Create OIDC Configuration

JFrog REST APIs

Content Type
REST API
ft:sourceType
Paligo

Description: Creates a new OIDC configuration.

Since: Artifactory Cloud 7.73.1, Artifactory Self Hosted 7.77.3. The project_key was added in Artifactory Cloud 7.94.

Security: Requires a valid admin token

Usage: POST /access/api/v1/oidc {JSON with OIDC Configuration}

Produces: application/json

Header parameter: Authorization: Bearer. For more information about creating tokens, see Create Token.

Parameters:

The JSON record contains the following fields:

Name

Type

Description

Required

audience

string

Informational field that you can use to include details of the audience that uses the OIDC configuration.

Optional

description

string

A meaningful description of the OIDC configuration

Optional

issuer_url

string (URL)

OIDC issuer URL. For GitHub actions, the URL is https://token.actions.githubusercontent.com/.

Mandatory

name

string

Name of the OIDC provider.

Mandatory

project_key

string

If set, this Identity Mapping will be available in the scope of the given project (editable by platform admin and project admin). If not set, this Identity Mapping will be global and only editable by platform admin. Once set, the projectKey cannot be changed.

Optional

provider_type

string

The provider type, such as Github, Azure, or Generic OpenID Connect.

Optional

token_issuer

string

The token issuer for the case when the OIDC provider URL is not the same as the token issuer.

Optional

Sample Usage

curl -X POST -H "Content-type: application/json" \
     -H "Authorization: Bearer cOENUdUxv" \ 
     https://example.jfrog.io/access/api/v1/oidc/ -d \
'{
    "name": "github-oidc",
    "issuer_url": "https://token.actions.githubusercontent.com/",
    "projectKey": "project-0738A19"  
    "audience": "jfrog-github"
    "description" : "Resolving",
    "provider_type" : "GitHub",
    "token_issuer" : "test"
}'