Class AuthProvider
Configuration for an authentication provider, including support for JSON Web Token (JWT).
Implements
Inherited Members
Namespace: Google.Apis.ServiceManagement.v1.Data
Assembly: Google.Apis.ServiceManagement.v1.dll
Syntax
public class AuthProvider : IDirectResponseSchemaProperties
Audiences
The list of JWT audiences. that are allowed to access. A JWT containing any of these audiences will be accepted. When this setting is absent, JWTs with audiences: - "https://[service.name]/[google.protobuf.Api.name]" - "https://[service.name]/" will be accepted. For example, if no audiences are in the setting, LibraryService API will accept JWTs with the following audiences: - https://library-example.googleapis.com/google.example.library.v1.LibraryService - https://library-example.googleapis.com/ Example: audiences: bookstore_android.apps.googleusercontent.com, bookstore_web.apps.googleusercontent.com
Declaration
[JsonProperty("audiences")]
public virtual string Audiences { get; set; }Property Value
| Type | Description |
|---|---|
| string |
AuthorizationUrl
Redirect URL if JWT token is required but not present or is expired. Implement authorizationUrl of securityDefinitions in OpenAPI spec.
Declaration
[JsonProperty("authorizationUrl")]
public virtual string AuthorizationUrl { get; set; }Property Value
| Type | Description |
|---|---|
| string |
ETag
The ETag of the item.
Declaration
public virtual string ETag { get; set; }Property Value
| Type | Description |
|---|---|
| string |
Id
The unique identifier of the auth provider. It will be referred to by AuthRequirement.provider_id.
Example: "bookstore_auth".
Declaration
[JsonProperty("id")]
public virtual string Id { get; set; }Property Value
| Type | Description |
|---|---|
| string |
Issuer
Identifies the principal that issued the JWT. See https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 Usually a URL or an email address. Example: https://securetoken.google.com Example: 1234567-compute@developer.gserviceaccount.com
Declaration
[JsonProperty("issuer")]
public virtual string Issuer { get; set; }Property Value
| Type | Description |
|---|---|
| string |
JwksUri
URL of the provider's public key set to validate signature of the JWT. See OpenID Discovery. Optional if the key set document: - can be retrieved from OpenID Discovery of the issuer. - can be inferred from the email domain of the issuer (e.g. a Google service account). Example: https://www.googleapis.com/oauth2/v1/certs
Declaration
[JsonProperty("jwksUri")]
public virtual string JwksUri { get; set; }Property Value
| Type | Description |
|---|---|
| string |
JwtLocations
Defines the locations to extract the JWT. For now it is only used by the Cloud Endpoints to store the OpenAPI extension [x-google-jwt-locations] (https://cloud.google.com/endpoints/docs/openapi/openapi-extensions#x-google-jwt-locations) JWT locations can be one of HTTP headers, URL query parameters or cookies. The rule is that the first match wins. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations: - header: Authorization value_prefix: "Bearer " - header: x-goog-iap-jwt-assertion - query: access_token
Declaration
[JsonProperty("jwtLocations")]
public virtual IList<JwtLocation> JwtLocations { get; set; }Property Value
| Type | Description |
|---|---|
| IList<JwtLocation> |