JWT Identity
JwtIdentity represents an JWT identity of a workload.
E.g.,
-
JWT identity of a workload:
issuer: https://mycompany.corp
subject: us-east-datacenter1-vm007
attributes:
region: us-east
datacenter: datacenter1
instance_name: vm007
instance_hostname: vm007.internal.corp
instance_role: app-ratings
JwtIdentity
JwtIdentity represents an JWT identity of a workload.
Field | Description | Validation Rule |
---|---|---|
issuer | string The value must be a case sensitive URL using the https scheme that contains scheme, host, and optionally, port number and path components and no query or fragment components. E.g., See https://openid.net/specs/openid-connect-core-1_0.html#IDToken | string = { |
subject | string A locally unique identifier within the Issuer. Preferably, the value should consist of lower case alphanumeric characters and '-', should start and end with an alphanumeric character. Otherwise, if the value includes ASCII characters other than lower case alphanumeric characters and '-', it will be encoded in a special way and will appear in that encoded form in metrics, in diagnostics, on UI. It might become non-trivial to infer the original workload identifier from the encoded form. The value that includes non-ASCII characters is not valid. E.g., See https://openid.net/specs/openid-connect-core-1_0.html#IDToken | string = { |
attributes | map<string, string> The value is a map with free-form keys and values. E.g.,
| map = { |