...
An API resource represent either an API as a whole or a function within such an API. How you structure those is entirely up to you. You could create an API resource webshopadmin which gives the client full permission to an a webshop API or you could further structure it down an create sperate separate API resources for things like webshop.readproduct and webshop.placeorder. You can further bundle them into API scopes and achieve the exact same behaviour. For a more in detail example see this how-to.
| Info |
|---|
If you assign a an API scope to a client in the client configuration, you basically give that client access to the API resource. But make sure to actually check the presence of that scope in the implementation of your API! |
...