Resources

A resource entity in PingOne can be one of the following types: OPENID_CONNECT, PING_ONE_API, or CUSTOM. Only the CUSTOM resource type can be created. The OPENID_CONNECT type specifies the built-in platform resource for OpenID Connect. The PING_ONE_API type specifies the built-in platform resource for PingOne. When you define an application in PingOne and specify its resource grant, you identify the protected endpoints that users can access when they sign on to that application.

For custom resources, the Resources service models external resource servers that use PingOne to protect their APIs. The custom resource is the audience of access tokens generated by PingOne. For example, an application called Photo Archive uses a resource grant to the server, https://api.photoarchive.com, that provides APIs for users to interact with their photos. You can use the PingOne resources service to define the https://api.photoarchive.com as a custom resource and specify the scopes (permissions) that users get from authenticating and receiving an access token. In this scenario, when a user signs on, the PingOne authorization server returns an access token, giving the user permissions associated with the custom resource, such as permission:view-photos, permission:upload-photos, permission:edit-photos, or permission:delete-photos.

You need the Environment Admin or the Client Application Developer roles to perform operations on resources.