Reference documentation and code samples for the Grafeas V1 API class Grafeas::V1::AttestationOccurrence.
Occurrence that represents a single "attestation". The authenticity of an
attestation can be verified using the attached signature. If the verifier
trusts the public key of the signer, then verifying the signature is
sufficient to establish trust. In this circumstance, the authority to which
this attestation is attached is primarily useful for lookup (how to find
this attestation if you already know the authority and artifact to be
verified) and intent (for which authority this attestation was intended to
sign.
Inherits
Object
Extended By
Google::Protobuf::MessageExts::ClassMethods
Includes
Google::Protobuf::MessageExts
Methods
#jwts
defjwts()->::Array<::Grafeas::V1::Jwt>
Returns
(::Array<::Grafeas::V1::Jwt>) — One or more JWTs encoding a self-contained attestation.
Each JWT encodes the payload that it verifies within the JWT itself.
Verifier implementation SHOULD ignore the serialized_payload field
when verifying these JWTs.
If only JWTs are present on this AttestationOccurrence, then the
serialized_payload SHOULD be left empty.
Each JWT SHOULD encode a claim specific to the resource_uri of this
Occurrence, but this is not validated by Grafeas metadata API
implementations. The JWT itself is opaque to Grafeas.
#jwts=
defjwts=(value)->::Array<::Grafeas::V1::Jwt>
Parameter
value (::Array<::Grafeas::V1::Jwt>) — One or more JWTs encoding a self-contained attestation.
Each JWT encodes the payload that it verifies within the JWT itself.
Verifier implementation SHOULD ignore the serialized_payload field
when verifying these JWTs.
If only JWTs are present on this AttestationOccurrence, then the
serialized_payload SHOULD be left empty.
Each JWT SHOULD encode a claim specific to the resource_uri of this
Occurrence, but this is not validated by Grafeas metadata API
implementations. The JWT itself is opaque to Grafeas.
Returns
(::Array<::Grafeas::V1::Jwt>) — One or more JWTs encoding a self-contained attestation.
Each JWT encodes the payload that it verifies within the JWT itself.
Verifier implementation SHOULD ignore the serialized_payload field
when verifying these JWTs.
If only JWTs are present on this AttestationOccurrence, then the
serialized_payload SHOULD be left empty.
Each JWT SHOULD encode a claim specific to the resource_uri of this
Occurrence, but this is not validated by Grafeas metadata API
implementations. The JWT itself is opaque to Grafeas.
#serialized_payload
defserialized_payload()->::String
Returns
(::String) — Required. The serialized payload that is verified by one or more
signatures.
#serialized_payload=
defserialized_payload=(value)->::String
Parameter
value (::String) — Required. The serialized payload that is verified by one or more
signatures.
Returns
(::String) — Required. The serialized payload that is verified by one or more
signatures.
(::Array<::Grafeas::V1::Signature>) — One or more signatures over serialized_payload. Verifier implementations
should consider this attestation message verified if at least one
signature verifies serialized_payload. See Signature in common.proto
for more details on signature structure and verification.
value (::Array<::Grafeas::V1::Signature>) — One or more signatures over serialized_payload. Verifier implementations
should consider this attestation message verified if at least one
signature verifies serialized_payload. See Signature in common.proto
for more details on signature structure and verification.
Returns
(::Array<::Grafeas::V1::Signature>) — One or more signatures over serialized_payload. Verifier implementations
should consider this attestation message verified if at least one
signature verifies serialized_payload. See Signature in common.proto
for more details on signature structure and verification.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[],[],null,["# Grafeas V1 API - Class Grafeas::V1::AttestationOccurrence (v1.4.0)\n\nVersion latestkeyboard_arrow_down\n\n- [1.4.0 (latest)](/ruby/docs/reference/grafeas-v1/latest/Grafeas-V1-AttestationOccurrence)\n- [1.3.1](/ruby/docs/reference/grafeas-v1/1.3.1/Grafeas-V1-AttestationOccurrence)\n- [1.2.0](/ruby/docs/reference/grafeas-v1/1.2.0/Grafeas-V1-AttestationOccurrence)\n- [1.1.1](/ruby/docs/reference/grafeas-v1/1.1.1/Grafeas-V1-AttestationOccurrence)\n- [1.0.0](/ruby/docs/reference/grafeas-v1/1.0.0/Grafeas-V1-AttestationOccurrence)\n- [0.16.1](/ruby/docs/reference/grafeas-v1/0.16.1/Grafeas-V1-AttestationOccurrence)\n- [0.15.0](/ruby/docs/reference/grafeas-v1/0.15.0/Grafeas-V1-AttestationOccurrence)\n- [0.14.2](/ruby/docs/reference/grafeas-v1/0.14.2/Grafeas-V1-AttestationOccurrence)\n- [0.13.0](/ruby/docs/reference/grafeas-v1/0.13.0/Grafeas-V1-AttestationOccurrence)\n- [0.12.1](/ruby/docs/reference/grafeas-v1/0.12.1/Grafeas-V1-AttestationOccurrence)\n- [0.11.0](/ruby/docs/reference/grafeas-v1/0.11.0/Grafeas-V1-AttestationOccurrence)\n- [0.10.0](/ruby/docs/reference/grafeas-v1/0.10.0/Grafeas-V1-AttestationOccurrence)\n- [0.9.0](/ruby/docs/reference/grafeas-v1/0.9.0/Grafeas-V1-AttestationOccurrence)\n- [0.8.0](/ruby/docs/reference/grafeas-v1/0.8.0/Grafeas-V1-AttestationOccurrence)\n- [0.7.0](/ruby/docs/reference/grafeas-v1/0.7.0/Grafeas-V1-AttestationOccurrence)\n- [0.6.1](/ruby/docs/reference/grafeas-v1/0.6.1/Grafeas-V1-AttestationOccurrence)\n- [0.5.0](/ruby/docs/reference/grafeas-v1/0.5.0/Grafeas-V1-AttestationOccurrence)\n- [0.4.0](/ruby/docs/reference/grafeas-v1/0.4.0/Grafeas-V1-AttestationOccurrence)\n- [0.3.1](/ruby/docs/reference/grafeas-v1/0.3.1/Grafeas-V1-AttestationOccurrence) \nReference documentation and code samples for the Grafeas V1 API class Grafeas::V1::AttestationOccurrence.