Editing Resources

Editing Resources within Admin UI

Editing Resources

Resources can be edited from the Protected or Identity Resources page by first selecting the edit icon on the Resource item row:

Edit Resource via Pencil

Identity Resources Edit Mode

Once you are in edit mode for an Identity Resource, you will initially arrive at the Details page.

The Resource ID will be displayed in a read-only view. This is the unique identifier for requests.

This section also allows you to edit the Display name of the Resource - this is the Resource Name that will be seen on consent screens, along with the Resource Description, and a Resource Status switch.

You will also be able to to set various statuses of the Resource:

  • Whether explicit consent to use this resource is required in order to complete authentication
  • Whether the resource appears within the Discovery Document (/.well-known/openid-configuration)
  • Whether to emphasize the Resource Name on the Consent screen

Edit Identity Resources

Protected Resources Edit Mode

Once you are in edit mode for a Protected Resource, you will initially arrive at the Details page.

The Resource ID will be displayed in a read-only view. This is the unique identifier for requests.

This section also allows you to edit the Display name of the Resource - this is the Resource Name that will be seen on consent screens, along with the Resource Description and a Resource Status switch:

Protected Resource Edit Details

Protected Resources Scope Editing

From the Protected Resources tab, there is the ability to add and edit the Scope of the resource.

Select the Scopes tab and you will observe the existing Scopes available for this Protected Resource. By default, Admin API is available as a Scope:

Scope Editing Protected Resource

At this point, you can switch between the Details and Claims tab. The options on the Details tab show the read-only Scope ID (e.g. "admin_api"), and enable you to edit the Display Name and Description.

You will also be able to to set various statuses of the Scope for this Protected Resource:

  • Whether explicit consent to use this resource is required in order to complete authentication
  • Whether the resource appears within the Discovery Document (/.well-known/openid-configuration)
  • Whether to emphasize the Resource Name on the Consent screen

Additionally, from within a Protected Resources Scope Edit mode, you will be able to select the Claims available for this Scope. This sets the User Claim types that are to be included in tokens, and these Claims types will be added to the list of claim types for the parent resource.

Protected Resource Editing Claims Selection

Protected Resources Scope Adding

To add a new Scope for a Protected Resource, click the Add Scope button.

Add Scope Button

A New Scope dialog will appear that enables you to add:

  • ID - the unique identifier for the Resource and used in requests
  • Display Name - the Scope name that will be seen on consent screens
  • Description - the description that will be seen on consent screens

Progress through the wizard and you will be able to assign and unassign Claim Types to this Scope:

Assign Claim Types

Submit to add the new Scope to the Protected Resource

Protected Resources Secrets

From the edit mode of a Protected Resource, you are able to set the Secrets for the resource, which are the User claim types to be included in tokens. Setting this will apply to all scopes for the resource.

You will now be able to edit and add the secrets that are available to this Web Client. You can select a Secret Type of either a Shared Secret, an X509 Certificate Thumbprint or an X509 Certificate Name:

Secret Type



Once you have filled out and entered the required Secret details, click "Add" and the Secret will appear in the list below:

Secret List

Assigning and Unassigning Claims

From the Resource Edit Details page for either a Protected or Identity Resource, click the Claims tab to be able to Assign/Unassign Claim Types to this Resource. This sets the User Claim types to be included in the tokens:

Assigning Claims