JWT Identity
Tetrate Service Express (TSE) utilizes many of the same components as the Tetrate Service Bridge(TSB) product but has the several distinctions. Go to Comparing TSE and TSB for more details.
JwtIdentity represents an JWT identity of a workload.
E.g.,
-
JWT identity of a workload:
issuer: https://mycompany.corp
subject: us-east-datacenter1-vm007
attributes:
region: us-east
datacenter: datacenter1
instance_name: vm007
instance_hostname: vm007.internal.corp
instance_role: app-ratings
JwtIdentity
JwtIdentity represents an JWT identity of a workload.
Field | Description | Validation Rule |
---|---|---|
issuer | string The value must be a case sensitive URL using the https scheme that contains scheme, host, and optionally, port number and path components and no query or fragment components. E.g., See https://openid.net/specs/openid-connect-core-1_0.html#IDToken | string = { |
subject | string A locally unique identifier within the Issuer. Preferably, the value should consist of lower case alphanumeric characters and '-', should start and end with an alphanumeric character. Otherwise, if the value includes ASCII characters other than lower case alphanumeric characters and '-', it will be encoded in a special way and will appear in that encoded form in metrics, in diagnostics, on UI. It might become non-trivial to infer the original workload identifier from the encoded form. The value that includes non-ASCII characters is not valid. E.g., See https://openid.net/specs/openid-connect-core-1_0.html#IDToken | string = { |
attributes | map<string, string> The value is a map with free-form keys and values. E.g.,
| map = { |