\n\nOccurrence that represents a single \"attestation\". The authenticity of an\nattestation can be verified using the attached signature. If the verifier\ntrusts the public key of the signer, then verifying the signature is\nsufficient to establish trust. In this circumstance, the authority to which\nthis attestation is attached is primarily useful for lookup (how to find\nthis attestation if you already know the authority and artifact to be\nverified) and intent (for which authority this attestation was intended to\nsign. \n\nInherits\n--------\n\n- Object \n\nExtended By\n-----------\n\n- Google::Protobuf::MessageExts::ClassMethods \n\nIncludes\n--------\n\n- Google::Protobuf::MessageExts\n\nMethods\n-------\n\n### #jwts\n\n def jwts() -\u003e ::Array\u003c::Grafeas::V1::Jwt\u003e\n\n**Returns**\n\n- (::Array\\\u003c[::Grafeas::V1::Jwt](./Grafeas-V1-Jwt)\\\u003e) --- One or more JWTs encoding a self-contained attestation. Each JWT encodes the payload that it verifies within the JWT itself. Verifier implementation SHOULD ignore the `serialized_payload` field when verifying these JWTs. If only JWTs are present on this AttestationOccurrence, then the `serialized_payload` SHOULD be left empty. Each JWT SHOULD encode a claim specific to the `resource_uri` of this Occurrence, but this is not validated by Grafeas metadata API implementations. The JWT itself is opaque to Grafeas.\n\n### #jwts=\n\n def jwts=(value) -\u003e ::Array\u003c::Grafeas::V1::Jwt\u003e\n\n**Parameter**\n\n- **value** (::Array\\\u003c[::Grafeas::V1::Jwt](./Grafeas-V1-Jwt)\\\u003e) --- One or more JWTs encoding a self-contained attestation. Each JWT encodes the payload that it verifies within the JWT itself. Verifier implementation SHOULD ignore the `serialized_payload` field when verifying these JWTs. If only JWTs are present on this AttestationOccurrence, then the `serialized_payload` SHOULD be left empty. Each JWT SHOULD encode a claim specific to the `resource_uri` of this Occurrence, but this is not validated by Grafeas metadata API implementations. The JWT itself is opaque to Grafeas. \n**Returns**\n\n- (::Array\\\u003c[::Grafeas::V1::Jwt](./Grafeas-V1-Jwt)\\\u003e) --- One or more JWTs encoding a self-contained attestation. Each JWT encodes the payload that it verifies within the JWT itself. Verifier implementation SHOULD ignore the `serialized_payload` field when verifying these JWTs. If only JWTs are present on this AttestationOccurrence, then the `serialized_payload` SHOULD be left empty. Each JWT SHOULD encode a claim specific to the `resource_uri` of this Occurrence, but this is not validated by Grafeas metadata API implementations. The JWT itself is opaque to Grafeas.\n\n### #serialized_payload\n\n def serialized_payload() -\u003e ::String\n\n**Returns**\n\n- (::String) --- Required. The serialized payload that is verified by one or more `signatures`.\n\n### #serialized_payload=\n\n def serialized_payload=(value) -\u003e ::String\n\n**Parameter**\n\n- **value** (::String) --- Required. The serialized payload that is verified by one or more `signatures`. \n**Returns**\n\n- (::String) --- Required. The serialized payload that is verified by one or more `signatures`.\n\n### #signatures\n\n def signatures() -\u003e ::Array\u003c::Grafeas::V1::Signature\u003e\n\n**Returns**\n\n- (::Array\\\u003c[::Grafeas::V1::Signature](./Grafeas-V1-Signature)\\\u003e) --- One or more signatures over `serialized_payload`. Verifier implementations should consider this attestation message verified if at least one `signature` verifies `serialized_payload`. See `Signature` in common.proto for more details on signature structure and verification.\n\n### #signatures=\n\n def signatures=(value) -\u003e ::Array\u003c::Grafeas::V1::Signature\u003e\n\n**Parameter**\n\n- **value** (::Array\\\u003c[::Grafeas::V1::Signature](./Grafeas-V1-Signature)\\\u003e) --- One or more signatures over `serialized_payload`. Verifier implementations should consider this attestation message verified if at least one `signature` verifies `serialized_payload`. See `Signature` in common.proto for more details on signature structure and verification. \n**Returns**\n\n- (::Array\\\u003c[::Grafeas::V1::Signature](./Grafeas-V1-Signature)\\\u003e) --- One or more signatures over `serialized_payload`. Verifier implementations should consider this attestation message verified if at least one `signature` verifies `serialized_payload`. See `Signature` in common.proto for more details on signature structure and verification."]]
