Modify an Existing Resource

To modify an existing Resource with the local management interface, use the API Access Control resources page.

1. In the appliance top menu, Web > API Access Control > Resources.
2. The user is prompted to set the user name, password, and domain for the Policy Server if these credentials are not already set. See Storing the IBM Security Verify Access operations for managing Access Control Policies.
3. Expand the Reverse Proxy instance to show the list of available resource servers. These are the 2nd level objects in the tree.
4. Expand the resource server to show the list of existing resources.
5. Select the resource to modify.

6. Click Edit. A dialog box is displayed showing the existing resource details.
7. In the Identification tab, enter the details for the new resource.
   1. Enter the user friendly description for this resource in the Name field.
   2. Add any path aliases that can be used for this resource to the list of URL aliases.

      1. Click Add. A dialog is displayed prompting for the new alias.
      2. Enter the new alias. A wildcard character (*) might be used if required.

      3. Click Save.
   3. Remove any path aliases by selecting the alias or aliases in the list and click the Delete button.
8. In the Policy tab, select the policy to be attached to this resource
   1. Use the parent policy and select the default Verify Access Policy radio button. Do not attach any policy directly. This will use the policy set in the resource server.
   2. Click the No Access Permitted (disabled) radio button to not allow access.

   3. Click the Unauthenticated Access Allowed radio button to allow unauthenticated access.

   4. Click the Any Authenticated radio button to allow any authenticated access.

   5. Click the Custom radio button to use a custom Access Control Policy.
   6. Custom policy name form the drop-down list.
   7. Select the rate limiting policy to be attached to this resource using the Rate Limiting Policy dropdown.
   8. Select the CORS policy to be attached to this resource using the CORS Policy dropdown.
9. In the Responses tab, set any static response headers to create.

   1. Click Add to add a new response header.
      1. In the dialog box, select the Header Name or enter a new value in the Header Name field.
      2. Enter the Header Value.

      3. Click Save.
   2. To delete a response header select the header from the list and click Delete.
10. In the Documentation tab, enter the settings to allow the resource documentation to be returned.
    1. Enter the content type header value. If a request to the resource contains this value in the content-type header, the documentation file will be returned.
    2. Select the documentation file from the drop-down list. If it does not exist click the upload button to select and upload the file. These files can be managed by using Manage the API documentation root.
11. Once all of the data are set, click Save to update the selected resource.
    • The resource path and method can not be updated.
    • To view a list of all of the internal IBM Security Verify Access operations that are run to create a new resource see the api_access_control.log as described in Auditing the Verify Access operations that are performed when managing API Access Control components.

Parent topic: Resources