Description: Creates a new OIDC configuration.
Since: Artifactory Cloud 7.73.1, Artifactory Self Hosted 7.77.3.
Security: Requires a valid admin token
Usage:POST /access/api/v1/oidc {JSON with OIDC Configuration}
Produces: application/json
Header parameter: Authorization: Bearer. For more information about creating tokens, see Create Token.
Parameters:
The JSON record contains the following fields:
Name | Type | Description | Required |
|---|---|---|---|
audience | string | An informational field that you can use to include details of the audience that uses the OIDC configuration. | Optional |
description | string | A meaningful description of the OIDC configuration | Optional |
issuer_url | string (URL) | OIDC issuer URL. For GitHub actions, the URL is | Mandatory |
name | string | Name of the OIDC provider. | Mandatory |
provider_type | string | The provider type, such as | Optional |
token_issuer | string | The token issuer for the case when the OIDC provider URL is not the same as the token issuer. | Optional |
use_default_proxy | Boolean | Enable support for configuring the JFrog Access microservice to operate through a forward proxy and integrate with open ID integration | Optional |
azure_app_id | string | If the application has custom signing keys as a result of using the claims-mapping feature, you must provide the Azure App ID. See the Azure documentation to learn more. (only relevant for Azure provider type) | Optional |
organization | string | The name of your GitHub organization. (Only relevant for GitHub provider type, Starting from Artifactory version 7.110.1) | Mandatory, unless ' |
enable_permissive_configuration | Boolean | Allows authentication without organization restrictions. For security best practices, it is recommended to add restrictions to limit access and enforce stricter controls. (Only relevant for GitHub provider type, Starting from Artifactory version 7.110.1) | Mandatory |
Sample Usage
Create OIDC Configuration with GitHub
curl -X POST -H "Content-type: application/json" \
-H "Authorization: Bearer cOENUdUxv" \
https://example.jfrog.io/access/api/v1/oidc/ -d \
'{
"name": "github-oidc",
"issuer_url": "https://token.actions.githubusercontent.com/",
"projectKey": "project-0738A19",
"audience": "jfrog-github",
"description" : "Resolving",
"provider_type" : "GitHub",
"organization": "jfrog",
"enable_permissive_configuration" : false
}'
Create OIDC configuration with Azure
curl -X POST -H "Content-type: application/json" \
-H "Authorization: Bearer cOENUdUxv" \
https://example.jfrog.io/access/api/v1/oidc/ -d \
'{
"name": "azure-oidc",
"issuer_url": "<issuer_url, usually ends with '/'>",
"audience": "jfrog-azure",
"description": "Resolving",
"provider_type": "Azure",
"token_issuer": "<token_issuer>",
"use_default_proxy": false
}'Create a generic OIDC configuration:
curl -X POST -H "Content-type: application/json" \
-H "Authorization: Bearer cOENUdUxv" \
https://example.jfrog.io/access/api/v1/oidc/ -d \
'{
"name": "integration name",
"issuer_url": "<issuer_url, usually ends with '/'>",
"audience": "jfrog-oidc",
"description": "Resolving",
"provider_type": "Generic OpenID Connect",
"token_issuer": "<token_issuer>",
"use_default_proxy": false
}'