--- title: Resource types in the UI description: You manage resource types under Native Consoles > Access Management > Realms > Realm Name > Authorization > Resource Types. component: pingoneaic page_id: pingoneaic:am-authorization:resource-types-ui canonical_url: https://docs.pingidentity.com/pingoneaic/am-authorization/resource-types-ui.html keywords: ["Authorization", "Policy", "Resource", "Configuration"] page_aliases: ["authorization-guide:resource-types-ui.adoc"] section_ids: resource_type_names: Resource type names policy-patterns-wildcards: Resource type patterns wildcards: Wildcards wildcards_in_schemes_hosts_and_port_numbers: Wildcards in schemes, hosts, and port numbers wildcards_in_paths: Wildcards in paths wildcards_in_query_strings: Wildcards in query strings non_ascii_characters: Non-ASCII characters resource_type_actions: Resource type actions resource-types-console: Example --- # Resource types in the UI You manage resource types under Native Consoles > Access Management > Realms > *Realm Name* > Authorization > Resource Types. | To... | Action | | ---------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Create a resource type | Click New Resource Type.When creating a resource type, specify at least one action and one pattern. | | Modify a resource type | Click the resource type name or the pencil icon ([icon: pencil-alt, set=fa]). | | Delete a resource type | Click the delete icon ([icon: times, set=fa]) or click the resource type name then the x Delete button.You can't delete a resource type if any policies or policy sets depend on that resource type. | ## Resource type names Don't use any of the following characters in policy, policy set, or resource type names: * Double quotes (`"`) * Plus sign (`+`) * Comma (`,`) * Less than (`<`) * Equals (`=`) * Greater than (`>`) * Backslash (`\`) * Forward slash (`/`) * Semicolon (`;`) * Null (`\u0000`) ## Resource type patterns Policies apply to resources that match their patterns. * A policy belongs to a policy set. * A policy set permits one or more resource types in their policies. * A policy can only define patterns that fit the patterns of its resource types. ### Wildcards Resource type patterns can include a mix of literal characters and wildcards, `*` or `-*-`. Wildcards can appear anywhere in a resource type pattern to match resources, such as URLs or OAuth 2.0 scopes. * Do not mix `*` and `-*-` in the same pattern. * Wildcards cannot be escaped. * Comparisons are not case-sensitive. ### Wildcards in schemes, hosts, and port numbers When using wildcards for the scheme and authority parts of a URL: * The pattern `*://*:*/*` matches these URLs: `http://www.example.com:80/index.html`\ `https://www.example.com:443/index.html`\ `http://www.example.net:8080/index.html` * Omitting the port number implies the default port number for the scheme: `http://www.example.com/*` is the same as `http://www.example.com:80/*`. `https://www.example.com/*` is the same as `https://www.example.com:443/*`. ### Wildcards in paths Wildcards have these properties in a URL path: * The wildcard `*` matches *multiple* path segments. For example, `https://www.example.com/*` matches `https://www.example.com/`, `https://www.example.com/index.html`, and `https://www.example.com/company/images/logo.png`. * The wildcard `-*-` matches *a single* path segment. For example, `https://www.example.com/-*-` matches `https://www.example.com/index.html`. It does not match `https://www.example.com/company/resource.html` or `https://www.example.com/company/images/logo.png`. * Duplicate slashes (`//`) count as a single slash. `http://www.example.com//path/` and `http://www.example.com/path//` are equivalent. * A trailing slash counts as a distinct part of the resource to match. `https://www.example.com/path` and `https://www.example.com/path/` are not equivalent. ### Wildcards in query strings Wildcards do not match `?`. Add explicit patterns to match URLs with query strings: * When matching URLs protected by a web or Java agent, an asterisk (`*`) at the end of a pattern after `?` matches *one or more* characters, not zero or more characters. For example, `https://www.example.com/*?*` matches `https://www.example.com/users?_action=create`, not `https://www.example.com/users?`. To match all URLs under `https://www.example.com/`, specify three patterns: `https://www.example.com/*`\ `https://www.example.com/*?`\ `https://www.example.com/*?*` * When matching resources with a `policies?_action=evaluate` REST call, an asterisk (`*`) at the end of a pattern after `?` matches *zero or more* characters. For example, `https://www.example.com/*?*` matches `https://www.example.com/users?_action=create` and `https://www.example.com/users?`. To match all URLs under `http://www.example.com/`, specify two patterns: `https://www.example.com/*`\ `https://www.example.com/*?*` * Advanced Identity Cloud normalizes query strings before checking whether a policy matches a resource. To normalize the query string, Advanced Identity Cloud sorts the query string field-value pairs alphabetically by field name. These query strings are equivalent: `?subject=SPBnfm+t5PlP+ISyQhVlplE22A8=&action=get`\ `?action=get&subject=SPBnfm+t5PlP+ISyQhVlplE22A8=` ### Non-ASCII characters Use percent-encoding for non-ASCII characters in resource patterns. For example, to match resources under the Internationalized Resource Identifier (IRI) `https://www.example.com/forstå/` use: `https://www.example.com:443/forst%C3%A5/*`\ `https://www.example.com:443/forst%C3%A5/*?*` ## Resource type actions Advanced Identity Cloud policies use actions to grant or deny access to a resource. A policy can only determine actions defined by its resource types. Choose a name that summarizes the action the principal aims to perform on the resource. The default state for each action is either Allow or Deny. ## Example The following screen creates a resource type for policies to switch lights on and off: ![Add the patterns and actions that policies using this resource type can make use of.](_images/resource-types-console.png)Figure 1. Configuring a resource type in the UI