--- title: Resource types description: Resource types define a template for the resources that policies apply to, and the actions that can be performed on those resources. component: pingoneaic page_id: pingoneaic:am-authorization:configuring-resource-types canonical_url: https://docs.pingidentity.com/pingoneaic/am-authorization/configuring-resource-types.html keywords: ["Authorization", "Policy", "Resource"] page_aliases: ["authorization-guide:configuring-resource-types.adoc"] section_ids: default-resource-types: Default resource types --- # Resource types Resource types define a template for the resources that policies apply to, and the actions that can be performed on those resources. Advanced Identity Cloud needs a *policy* to decide whether a user can access a resource. When you configure a policy, you also configure a resource (or a pattern to match several resources) that the policy applies to, and the actions that the policy allows or denies. Resource types are templates that you can define once and reuse in several policies. For example, you could create a template that always allows PUT and POST operations from your internal network. ## Default resource types Advanced Identity Cloud includes the following resource types by default: * `Authentication` The `Authentication` resource type supports the identification of applications during the authentication journey using unique identifiers like client IDs (for OAuth 2.0 or OIDC) or entity IDs (for SAML 2.0). It contains a single wildcard pattern, `*`. This resource type supports the `Access` action, which can be allowed or denied. * `OAuth2 Scope` The `OAuth2 Scope` resource type acts as a template for granting or denying OAuth 2.0 scopes. It contains a string-based scope pattern, `*`, and two URL-based scope patterns, such as `*://*:*/*?*`. The resource supports the `GRANT` action, which can be allowed or denied. * `URL` The `URL` resource type acts as a template for protecting web pages or applications. It contains resource patterns, such as `*://*:*/*?*`, that can be more specific when used in the policy. This resource type supports the following actions: GET\ POST\ PUT\ HEAD\ PATCH\ DELETE\ OPTIONS For example, an application for Example.com's HR service might contain resource types that constrain all policies to apply to URL resource types under `http*://example.com/hr*` and `http*://example.com/hr*?*`, and only allow HTTP `GET` and `POST` actions.