Registering and Protecting Resources
Resource owners register their resources in the UMA provider, and protect them with authorization policies:
Resource registration can occur at three different stages: at initial resource creation, when needed for policy creation, and at resource access attempt.
The process is the same regardless of when it is run.
Policy creation can occur after resource creation or at resource access attempt. The process is the same regardless of when it is run, and the requesting party always needs to partake in the UMA grant flow to gain access to the resources.
Only the resource owner can create a policy to protect a resource. Administrative users, such as
amAdmin, cannot create policies on behalf of a resource owner.
See the following sections to learn how to register and protect resources with the AM UI and the REST APIs: