Reference documentation and code samples for the Google IAM V1beta API class Google::Iam::V1beta::WorkloadIdentityPoolProvider::Oidc.
Represents an OpenId Connect 1.0 identity provider.
Inherits
Object
Extended By
Google::Protobuf::MessageExts::ClassMethods
Includes
Google::Protobuf::MessageExts
Methods
#allowed_audiences
defallowed_audiences()->::Array<::String>
Returns
(::Array<::String>) — Acceptable values for the aud field (audience) in the OIDC token. Token
exchange requests are rejected if the token audience does not match one
of the configured values. Each audience may be at most 256 characters. A
maximum of 10 audiences may be configured.
If this list is empty, the OIDC token audience must be equal to
the full canonical resource name of the WorkloadIdentityPoolProvider,
with or without the HTTPS prefix. For example:
value (::Array<::String>) — Acceptable values for the aud field (audience) in the OIDC token. Token
exchange requests are rejected if the token audience does not match one
of the configured values. Each audience may be at most 256 characters. A
maximum of 10 audiences may be configured.
If this list is empty, the OIDC token audience must be equal to
the full canonical resource name of the WorkloadIdentityPoolProvider,
with or without the HTTPS prefix. For example:
(::Array<::String>) — Acceptable values for the aud field (audience) in the OIDC token. Token
exchange requests are rejected if the token audience does not match one
of the configured values. Each audience may be at most 256 characters. A
maximum of 10 audiences may be configured.
If this list is empty, the OIDC token audience must be equal to
the full canonical resource name of the WorkloadIdentityPoolProvider,
with or without the HTTPS prefix. For example:
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-03 UTC."],[],[],null,["# Google IAM V1beta API - Class Google::Iam::V1beta::WorkloadIdentityPoolProvider::Oidc (v0.3.6)\n\nVersion latestkeyboard_arrow_down\n\n- [0.3.6 (latest)](/ruby/docs/reference/google-iam-v1beta/latest/Google-Iam-V1beta-WorkloadIdentityPoolProvider-Oidc)\n- [0.3.5](/ruby/docs/reference/google-iam-v1beta/0.3.5/Google-Iam-V1beta-WorkloadIdentityPoolProvider-Oidc) \nReference documentation and code samples for the Google IAM V1beta API class Google::Iam::V1beta::WorkloadIdentityPoolProvider::Oidc.\n\nRepresents an OpenId Connect 1.0 identity provider. \n\nInherits\n--------\n\n- Object \n\nExtended By\n-----------\n\n- Google::Protobuf::MessageExts::ClassMethods \n\nIncludes\n--------\n\n- Google::Protobuf::MessageExts\n\nMethods\n-------\n\n### #allowed_audiences\n\n def allowed_audiences() -\u003e ::Array\u003c::String\u003e\n\n**Returns**\n\n- (::Array\\\u003c::String\\\u003e) --- Acceptable values for the `aud` field (audience) in the OIDC token. Token exchange requests are rejected if the token audience does not match one of the configured values. Each audience may be at most 256 characters. A maximum of 10 audiences may be configured.\n\n\n If this list is empty, the OIDC token audience must be equal to\n the full canonical resource name of the WorkloadIdentityPoolProvider,\n with or without the HTTPS prefix. For example:\n\n `\n //iam.googleapis.com/projects/\u003cproject-number\u003e/locations/\u003clocation\u003e/workloadIdentityPools/\u003cpool-id\u003e/providers/\u003cprovider-id\u003e\n https://iam.googleapis.com/projects/\u003cproject-number\u003e/locations/\u003clocation\u003e/workloadIdentityPools/\u003cpool-id\u003e/providers/\u003cprovider-id\u003e\n `\n\n### #allowed_audiences=\n\n def allowed_audiences=(value) -\u003e ::Array\u003c::String\u003e\n\n**Parameter**\n\n- **value** (::Array\\\u003c::String\\\u003e) --- Acceptable values for the `aud` field (audience) in the OIDC token. Token exchange requests are rejected if the token audience does not match one of the configured values. Each audience may be at most 256 characters. A maximum of 10 audiences may be configured.\n\n\n If this list is empty, the OIDC token audience must be equal to\n the full canonical resource name of the WorkloadIdentityPoolProvider,\n with or without the HTTPS prefix. For example:\n\n `\n //iam.googleapis.com/projects/\u003cproject-number\u003e/locations/\u003clocation\u003e/workloadIdentityPools/\u003cpool-id\u003e/providers/\u003cprovider-id\u003e\n https://iam.googleapis.com/projects/\u003cproject-number\u003e/locations/\u003clocation\u003e/workloadIdentityPools/\u003cpool-id\u003e/providers/\u003cprovider-id\u003e\n` \n**Returns**\n\n- (::Array\\\u003c::String\\\u003e) --- Acceptable values for the `aud` field (audience) in the OIDC token. Token exchange requests are rejected if the token audience does not match one of the configured values. Each audience may be at most 256 characters. A maximum of 10 audiences may be configured.\n\n\n If this list is empty, the OIDC token audience must be equal to\n the full canonical resource name of the WorkloadIdentityPoolProvider,\n with or without the HTTPS prefix. For example:\n\n `\n //iam.googleapis.com/projects/\u003cproject-number\u003e/locations/\u003clocation\u003e/workloadIdentityPools/\u003cpool-id\u003e/providers/\u003cprovider-id\u003e\n https://iam.googleapis.com/projects/\u003cproject-number\u003e/locations/\u003clocation\u003e/workloadIdentityPools/\u003cpool-id\u003e/providers/\u003cprovider-id\u003e\n `\n\n### #issuer_uri\n\n def issuer_uri() -\u003e ::String\n\n**Returns**\n\n- (::String) --- Required. The OIDC issuer URL.\n\n### #issuer_uri=\n\n def issuer_uri=(value) -\u003e ::String\n\n**Parameter**\n\n- **value** (::String) --- Required. The OIDC issuer URL. \n**Returns**\n\n- (::String) --- Required. The OIDC issuer URL."]]
