A Domino resource provider receives an access token from an application and uses an IAM introspection request to acquire information about the access token. Before it can make an introspection request, the resource provider must first be registered with the IAM service. During the registration process, IAM creates a resource provider id and secret to be used in each introspection request.
There are currently three kinds of Domino resource providers:
Proton is a resource provider when handling a request in which the client application is acting as a user. See Proton Act-as-User OAuth Configuration for configuration steps.
The OAuth DSAPI extension is a resource provider used when handling
Freebusyservices implemented by Domino Access Services (DAS). See OAuth DSAPI extension for OAuth DSAPI configuration steps.
Auto-Generated Resource Providers used by OAuth2 Support for Domino Web Applications
Every IAM service instance should have at least one Domino resource provider configured, but you don't necessarily need to configure both types of resource providers. For example, if your IAM service instance will never be used to introspect an access token for a Domino HTTP request, there is no need to configure the OAuth DSAPI extension.