Configuring a resource - PingAccess

Configuring a resource - PingAccess - 7.0

PingAccess

bundle

pingaccess-70

ft:publication_title

PingAccess

Product_Version_ce

PingAccess 7.0

category

Product

pa-70

pingaccess

ContentType_ce

Page created: 26 Jul 2021 |

Page updated: 14 Jan 2022

| 2 min read

7.0 PingAccess Product IT Administrator Administrator Audience Product documentation Content Type Web Access Management Access security Capability

An application resource is a component within an application that requires a different level of security. By configuring resources for your API endpoints, you can add different rules for different endpoints and specify which methods are allowed.

For more information about this procedure, including optional steps that are not included here, see Adding application resources.

Click Applications and then go to Applications > Applications.
Click to expand the application you created in the previous procedure.
Click the Pencil icon.
Click the Resources tab.
Click + Add Resource.
In the Name field, enter a unique name up to 64 characters, including special characters and spaces.
In the Path Patterns field, enter a list of URL path patterns, within the context root, that identify this resource.

Info:
The path pattern must start with a forward slash (/). It begins after the application context root and extends to the end of the URL.

When automatic path pattern evaluation ordering is in use (default), patterns can contain one or more wildcard characters (*). No use of wildcards is assumed. For example, there is a difference between /app/ and /app/*. If a request matches more than one resource, the most specific match is used.
In the Resource Authentication section, select Standard, using the same authentication for the resource as for the root application.
In the Methods field, enter the methods supported by the resource.

Leave the asterisk default if the resource supports all HTTP methods, including custom methods.
Tip: Defining methods for a resource allows more fine-grained access control policies on API resources. If you have a server optimized for writing data (POST, PUT) and a server optimized for reading data (GET), you might want to segment traffic based on the operation being performed.
To log information about the transaction to the audit store, select the Audit check box.
To enable the resource, select the Enabled check box.
Click Save.