CYM-Identity allows you to identify and register the different APIs that your organization have, allowing you to grant or deny access to your applications. Refer to the authorization section.

Create a Resource Server

A Resource Server is the host of many Protected Resources or APIs.

Create a ClientResourceServer Client

  1. Navigate to CYM-Identity App > Clients Tab > New
  2. Choose the ClientResourceServer record type
You can fill in the required information following the Resource Servers object reference.

Assign Scopes

Each ResourceServer must be assigned the scopes.
  1. Open the CYM-Identity App
  2. Open the Clients tab
  3. Navigate to the Resource_Server you have created
  4. Open the Scopes tab
  5. You need to assign the scopes that the ResourceServer is allowed to use
  6. You must assign the Audience scopes. Audience scopes are used to grant applications to this Resource Server as the audience of a request. If no Audience scopes are assigned, the ResourceServer cannot be used as an audience and only its protected resources can be used as resources.
  7. If the resource server need specific information in the introspection response, you can add the introspection scopes required to release the user claims

Create Protected Resources

You can now start creating Protected Resources (APIs)

Create the Protected Resource Object

  1. Navigate to the Protected Resources tab in the Resource Server details page
  2. Click the New button

Assign Scopes

Each protected resource can be assigned specific scopes. Only applications which has been granted at least one of those scopes could request access to the APIs.
  1. Navigate to the Protected Resource you created
  2. Open the Scopes tab
Fill in the information and you are good to go. The API you just created can be used as resource in authorization requests by your applications