Supported OIDC claims
Table of Contents
Expand all | Collapse all
-
- Activate Next-Generation Trust Security
-
-
- Configure AWS connection
- Configure Azure Key Vault connection
-
- Workload Identity Federation authentication
- Workload Identity Federation - Azure Identity Provider authentication
- Next-Gen Trust Security Generated Key authentication
- User permissions
- Workload Identity Federation authentication
- Next-Gen Trust Security Generated Key authentication
- User permissions
- Supported OIDC claims
-
-
-
-
- Create an F5 BIG-IP LTM machine
- Create a Microsoft Azure Private Key Vault machine
- Create a Microsoft IIS machine
- Create a Microsoft Windows (PowerShell) machine
- Create a Microsoft SQL Server machine
- Create a Common KeyStore machine
- Create a Citrix ADC machine
- Create an Imperva WAF machine
- Create a VMware NSX Advanced Load Balancer (AVI) machine
- Create an A10 Thunder ADC machine
- Create a Cloudflare machine
- Create Kemp Virtual LoadMaster machine
- Create a Palo Alto Panorama machine
-
- Provision to an F5 BIG-IP LTM
- Provision to a Microsoft Azure Private Key Vault
- Provision to Microsoft IIS
- Provision to Microsoft Windows (PowerShell)
- Provision to Microsoft SQL Server
- Provision to a Common KeyStore
- Provision to a Citrix ADC
- Provision to an Imperva WAF
- Provision to VMware NSX Advanced Load Balancer (AVI)
- Provision to an A10 Thunder ADC
- Provision to Cloudflare
- Provision to a Kemp Virtual LoadMaster
- Provision to Palo Alto Panorama
-
-
- 47-Day Validity Readiness TLS Certificates dashboard
- About the Certificate Inventory
- Managing certificate lifecycle settings
- Reissuing certificates in Next-Gen Trust Security
- Downloading certificates, certificate chains, and keystores
- Retiring, recovering, and deleting certificates
- Finding certificates in the certificate inventory
- Importing certificates from a CA using EJBCA
- Notification Center overview
- Domain-based validation for external emails
- Managing user accounts
- Troubleshooting
Supported OIDC claims
Supported OpenID Connect (OIDC) claims are specific key-value pairs used to convey information about a user or an entity in the context of authentication and identity management. OIDC claims are included in ID tokens or access tokens and can provide identity attributes or metadata about the user, client, or session.
Registered
- iss - identifies the principal that issued the JWT.
- sub - identifies the principal that is the subject of the JWT. For JWT issued by Next-Gen Trust Security the value is always venafi_control_plane.
- aud - identifies the recipients that the JWT is intended for.
- jti - provides a unique identifier for the JWT.
- iat - identifies the time at which the JWT was issued.
- nbf - identifies the time before which the JWT MUST NOT be accepted for processing.
- exp - identifies the expiration time on or after which the JWT MUST NOT be accepted for processing.
Custom
- cloud_provider_id - the id of the cloud provider issuing the JWT.
- cloud_provider_name - the name of the cloud provider issuing the JWT.