OidcToken

Contains information needed for generating an OpenID Connect token. This type of authorization can be used for many scenarios, including calling Cloud Run, or endpoints where you intend to validate the token yourself.

JSON representation
{
  "serviceAccountEmail": string,
  "audience": string
}
Fields
serviceAccountEmail

string

Service account email to be used for generating OIDC token. The service account must be within the same project as the queue. The caller must have iam.serviceAccounts.actAs permission for the service account.

audience

string

Audience to be used when generating OIDC token. If not specified, the URI specified in target will be used.