API Resource

Introduction

An API resource represent either an API as a whole or a function within such an API. How you structure those is entirely up to you. You could create an API resource webshopadmin which gives the client full permission to a webshop API or you could further structure it down an create separate API resources for things like webshop.readproduct and webshop.placeorder. You can further bundle them into API scopes and achieve the exact same behaviour. For a more in detail example see this how-to.

If you assign an API scope to a client in the client configuration, you basically give that client access to the API resource. But make sure to actually check the presence of that scope in the implementation of your API!

Parameters

An API resource consists of the following data.

Name	Datatype	Mandatory	Example	Description

Name	Datatype	Example	Description
Name	String	WEBSHOP_ORDER_API	The name of the API resource as it will be stored in the system.
Description	String	The ordering API of the webshop	Used to display on the consent screen
Description name key	String	Customer.BestRun.ApiResource.OrderApi	Key to translate the name into multiple languages
Display name	String	Webshop Ordering API	The readable name of the name
Display name key	String	Customer.BestRun.ApiResource.OrderApiDescription	Key to translate the description into multiple languages
Show on consent screen	Checkbox	true	Whether or not this API resource needs to be displayed on the consent screen. You can disable technical scopes here if you want.
Order	Integer	2	The order on the consent screen
Application	Drop Down	Webshop	The application the API resource belongs to
Secret	Password	* * * * * * * * *	The API secret that can be used by the API to authenticate at the Endpoints \| Introspection Endpoint .