Reference documentation and code samples for the Anthos Multi-Cloud V1 API class Google::Cloud::GkeMultiCloud::V1::AttachedOidcConfig.
OIDC discovery information of the target cluster.
Kubernetes Service Account (KSA) tokens are JWT tokens signed by the cluster
API server. This fields indicates how Google Cloud Platform services
validate KSA tokens in order to allow system workloads (such as GKE Connect
and telemetry agents) to authenticate back to Google Cloud Platform.
Both clusters with public and private issuer URLs are supported.
Clusters with public issuers only need to specify the issuer_url field
while clusters with private issuers need to provide both
issuer_url and oidc_jwks.
Inherits
Object
Extended By
Google::Protobuf::MessageExts::ClassMethods
Includes
Google::Protobuf::MessageExts
Methods
#issuer_url
defissuer_url()->::String
Returns
(::String) — A JSON Web Token (JWT) issuer URI. issuer must start with https://.
#issuer_url=
defissuer_url=(value)->::String
Parameter
value (::String) — A JSON Web Token (JWT) issuer URI. issuer must start with https://.
Returns
(::String) — A JSON Web Token (JWT) issuer URI. issuer must start with https://.
#jwks
defjwks()->::String
Returns
(::String) — Optional. OIDC verification keys in JWKS format (RFC 7517).
It contains a list of OIDC verification keys that can be used to verify
OIDC JWTs.
This field is required for cluster that doesn't have a publicly available
discovery endpoint. When provided, it will be directly used
to verify the OIDC JWT asserted by the IDP.
#jwks=
defjwks=(value)->::String
Parameter
value (::String) — Optional. OIDC verification keys in JWKS format (RFC 7517).
It contains a list of OIDC verification keys that can be used to verify
OIDC JWTs.
This field is required for cluster that doesn't have a publicly available
discovery endpoint. When provided, it will be directly used
to verify the OIDC JWT asserted by the IDP.
Returns
(::String) — Optional. OIDC verification keys in JWKS format (RFC 7517).
It contains a list of OIDC verification keys that can be used to verify
OIDC JWTs.
This field is required for cluster that doesn't have a publicly available
discovery endpoint. When provided, it will be directly used
to verify the OIDC JWT asserted by the IDP.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[],[],null,["# Anthos Multi-Cloud V1 API - Class Google::Cloud::GkeMultiCloud::V1::AttachedOidcConfig (v0.15.0)\n\nVersion latestkeyboard_arrow_down\n\n- [0.15.0 (latest)](/ruby/docs/reference/google-cloud-gke_multi_cloud-v1/latest/Google-Cloud-GkeMultiCloud-V1-AttachedOidcConfig)\n- [0.14.1](/ruby/docs/reference/google-cloud-gke_multi_cloud-v1/0.14.1/Google-Cloud-GkeMultiCloud-V1-AttachedOidcConfig)\n- [0.13.0](/ruby/docs/reference/google-cloud-gke_multi_cloud-v1/0.13.0/Google-Cloud-GkeMultiCloud-V1-AttachedOidcConfig)\n- [0.12.0](/ruby/docs/reference/google-cloud-gke_multi_cloud-v1/0.12.0/Google-Cloud-GkeMultiCloud-V1-AttachedOidcConfig)\n- [0.11.0](/ruby/docs/reference/google-cloud-gke_multi_cloud-v1/0.11.0/Google-Cloud-GkeMultiCloud-V1-AttachedOidcConfig)\n- [0.10.1](/ruby/docs/reference/google-cloud-gke_multi_cloud-v1/0.10.1/Google-Cloud-GkeMultiCloud-V1-AttachedOidcConfig)\n- [0.9.0](/ruby/docs/reference/google-cloud-gke_multi_cloud-v1/0.9.0/Google-Cloud-GkeMultiCloud-V1-AttachedOidcConfig)\n- [0.8.2](/ruby/docs/reference/google-cloud-gke_multi_cloud-v1/0.8.2/Google-Cloud-GkeMultiCloud-V1-AttachedOidcConfig)\n- [0.7.0](/ruby/docs/reference/google-cloud-gke_multi_cloud-v1/0.7.0/Google-Cloud-GkeMultiCloud-V1-AttachedOidcConfig)\n- [0.6.0](/ruby/docs/reference/google-cloud-gke_multi_cloud-v1/0.6.0/Google-Cloud-GkeMultiCloud-V1-AttachedOidcConfig)\n- [0.5.0](/ruby/docs/reference/google-cloud-gke_multi_cloud-v1/0.5.0/Google-Cloud-GkeMultiCloud-V1-AttachedOidcConfig)\n- [0.4.0](/ruby/docs/reference/google-cloud-gke_multi_cloud-v1/0.4.0/Google-Cloud-GkeMultiCloud-V1-AttachedOidcConfig)\n- [0.3.0](/ruby/docs/reference/google-cloud-gke_multi_cloud-v1/0.3.0/Google-Cloud-GkeMultiCloud-V1-AttachedOidcConfig)\n- [0.2.0](/ruby/docs/reference/google-cloud-gke_multi_cloud-v1/0.2.0/Google-Cloud-GkeMultiCloud-V1-AttachedOidcConfig)\n- [0.1.0](/ruby/docs/reference/google-cloud-gke_multi_cloud-v1/0.1.0/Google-Cloud-GkeMultiCloud-V1-AttachedOidcConfig) \nReference documentation and code samples for the Anthos Multi-Cloud V1 API class Google::Cloud::GkeMultiCloud::V1::AttachedOidcConfig.\n\nOIDC discovery information of the target cluster.\n\n\nKubernetes Service Account (KSA) tokens are JWT tokens signed by the cluster\nAPI server. This fields indicates how Google Cloud Platform services\nvalidate KSA tokens in order to allow system workloads (such as GKE Connect\nand telemetry agents) to authenticate back to Google Cloud Platform.\n\n\u003cbr /\u003e\n\nBoth clusters with public and private issuer URLs are supported.\nClusters with public issuers only need to specify the `issuer_url` field\nwhile clusters with private issuers need to provide both\n`issuer_url` and `oidc_jwks`. \n\nInherits\n--------\n\n- Object \n\nExtended By\n-----------\n\n- Google::Protobuf::MessageExts::ClassMethods \n\nIncludes\n--------\n\n- Google::Protobuf::MessageExts\n\nMethods\n-------\n\n### #issuer_url\n\n def issuer_url() -\u003e ::String\n\n**Returns**\n\n- (::String) --- A JSON Web Token (JWT) issuer URI. `issuer` must start with `https://`.\n\n### #issuer_url=\n\n def issuer_url=(value) -\u003e ::String\n\n**Parameter**\n\n- **value** (::String) --- A JSON Web Token (JWT) issuer URI. `issuer` must start with `https://`. \n**Returns**\n\n- (::String) --- A JSON Web Token (JWT) issuer URI. `issuer` must start with `https://`.\n\n### #jwks\n\n def jwks() -\u003e ::String\n\n**Returns**\n\n- (::String) --- Optional. OIDC verification keys in JWKS format (RFC 7517). It contains a list of OIDC verification keys that can be used to verify OIDC JWTs.\n\n This field is required for cluster that doesn't have a publicly available\n discovery endpoint. When provided, it will be directly used\n to verify the OIDC JWT asserted by the IDP.\n\n### #jwks=\n\n def jwks=(value) -\u003e ::String\n\n**Parameter**\n\n- **value** (::String) --- Optional. OIDC verification keys in JWKS format (RFC 7517). It contains a list of OIDC verification keys that can be used to verify OIDC JWTs.\n\n\n This field is required for cluster that doesn't have a publicly available\n discovery endpoint. When provided, it will be directly used\nto verify the OIDC JWT asserted by the IDP. \n**Returns**\n\n- (::String) --- Optional. OIDC verification keys in JWKS format (RFC 7517). It contains a list of OIDC verification keys that can be used to verify OIDC JWTs.\n\n This field is required for cluster that doesn't have a publicly available\n discovery endpoint. When provided, it will be directly used\n to verify the OIDC JWT asserted by the IDP."]]
