Create API protection definitions to configure the settings
that dictate the behavior of how resources are accessed. The configuration
settings protect the resources from unauthorized access.
Procedure
- Log in to the local management interface.
- Click either or .
- Click Definitions, and click .
- In the Name field, type a unique
name for the definition.
Note: The name must begin with
an alphabetic character. Do not use control characters, leading and
trailing blanks, and the following special characters ~ ! @ # $ %
^ & * ( ) + | ` = \ ; : " ' < > ? , [ ] { } / anywhere in
the name.
- In the Description field, provide
a brief description about the definition.
- If you want to enforce an access policy, select the policy from the menu for the
Access Policy field.
Note: The menu shows Access Policies that are currently defined. To use an access policy with
OpenID Connect and API Protection, you must define the policy prior to
running the configuration wizard. See
Access policies.
- Click Grant Types and select at least one grant type.
The grant type Authorization code is enabled by default. For information
on grant types, see OAuth 2.0 and OIDC workflows.
- Click Token Management.
Specify values for the token properties. For descriptions of each property, see API Protection token management properties.
- Click Trusted Clients and Consent and
select when you want the user to be prompted to consent to an authorization
grant.
- If you want to protect an OpenID Connect Provider, click OpenID Connect
Provider and select Enable OpenID Connect .
Specify OpenID Connect Provider settings as needed for your deployment. For descriptions of each
property, see API Protection OpenID Connect Provider properties
- Click Save.