public interface AuthorityOrBuilder extends MessageOrBuilderImplements
MessageOrBuilderMethods
getIdentityProvider()
public abstract String getIdentityProvider() Output only. An identity provider that reflects the issuer in the
workload identity pool.
string identity_provider = 3;
| Returns | |
|---|---|
| Type | Description |
String |
The identityProvider. |
getIdentityProviderBytes()
public abstract ByteString getIdentityProviderBytes() Output only. An identity provider that reflects the issuer in the
workload identity pool.
string identity_provider = 3;
| Returns | |
|---|---|
| Type | Description |
ByteString |
The bytes for identityProvider. |
getIssuer()
public abstract String getIssuer() Optional. A JSON Web Token (JWT) issuer URI. issuer must start with
https:// and be a valid URL with length <2000 characters.
If set, then Google will allow valid OIDC tokens from this issuer to
authenticate within the workload_identity_pool. OIDC discovery will be
performed on this URI to validate tokens from the issuer.
Clearing issuer disables Workload Identity. issuer cannot be directly
modified; it must be cleared (and Workload Identity disabled) before using
a new issuer (and re-enabling Workload Identity).
string issuer = 1;
| Returns | |
|---|---|
| Type | Description |
String |
The issuer. |
getIssuerBytes()
public abstract ByteString getIssuerBytes() Optional. A JSON Web Token (JWT) issuer URI. issuer must start with
https:// and be a valid URL with length <2000 characters.
If set, then Google will allow valid OIDC tokens from this issuer to
authenticate within the workload_identity_pool. OIDC discovery will be
performed on this URI to validate tokens from the issuer.
Clearing issuer disables Workload Identity. issuer cannot be directly
modified; it must be cleared (and Workload Identity disabled) before using
a new issuer (and re-enabling Workload Identity).
string issuer = 1;
| Returns | |
|---|---|
| Type | Description |
ByteString |
The bytes for issuer. |
getOidcJwks()
public abstract ByteString getOidcJwks() Optional. OIDC verification keys for this Membership in JWKS format (RFC
7517).
When this field is set, OIDC discovery will NOT be performed on issuer,
and instead OIDC tokens will be validated using this field.
bytes oidc_jwks = 4;
| Returns | |
|---|---|
| Type | Description |
ByteString |
The oidcJwks. |
getWorkloadIdentityPool()
public abstract String getWorkloadIdentityPool() Output only. The name of the workload identity pool in which issuer will
be recognized.
There is a single Workload Identity Pool per Hub that is shared
between all Memberships that belong to that Hub. For a Hub hosted in
{PROJECT_ID}, the workload pool format is {PROJECT_ID}.hub.id.goog,
although this is subject to change in newer versions of this API.
string workload_identity_pool = 2;
| Returns | |
|---|---|
| Type | Description |
String |
The workloadIdentityPool. |
getWorkloadIdentityPoolBytes()
public abstract ByteString getWorkloadIdentityPoolBytes() Output only. The name of the workload identity pool in which issuer will
be recognized.
There is a single Workload Identity Pool per Hub that is shared
between all Memberships that belong to that Hub. For a Hub hosted in
{PROJECT_ID}, the workload pool format is {PROJECT_ID}.hub.id.goog,
although this is subject to change in newer versions of this API.
string workload_identity_pool = 2;
| Returns | |
|---|---|
| Type | Description |
ByteString |
The bytes for workloadIdentityPool. |