Access Management 7.2.2

Register and protect resources

Resource owners register their resources in the UMA provider, and protect them with authorization policies:

  • Resource registration can occur at three different stages:

    • When the resource is initially created

    • When the resource is required for policy creation

    • When someone attempts to access the resource

      The process is the same regardless of when it is run.

  • Policy creation can occur:

    • After the resource is created

    • When someone attempts to access the resource

      The process is the same regardless of when it is run. The requesting party must always run through the UMA grant flow to gain access to the resources.

      Only the resource owner can create a policy to protect a resource. Administrative users, such as amAdmin, cannot create policies on behalf of a resource owner.

Continue reading to learn how to register and protect resources with the AM UI and the REST APIs.

Copyright © 2010-2024 ForgeRock, all rights reserved.