Verify a VM is confidential with identity tokens

Before sending sensitive information to a Confidential VM instance, your applications can request the VM's unique identity token from a metadata server. The identity token includes details about an instance such as the instance ID, creation time, license codes for the instance's images, and whether the VM is a Confidential VM instance.

If the instance_confidentiality claim in the token has a value of 1, then the VM is a Confidential VM instance.

To learn how to obtain and decode the identity token of a VM, see Verifying the identity of an instance.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2024-04-24 UTC.