Harness

Oidc-Access-Token

This contains APIs related to OIDC Access Token generation as defined in Harness

Generate an OIDC IAM Role Credential for AWS

Securityx-api-key
Request
Request Body schema:
required

Details of AWS WebIdentity credential

oidcIdToken
string

The OIDC ID Token

iamRoleArn
required
string

IAM Role ARN

object (AwsSdkRetryPolicySpec)

Retry policy for aws sdk calls

object (AwsOidcTokenRequest)

This contains AWS OIDC Token request details

Responses
400

Bad Request

404

Not Found

500

Internal server error

default

Generate an OIDC IAM Role Credential for AWS

post/ng/api/oidc/access-token/aws/webidentity-session-access
Request samples
{
  • "oidcIdToken": "string",
  • "iamRoleArn": "string",
  • "retryPolicy": {
    },
  • "awsOidcTokenRequestDto": {
    }
}
Response samples
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}

Generates an OIDC Service Account Access Token for GCP

Securityx-api-key
Request
Request Body schema:
required

Details of GCP Workload Identity

oidcIdToken
required
string

The OIDC ID Token

required
object (GcpOidcTokenRequest)

This contains GCP OIDC Token request details

Responses
400

Bad Request

404

Not Found

500

Internal server error

default

Returns OIDC Service Account Access Token response

post/ng/api/oidc/access-token/gcp/service-account-access
Request samples
{
  • "oidcIdToken": "string",
  • "gcpOidcTokenRequestDTO": {
    }
}
Response samples
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}

Exchanges an OIDC token for Azure credentials

Securityx-api-key
Request
Request Body schema:
required

Azure token exchange request

oidcToken
string
tenantId
required
string
clientId
required
string
resource
string
required
object (AzureOidcTokenRequestDTO)
retryPolicy
string
Responses
400

Bad Request

404

Not Found

500

Internal server error

default

Returns Azure credentials

post/ng/api/oidc/access-token/azure
Request samples
{
  • "oidcToken": "string",
  • "tenantId": "string",
  • "clientId": "string",
  • "resource": "string",
  • "azureOidcTokenRequestDTO": {
    },
  • "retryPolicy": "string"
}
Response samples
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}

Generates an OIDC Workload Access Token for GCP

Securityx-api-key
Request
Request Body schema:
required

Details of GCP Workload Identity

oidcIdToken
required
string

The OIDC ID Token

required
object (GcpOidcTokenRequest)

This contains GCP OIDC Token request details

Responses
400

Bad Request

404

Not Found

500

Internal server error

default

Returns OIDC Workload Access Token response

post/ng/api/oidc/access-token/gcp/workload-access
Request samples
{
  • "oidcIdToken": "string",
  • "gcpOidcTokenRequestDTO": {
    }
}
Response samples
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
➔ Next to Oidc-ID-Token