optional) now run the api call below to view the resource in the authorization server curl location g request get '{{as admin uri}}/resource/1' \\ \ header 'content type application/vnd api+json' \\ \ header 'apiversion v1 0' \\ \ header 'authorization {{as admin static token}}' \\ \ header 'accept language en' next steps ✅ you just created a basic resource in the authorization server! next step proceed to 3 create a basic client docid\ pmyncndy11xup3afhp7 8 to learn how to define a client with permissions for accessing the basic resource you created learn more read the create a resource docid\ soqsecqwnoezfvzfzddhy guide to learn more about creating, updating, and deleting resources in the authorization server

1. Create a Basic Resource Server

3. Create a Basic Client