Class: Google::Iam::V1beta::WorkloadIdentityPoolProvider::Oidc

Inherits:

Object

• Object
• Google::Iam::V1beta::WorkloadIdentityPoolProvider::Oidc

Extended by:

Protobuf::MessageExts::ClassMethods

Includes:

Protobuf::MessageExts

Defined in:

proto_docs/google/iam/v1beta/workload_identity_pool.rb

Overview

Represents an OpenId Connect 1.0 identity provider.

Instance Attribute Summary

• #allowed_audiences ⇒ ::Array<::String>

  Acceptable values for the aud field (audience) in the OIDC token.

• #issuer_uri ⇒ ::String

  Required.

Instance Attribute Details

#allowed_audiences ⇒ ::Array<::String>

Returns Acceptable values for the aud field (audience) in the OIDC token. Token exchange requests are rejected if the token audience does not match one of the configured values. Each audience may be at most 256 characters. A maximum of 10 audiences may be configured.

If this list is empty, the OIDC token audience must be equal to the full canonical resource name of the WorkloadIdentityPoolProvider, with or without the HTTPS prefix. For example:

//iam.googleapis.com/projects/<project-number>/locations/<location>/workloadIdentityPools/<pool-id>/providers/<provider-id>
https://iam.googleapis.com/projects/<project-number>/locations/<location>/workloadIdentityPools/<pool-id>/providers/<provider-id>
```.

Returns:

• (::Array<::String>) —

  Acceptable values for the aud field (audience) in the OIDC token. Token exchange requests are rejected if the token audience does not match one of the configured values. Each audience may be at most 256 characters. A maximum of 10 audiences may be configured.

  If this list is empty, the OIDC token audience must be equal to the full canonical resource name of the WorkloadIdentityPoolProvider, with or without the HTTPS prefix. For example:

  //iam.googleapis.com/projects/<project-number>/locations/<location>/workloadIdentityPools/<pool-id>/providers/<provider-id>
  https://iam.googleapis.com/projects/<project-number>/locations/<location>/workloadIdentityPools/<pool-id>/providers/<provider-id>
  

# File 'proto_docs/google/iam/v1beta/workload_identity_pool.rb', line 232

class Oidc
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#issuer_uri ⇒ ::String

Returns Required. The OIDC issuer URL.

Returns:

• (::String) —

  Required. The OIDC issuer URL.

# File 'proto_docs/google/iam/v1beta/workload_identity_pool.rb', line 232

class Oidc
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end