Class Oidc
Represents an OpenId Connect 1.0 identity provider.
Implements
Inherited Members
Namespace: Google.Apis.Iam.v1.Data
Assembly: Google.Apis.Iam.v1.dll
Syntax
public class Oidc : IDirectResponseSchemaProperties
AllowedAudiences
Acceptable values for the aud field (audience) in the OIDC token. Token exchange requests are rejected if
the token audience does not match one of the configured values. Each audience may be at most 256 characters.
A maximum of 10 audiences may be configured. If this list is empty, the OIDC token audience must be equal to
the full canonical resource name of the WorkloadIdentityPoolProvider, with or without the HTTPS prefix. For
example:
//iam.googleapis.com/projects//locations//workloadIdentityPools//providers/
https://iam.googleapis.com/projects//locations//workloadIdentityPools//providers/
Declaration
[JsonProperty("allowedAudiences")]
public virtual IList<string> AllowedAudiences { get; set; }Property Value
| Type | Description |
|---|---|
| IList<string> |
ETag
The ETag of the item.
Declaration
public virtual string ETag { get; set; }Property Value
| Type | Description |
|---|---|
| string |
IssuerUri
Required. The OIDC issuer URL. Must be an HTTPS endpoint.
Declaration
[JsonProperty("issuerUri")]
public virtual string IssuerUri { get; set; }Property Value
| Type | Description |
|---|---|
| string |
JwksJson
Optional. OIDC JWKs in JSON String format. For details on the definition of a JWK, see
https://tools.ietf.org/html/rfc7517. If not set, the jwks_uri from the discovery document(fetched from the
.well-known path of the issuer_uri) will be used. Currently, RSA and EC asymmetric keys are supported. The
JWK must use following format and include only the following fields: { "keys": [ { "kty": "RSA/EC", "alg":
"", "use": "sig", "kid": "", "n": "", "e": "", "x": "", "y": "", "crv": "" } ] }
Declaration
[JsonProperty("jwksJson")]
public virtual string JwksJson { get; set; }Property Value
| Type | Description |
|---|---|
| string |