JanssenProject
diff --git a/‎docs/cedarling/developer/cedarling-kotlin.md‎
Lines changed: 66 additions & 5 deletions b/‎docs/cedarling/developer/cedarling-kotlin.md‎
Lines changed: 66 additions & 5 deletions
diff --git a/‎docs/cedarling/developer/mobile-apps/cedarling-android.md‎
Lines changed: 8 additions & 10 deletions b/‎docs/cedarling/developer/mobile-apps/cedarling-android.md‎
Lines changed: 8 additions & 10 deletions
diff --git a/‎docs/cedarling/developer/mobile-apps/cedarling-ios.md‎
Lines changed: 1 addition & 4 deletions b/‎docs/cedarling/developer/mobile-apps/cedarling-ios.md‎
Lines changed: 1 addition & 4 deletions
@@ -46,12 +46,15 @@ can also build it from source.
 
 ## Recipes
 
-### Use the Cedarling Java binding in custom scripts
+### Using the Cedarling Java binding in custom scripts on the Janssen Auth Server (VM installation).
 
-Here is a simple recipe to add scopes in access-token using update_token script only if the requesting client has `authorization_code` grant-type. We will use below policy for this:
+Here is a simple recipe to add scopes to the access token using the update_token script only when the requesting client uses the authorization_code grant type. We will use [Agama Lab's](https://cloud.gluu.org/agama-lab) Policy Designer to create a simple Policy Store with the following policies and schema.
 
-```bash
-@id("Allow if the grant type is authorization_code")
+##### Policies
+
+```declarative
+
+@id("Allow_authorization_code")
 permit (
   principal is Jans::Workload,
   action == Jans::Action::"Execute",
@@ -60,11 +63,69 @@ permit (
 when {
   principal.grantTypes.contains("authorization_code")
 };
+
+```
+
+##### Schema
+
+```declarative
+
+namespace Jans {
+  type Context = {
+    current_time?: Long,
+    device_health?: Set<String>,
+    fraud_indicators?: Set<String>,
+    geolocation?: Set<String>,
+    network?: String,
+    network_type?: String,
+    operating_system?: String,
+    user_agent?: String
+  };
+
+  type Url = String;
+
+  type email_address = {
+    domain: String,
+    uid: String
+  };
+
+  entity Application = {
+    grantTypes: Set<String>
+  };
+
+  entity Role;
+
+  entity TrustedIssuer = {
+    issuer_entity_id: Url
+  };
+
+  entity User in [Role] = {
+    email?: email_address,
+    role: Set<String>,
+    sub?: String
+  };
+
+  entity Workload = {
+    client_id: String,
+    grantTypes: Set<String>,
+    iss?: TrustedIssuer,
+    name?: String,
+    rp_id?: String,
+    spiffe_id?: String
+  };
+
+  action "Execute" appliesTo {
+    principal: [Workload],
+    resource: [Application],
+    context: Context
+  };
+}
+
 ```
 
 **Steps:**
 
-- Upload [bootstrap.json](../uniffi/cedarling-sample-inputs.md/#bootstrapjson) and [policy-store.json](../uniffi/cedarling-sample-inputs.md/#policy-storejson) at `/opt/jans/jetty/jans-auth/custom/static` location of the auth server. The [Asset Screen](https://docs.jans.io/v1.6.0/janssen-server/config-guide/custom-assets-configuration/#asset-screen) can be used to upload assets.
+- Upload [bootstrap.json](../uniffi/cedarling-sample-inputs.md/#bootstrapjson) and policy-store file (with .cjar extension released from the Agama Lab) at `/opt/jans/jetty/jans-auth/custom/static` location of the auth server. The [Asset Screen](https://docs.jans.io/v1.6.0/janssen-server/config-guide/custom-assets-configuration/#asset-screen) can be used to upload assets.
 - Upload the generate `cedarling-java-{version}.jar` at `/opt/jans/jetty/jans-auth/custom/libs` location of the auth server.
 
 !!! note
 
@@ -11,21 +11,19 @@ Cedarling UniFFI binding exposes its `init`, `authz` and `log` interfaces to dif
 ## Building
 
 1. Ask toolchain manager to install support for compiling Rust code for aarch64-linux, armv7-linux, i686-linux and x86_64-linux.
-
-```bash
-	rustup target add \
-		aarch64-linux-android \
-		armv7-linux-androideabi \
-		i686-linux-android \
-		x86_64-linux-android
-```
+    ```bash
+        rustup target add \
+            aarch64-linux-android \
+            armv7-linux-androideabi \
+            i686-linux-android \
+            x86_64-linux-android
+    ```
 
 2.  Run below command to build and import binding into Android project.
     ```bash
     make android
     ```
-
-Use `make android BUILD_TYPE=release` or `make android BUILD_TYPE=debug` to build in `release` or `debug` mode. If `BUILD_TYPE` is not specified, the `release` profile is used by default.
+    Use `make android BUILD_TYPE=release` or `make android BUILD_TYPE=debug` to build in `release` or `debug` mode. If `BUILD_TYPE` is not specified, the `release` profile is used by default.
 
 3. We have included a sample android app using Cedarling UniFFI binding for making authorisation decisions. Open the `./bindings/cedarling_uniffi/androidApp` project on Android Studio and run the project on simulator.
 
 
@@ -16,18 +16,15 @@ Cedarling UniFFI binding exposes its `init`, `authz` and `log` interfaces to dif
    ```
 
 2. Ask toolchain manager to install support for compiling Rust code for iOS devices and iOS Simulator
-
    ```bash
    rustup target add aarch64-apple-darwin aarch64-apple-ios-sim aarch64-apple-ios
    ```
 
 3. Run below command to build and import binding into iOS project:
-
    ```bash
    make ios
    ```
-   
-Use `make ios BUILD_TYPE=release` or `make ios BUILD_TYPE=debug` to build in `release` or `debug` mode. If `BUILD_TYPE` is not specified, the `release` profile is used by default.
+   Use `make ios BUILD_TYPE=release` or `make ios BUILD_TYPE=debug` to build in `release` or `debug` mode. If `BUILD_TYPE` is not specified, the `release` profile is used by default.
 
 4. Open `./bindings/cedarling_uniffi/iOSApp` in Xcode. Import both the XCFramework `./bindings/ios/Mobile.xcframework` and the Swift file bindings `./bindings/build/cedarling_uniffi.swift` files into your project (drag and drop should work).