Google Cloud Eventarc V1 Client - Class OidcToken (2.1.3)

Reference documentation and code samples for the Google Cloud Eventarc V1 Client class OidcToken.

Represents a config used to authenticate with a Google OIDC token using a GCP service account. Use this authentication method to invoke your Cloud Run and Cloud Functions destinations or HTTP endpoints that support Google OIDC.

Generated from protobuf message google.cloud.eventarc.v1.Pipeline.Destination.AuthenticationConfig.OidcToken

Namespace

Google \ Cloud \ Eventarc \ V1 \ Pipeline \ Destination \ AuthenticationConfig

Methods

__construct

Constructor.

Parameters
Name Description
data array

Optional. Data for populating the Message object.

↳ service_account string

Required. Service account email used to generate the OIDC Token. The principal who calls this API must have iam.serviceAccounts.actAs permission in the service account. See https://cloud.google.com/iam/docs/understanding-service-accounts?hl=en#sa_common for more information. Eventarc service agents must have roles/roles/iam.serviceAccountTokenCreator role to allow the Pipeline to create OpenID tokens for authenticated requests.

↳ audience string

Optional. Audience to be used to generate the OIDC Token. The audience claim identifies the recipient that the JWT is intended for. If unspecified, the destination URI will be used.

getServiceAccount

Required. Service account email used to generate the OIDC Token.

The principal who calls this API must have iam.serviceAccounts.actAs permission in the service account. See https://cloud.google.com/iam/docs/understanding-service-accounts?hl=en#sa_common for more information. Eventarc service agents must have roles/roles/iam.serviceAccountTokenCreator role to allow the Pipeline to create OpenID tokens for authenticated requests.

Returns
Type Description
string

setServiceAccount

Required. Service account email used to generate the OIDC Token.

The principal who calls this API must have iam.serviceAccounts.actAs permission in the service account. See https://cloud.google.com/iam/docs/understanding-service-accounts?hl=en#sa_common for more information. Eventarc service agents must have roles/roles/iam.serviceAccountTokenCreator role to allow the Pipeline to create OpenID tokens for authenticated requests.

Parameter
Name Description
var string
Returns
Type Description
$this

getAudience

Optional. Audience to be used to generate the OIDC Token. The audience claim identifies the recipient that the JWT is intended for.

If unspecified, the destination URI will be used.

Returns
Type Description
string

setAudience

Optional. Audience to be used to generate the OIDC Token. The audience claim identifies the recipient that the JWT is intended for.

If unspecified, the destination URI will be used.

Parameter
Name Description
var string
Returns
Type Description
$this