AuthConfig

JSON representation
UserPassword
- JSON representation
Oauth2JwtBearer
- JSON representation
JwtClaims
- JSON representation
Oauth2ClientCredentials
- JSON representation
SshPublicKey
- JSON representation
Oauth2AuthCodeFlow
- JSON representation

AuthConfig defines details of a authentication type.

JSON representation

JSON representation
{ "authType": enum (`AuthType`), "additionalVariables": [ { object (`ConfigVariable`) } ], "authKey": string, // Union field `type` can be only one of the following: "userPassword": { object (`UserPassword`) }, "oauth2JwtBearer": { object (`Oauth2JwtBearer`) }, "oauth2ClientCredentials": { object (`Oauth2ClientCredentials`) }, "sshPublicKey": { object (`SshPublicKey`) }, "oauth2AuthCodeFlow": { object (`Oauth2AuthCodeFlow`) } // End of list of possible types for union field `type`. }

{
  "authType": enum (AuthType),
  "additionalVariables": [
    {
      object (ConfigVariable)
    }
  ],
  "authKey": string,

  // Union field type can be only one of the following:
  "userPassword": {
    object (UserPassword)
  },
  "oauth2JwtBearer": {
    object (Oauth2JwtBearer)
  },
  "oauth2ClientCredentials": {
    object (Oauth2ClientCredentials)
  },
  "sshPublicKey": {
    object (SshPublicKey)
  },
  "oauth2AuthCodeFlow": {
    object (Oauth2AuthCodeFlow)
  }
  // End of list of possible types for union field type.
}

Fields
`authType`	`enum (AuthType)` The type of authentication configured.
`additionalVariables[]`	`object (ConfigVariable)` List containing additional auth configs.
`authKey`	`string` Identifier key for auth config
Union field `type`. Supported auth types. `type` can be only one of the following:
`userPassword`	`object (UserPassword)` UserPassword.
`oauth2JwtBearer`	`object (Oauth2JwtBearer)` Oauth2JwtBearer.
`oauth2ClientCredentials`	`object (Oauth2ClientCredentials)` Oauth2ClientCredentials.
`sshPublicKey`	`object (SshPublicKey)` SSH Public Key.
`oauth2AuthCodeFlow`	`object (Oauth2AuthCodeFlow)` Oauth2AuthCodeFlow.

UserPassword

Parameters to support Username and Password Authentication.

JSON representation
{ "username": string, "password": { object (`Secret`) } }

Fields

Fields
`username`	`string` Username.
`password`	`object (Secret)` Secret version reference containing the password.

username

string

Username.

password

object (Secret)

Secret version reference containing the password.

Oauth2JwtBearer

Parameters to support JSON Web Token (JWT) Profile for Oauth 2.0 Authorization Grant based authentication. See https://tools.ietf.org/html/rfc7523 for more details.

JSON representation
{ "clientKey": { object (`Secret`) }, "jwtClaims": { object (`JwtClaims`) } }

Fields

Fields
`clientKey`	`object (Secret)` Secret version reference containing a PKCS#8 PEM-encoded private key associated with the Client Certificate. This private key will be used to sign JWTs used for the jwt-bearer authorization grant. Specified in the form as: `projects//secrets//versions/*`.
`jwtClaims`	`object (JwtClaims)` JwtClaims providers fields to generate the token.

clientKey

object (Secret)

Secret version reference containing a PKCS#8 PEM-encoded private key associated with the Client Certificate. This private key will be used to sign JWTs used for the jwt-bearer authorization grant. Specified in the form as: projects/*/secrets/*/versions/*.

jwtClaims

object (JwtClaims)

JwtClaims providers fields to generate the token.

JwtClaims

JWT claims used for the jwt-bearer authorization grant.

JSON representation
{ "issuer": string, "subject": string, "audience": string }

Fields

Fields
`issuer`	`string` Value for the "iss" claim.
`subject`	`string` Value for the "sub" claim.
`audience`	`string` Value for the "aud" claim.

issuer

string

Value for the "iss" claim.

subject

string

Value for the "sub" claim.

audience

string

Value for the "aud" claim.

Oauth2ClientCredentials

Parameters to support Oauth 2.0 Client Credentials Grant Authentication. See https://tools.ietf.org/html/rfc6749#section-1.3.4 for more details.

JSON representation
{ "clientId": string, "clientSecret": { object (`Secret`) } }

Fields

Fields
`clientId`	`string` The client identifier.
`clientSecret`	`object (Secret)` Secret version reference containing the client secret.

clientId

string

The client identifier.

clientSecret

object (Secret)

Secret version reference containing the client secret.

SshPublicKey

Parameters to support Ssh public key Authentication.

JSON representation
{ "username": string, "sshClientCert": { object (`Secret`) }, "certType": string, "sshClientCertPass": { object (`Secret`) } }

Fields
`username`	`string` The user account used to authenticate.
`sshClientCert`	`object (Secret)` SSH Client Cert. It should contain both public and private key.
`certType`	`string` Format of SSH Client cert.
`sshClientCertPass`	`object (Secret)` Password (passphrase) for ssh client certificate if it has one.

Oauth2AuthCodeFlow

Parameters to support Oauth 2.0 Auth Code Grant Authentication. See https://www.rfc-editor.org/rfc/rfc6749#section-1.3.1 for more details.

JSON representation
{ "authCode": string, "pkceVerifier": string, "redirectUri": string, "clientId": string, "clientSecret": { object (`Secret`) }, "scopes": [ string ], "enablePkce": boolean, "authUri": string }

Fields
`authCode`	`string` Authorization code to be exchanged for access and refresh tokens.
`pkceVerifier`	`string` PKCE verifier to be used during the auth code exchange.
`redirectUri`	`string` Redirect URI to be provided during the auth code exchange.
`clientId`	`string` Client ID for user-provided OAuth app.
`clientSecret`	`object (Secret)` Client secret for user-provided OAuth app.
`scopes[]`	`string` Scopes the connection will request when the user performs the auth code flow.
`enablePkce`	`boolean` Whether to enable PKCE when the user performs the auth code flow.
`authUri`	`string` Auth URL for Authorization Code Flow