API Resources Configuration
Define and protect API resources.
Name - The unique name of the API. This value is used for authentication with introspection and will be added to the audience of the outgoing access token.
Display Name - This value can be used e.g. on the consent screen.
Description - This value can be used e.g. on the consent screen.
Show In Discovery Document - Specifies whether this scope is shown in the discovery document. Defaults to true.
Enabled - Indicates if this resource is enabled and can be requested. Defaults to true.
Allowed Access Token Signing Algorithms - List of allowed signing algorithms for an access token. If empty, will use the server default signing algorithm.
User Claims - List of associated user claim types that should be included in the access token.
Scopes - An API must have at least one scope. Each scope can have different settings.
Secrets - The API secret is used for the introspection endpoint. The API can authenticate with introspection using the API name and secret.
Secret Type - Some string that gives the secret validator a hint what type of secret to expect (e.g. "SharedSecret" or "X509CertificateThumbprint").
Secret Value -The value of the secret. This is being interpreted by the secret validator (e.g. a "password"-like share secret or something else that identifies a credential).
Hash Type - Hashing Algorithm Type. HashType will be applicable only for the SharedSecret type.
Expiration - A point in time, where this secret will expire.
Description - The description of the secret - useful for attaching some extra information to the secret.
Properties - Dictionary to hold any custom API resource-specific values as needed
Key - Key
Value - Value