Class Oidc

Represents an OpenId Connect 1.0 identity provider.

Inheritance

object

Oidc

Implements

IDirectResponseSchema

Inherited Members

object.Equals(object)

object.Equals(object, object)

object.GetHashCode()

object.GetType()

object.MemberwiseClone()

object.ReferenceEquals(object, object)

object.ToString()

Namespace: Google.Apis.Iam.v1.Data

Assembly: Google.Apis.Iam.v1.dll

Syntax

public class Oidc : IDirectResponseSchema

Properties

AllowedAudiences

Optional. Acceptable values for the aud field (audience) in the OIDC token. Token exchange requests are rejected if the token audience does not match one of the configured values. Each audience may be at most 256 characters. A maximum of 10 audiences may be configured. If this list is empty, the OIDC token audience must be equal to the full canonical resource name of the WorkloadIdentityPoolProvider, with or without the HTTPS prefix. For example:

//iam.googleapis.com/projects//locations//workloadIdentityPools//providers/
https://iam.googleapis.com/projects//locations//workloadIdentityPools//providers/

Declaration

[JsonProperty("allowedAudiences")]
public virtual IList<string> AllowedAudiences { get; set; }

Property Value

Type	Description
IList<string>

ETag

The ETag of the item.

Declaration

public virtual string ETag { get; set; }

Property Value

Type	Description
string

IssuerUri

Required. The OIDC issuer URL. Must be an HTTPS endpoint. Per OpenID Connect Discovery 1.0 spec, the OIDC issuer URL is used to locate the provider's public keys (via jwks_uri) for verifying tokens like the OIDC ID token. These public key types must be 'EC' or 'RSA'.

Declaration

[JsonProperty("issuerUri")]
public virtual string IssuerUri { get; set; }

Property Value

Type	Description
string

JwksJson

Optional. OIDC JWKs in JSON String format. For details on the definition of a JWK, see https://tools.ietf.org/html/rfc7517. If not set, the jwks_uri from the discovery document(fetched from the .well-known path of the issuer_uri) will be used. Currently, RSA and EC asymmetric keys are supported. The JWK must use following format and include only the following fields: { "keys": [ { "kty": "RSA/EC", "alg": "", "use": "sig", "kid": "", "n": "", "e": "", "x": "", "y": "", "crv": "" } ] }

Declaration

[JsonProperty("jwksJson")]
public virtual string JwksJson { get; set; }

Property Value

Type	Description
string

Implements

IDirectResponseSchema