Oidc-Access-Token

This contains APIs related to OIDC Access Token generation as defined in Harness

Generate an OIDC IAM Role Credential for AWS

Securityx-api-key

Request

Request Body schema:
application/json
required

Details of AWS WebIdentity credential

oidcIdToken	string The OIDC ID Token
iamRoleArn required	string IAM Role ARN
	object (AwsSdkRetryPolicySpec) Retry policy for aws sdk calls
	object (AwsOidcTokenRequest) This contains AWS OIDC Token request details

Responses

400

Bad Request

404

Not Found

500

Internal server error

default

Generate an OIDC IAM Role Credential for AWS

post/ng/api/oidc/access-token/aws/webidentity-session-access

Request samples

Payload
curl
Java
Go

{"oidcIdToken": "string",
"iamRoleArn": "string",
"retryPolicy": {"backOffStrategyType": "string",
"backOffStrategy": { }
},
"awsOidcTokenRequestDto": {"accountId": "string",
"oidcIdTokenCustomAttributesStructure": {"account_id": "string",
"organization_id": "string",
"project_id": "string",
"pipeline_id": "string",
"environment_id": "string",
"environment_type": "string",
"connector_id": "string",
"connector_name": "string",
"service_id": "string",
"service_name": "string",
"triggered_by_name": "string",
"trigger_by_email": "string",
"stage_type": "string",
"step_type": "string",
"context": "string"
}
}
}

Response samples

400
404
500
default

{"status": "SUCCESS",
"code": "DEFAULT_ERROR_CODE",
"message": "string",
"correlationId": "string",
"errors": [{"fieldId": "string",
"error": "string"
}
]
}

Generates an OIDC Service Account Access Token for GCP

Securityx-api-key

Request

Request Body schema:
application/json
required

Details of GCP Workload Identity

oidcIdToken required	string The OIDC ID Token
required	object (GcpOidcTokenRequest) This contains GCP OIDC Token request details

Responses

400

Bad Request

404

Not Found

500

Internal server error

default

Returns OIDC Service Account Access Token response

post/ng/api/oidc/access-token/gcp/service-account-access

Request samples

Payload
curl
Java
Go

{"oidcIdToken": "string",
"gcpOidcTokenRequestDTO": {"accountId": "string",
"workloadPoolId": "string",
"providerId": "string",
"gcpProjectId": "string",
"serviceAccountEmail": "string",
"oidcIdTokenCustomAttributesStructure": {"account_id": "string",
"organization_id": "string",
"project_id": "string",
"pipeline_id": "string",
"environment_id": "string",
"environment_type": "string",
"connector_id": "string",
"connector_name": "string",
"service_id": "string",
"service_name": "string",
"triggered_by_name": "string",
"trigger_by_email": "string",
"stage_type": "string",
"step_type": "string",
"context": "string"
}
}
}

Response samples

400
404
500
default

{"status": "SUCCESS",
"code": "DEFAULT_ERROR_CODE",
"message": "string",
"correlationId": "string",
"errors": [{"fieldId": "string",
"error": "string"
}
]
}

Generates an OIDC Workload Access Token for GCP

Securityx-api-key

Request

Request Body schema:
application/json
required

Details of GCP Workload Identity

oidcIdToken required	string The OIDC ID Token
required	object (GcpOidcTokenRequest) This contains GCP OIDC Token request details

Responses

400

Bad Request

404

Not Found

500

Internal server error

default

Returns OIDC Workload Access Token response

post/ng/api/oidc/access-token/gcp/workload-access

Request samples

Payload
curl
Java
Go

{"oidcIdToken": "string",
"gcpOidcTokenRequestDTO": {"accountId": "string",
"workloadPoolId": "string",
"providerId": "string",
"gcpProjectId": "string",
"serviceAccountEmail": "string",
"oidcIdTokenCustomAttributesStructure": {"account_id": "string",
"organization_id": "string",
"project_id": "string",
"pipeline_id": "string",
"environment_id": "string",
"environment_type": "string",
"connector_id": "string",
"connector_name": "string",
"service_id": "string",
"service_name": "string",
"triggered_by_name": "string",
"trigger_by_email": "string",
"stage_type": "string",
"step_type": "string",
"context": "string"
}
}
}

Response samples

400
404
500
default

{"status": "SUCCESS",
"code": "DEFAULT_ERROR_CODE",
"message": "string",
"correlationId": "string",
"errors": [{"fieldId": "string",
"error": "string"
}
]
}

Oidc-Access-Token

Generate an OIDC IAM Role Credential for AWS

Request Body schema: application/jsonapplication/yamlapplication/jsonrequired

Generates an OIDC Service Account Access Token for GCP

Request Body schema: application/jsonapplication/yamlapplication/jsonrequired

Generates an OIDC Workload Access Token for GCP

Request Body schema: application/jsonapplication/yamlapplication/jsonrequired

Request Body schema:
application/json
required

Request Body schema:
application/json
required

Request Body schema:
application/json
required