Class Auth
This message defines request authentication attributes. Terminology is based on the JSON Web Token (JWT) standard, but the terms also correlate to concepts in other standards.
Implements
Inherited Members
Namespace: Google.Apis.ServiceControl.v1.Data
Assembly: Google.Apis.ServiceControl.v1.dll
Syntax
public class Auth : IDirectResponseSchema
Properties
AccessLevels
A list of access level resource names that allow resources to be accessed by authenticated requester. It is part of Secure GCP processing for the incoming request. An access level string has the format: "//{api_service_name}/accessPolicies/{policy_id}/accessLevels/{short_name}" Example: "//accesscontextmanager.googleapis.com/accessPolicies/MY_POLICY_ID/accessLevels/MY_LEVEL"
Declaration
[JsonProperty("accessLevels")]
public virtual IList<string> AccessLevels { get; set; }
Property Value
Type | Description |
---|---|
IList<string> |
Audiences
The intended audience(s) for this authentication information. Reflects the audience (aud
) claim within a
JWT. The audience value(s) depends on the issuer
, but typically include one or more of the following
pieces of information: * The services intended to receive the credential. For example,
["https://pubsub.googleapis.com/", "https://storage.googleapis.com/"]. * A set of service-based scopes. For
example, ["https://www.googleapis.com/auth/cloud-platform"]. * The client id of an app, such as the Firebase
project id for JWTs from Firebase Auth. Consult the documentation for the credential issuer to determine the
information provided.
Declaration
[JsonProperty("audiences")]
public virtual IList<string> Audiences { get; set; }
Property Value
Type | Description |
---|---|
IList<string> |
Claims
Structured claims presented with the credential. JWTs include {key: value}
pairs for standard and private
claims. The following is a subset of the standard required and optional claims that would typically be
presented for a Google-based JWT: {'iss': 'accounts.google.com', 'sub': '113289723416554971153', 'aud':
['123456789012', 'pubsub.googleapis.com'], 'azp': '123456789012.apps.googleusercontent.com', 'email':
'jsmith@example.com', 'iat': 1353601026, 'exp': 1353604926} SAML assertions are similarly specified, but
with an identity provider dependent structure.
Declaration
[JsonProperty("claims")]
public virtual IDictionary<string, object> Claims { get; set; }
Property Value
Type | Description |
---|---|
IDictionary<string, object> |
CredentialId
Identifies the client credential id used for authentication. credential_id is in the format of AUTH_METHOD:IDENTIFIER, e.g. "serviceaccount:XXXXX, apikey:XXXXX" where the format of the IDENTIFIER can vary for different AUTH_METHODs.
Declaration
[JsonProperty("credentialId")]
public virtual string CredentialId { get; set; }
Property Value
Type | Description |
---|---|
string |
ETag
The ETag of the item.
Declaration
public virtual string ETag { get; set; }
Property Value
Type | Description |
---|---|
string |
Presenter
The authorized presenter of the credential. Reflects the optional Authorized Presenter (azp
) claim within
a JWT or the OAuth client id. For example, a Google Cloud Platform client id looks as follows:
"123456789012.apps.googleusercontent.com".
Declaration
[JsonProperty("presenter")]
public virtual string Presenter { get; set; }
Property Value
Type | Description |
---|---|
string |
Principal
The authenticated principal. Reflects the issuer (iss
) and subject (sub
) claims within a JWT. The issuer
and subject should be /
delimited, with /
percent-encoded within the subject fragment. For Google
accounts, the principal format is: "https://accounts.google.com/{id}"
Declaration
[JsonProperty("principal")]
public virtual string Principal { get; set; }
Property Value
Type | Description |
---|---|
string |