/uma/resource_set
UMA resource registration endpoint, as defined in the Federated Authorization for User-Managed Access (UMA) 2.0 specification.
Use this endpoint to register, read, delete, edit, and list resources for a particular resource owner.
| Action | HTTP Method |
|---|---|
| Register | POST |
| Read | GET |
| Update | PUT |
| Delete | DELETE |
| List | GET |
You must compose the path to the token endpoint addressing the specific realm where the token will be issued. For example, https://openam.example.com:8443/openam/uma/realms/root/realms/subrealm1/resource_set.
The resource registration endpoint does not support any parameters. To authenticate to the endpoint, send an Authorization: Bearer header with the PAT of the resource owner.
To create and update resources, add their description to the body of the call as a JSON document that follows the UMA 2.0 specification. For example:
{
"resource_scopes": [
"view", "comment", "download"
],
"name": "My Resource Name",
"description": "An example resource stored in resourceserver.example.com",
"type": "https://resourceserver.example.com/resources/",
"icon_uri": "https://resourceserver.example.com/resources/resources.png"
} The resource_scopes object is the only required object, and indicates the scopes that can be requested for the resource. Scope descriptions are not supported.
When reading, updating, and deleting a resource, you must include the resource ID in the URL. For example:
$ curl \
--header "Authorization: Bearer 515d6551-6512-5279-98b6-c0ef3f03a723" \
https://openam.example.com:8443/openam/uma/realms/root/resource_set/126615ba-b7fd-4660-b281-bae81aa45f7c0For examples of the different REST calls, see "How to Manage UMA Resources".