JWTRule
JWTRule
JSON Web Token (JWT) token format for authentication as defined by RFC 7519. See OAuth 2.0 and OIDC 1.0 for how this is used in the whole authentication flow.
Examples:
Spec for a JWT that is issued by https://example.com
, with the audience claims must be either
bookstore_android.apps.example.com
or bookstore_web.apps.example.com
.
The token should be presented at the Authorization
header (default). The JSON Web Key Set (JWKS)
will be discovered following OpenID Connect protocol.
issuer: https://example.com
audiences:
- bookstore_android.apps.example.com
bookstore_web.apps.example.com
This example specifies a token in a non-default location (x-goog-iap-jwt-assertion
header). It also
defines the URI to fetch JWKS explicitly.
issuer: https://example.com
jwksUri: https://example.com/.secret/jwks.json
fromHeaders:
- "x-goog-iap-jwt-assertion"
JWTHeader
This message specifies a header location to extract JWT token.
ClaimToHeader
This message specifies the detail for copying claim to header.