- HTTP request
- Path parameters
- Request body
- Response body
- Authorization scopes
- IAM Permissions
- SoarJwtType
Full name: projects.locations.instances.generateSoarAuthJwt
GenerateSoarAuthJwt signs a jwt in order to proceed with jwt exchange based authenticate with soar. This API also signs a jwt containing the details of the user assigned scopes.
HTTP request
POST https://chronicle.googleapis.com/v1alpha/{name}:generateSoarAuthJwt
Path parameters
| Parameters | |
|---|---|
name |
Required. The name of the chronicle instance to retrieve a report for. Format: projects/{project_id}/locations/{location}/instances/{instance} |
Request body
The request body contains data with the following structure:
| JSON representation |
|---|
{
"soar_jwt_type": enum ( |
| Fields | |
|---|---|
soar_jwt_type |
Optional. The type of jwt to generate. If not provided, the default value of soar_jwt_type is USER_CLAIMS_JWT. |
Response body
Response with a signed jwt.
If successful, the response body contains data with the following structure:
| JSON representation |
|---|
{ "signed_jwt": string } |
| Fields | |
|---|---|
signed_jwt |
The signed jwt, that can be used to procced with jwt exchange based authentication protocol with Chronicle SOAR. |
Authorization scopes
Requires the following OAuth scope:
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.
IAM Permissions
Requires the following IAM permission on the name resource:
chronicle.instances.generateSoarAuthJwt
For more information, see the IAM documentation.
SoarJwtType
The type of jwt to generate. When set to USER_CLAIMS_AND_SCOPES_JWT, the jwt will contain the user's claims and data access scopes assigned to the user. Otherwise, the jwt will contain the user's claims.
| Enums | |
|---|---|
SOAR_JWT_TYPE_UNSPECIFIED |
The default value. |
USER_CLAIMS_JWT |
JWT for claims. |
USER_CLAIMS_AND_SCOPES_JWT |
JWT for claims & data access scopes. |