@nebius/js-sdk - v0.1.4
    Preparing search index...

    Interface OidcCredentialsProvider

    interface OidcCredentialsProvider {
        "[customJson]"?: () => unknown;
        "[unknownFieldsSymbol]"?: Uint8Array<ArrayBufferLike>;
        $type: "nebius.iam.v1.OidcCredentialsProvider";
        issuerUrl: string;
        jwkSetJson: string;
        [key: symbol]: Uint8Array<ArrayBufferLike> | (() => unknown) | undefined;
    }

    Indexable

    • [key: symbol]: Uint8Array<ArrayBufferLike> | (() => unknown) | undefined
    Index

    Properties

    [customJson]? [unknownFieldsSymbol]? $type issuerUrl jwkSetJson

    Properties

    "[customJson]"?: () => unknown
    "[unknownFieldsSymbol]"?: Uint8Array<ArrayBufferLike>
    $type: "nebius.iam.v1.OidcCredentialsProvider"
    issuerUrl: string

    It's not required provider OIDC issuer should be real OIDC provider, but should expose OIDC configuration with "/.well-known/openid-configuration" endpoint. Configuration should contains the "jwks_uri" endpoint where the JSON Web Key Set (JWKS) can be found; this set contains public keys used to verify JSON Web Tokens (JWTs) issued by an identity provider.

    Limitations for external OIDC providers:

    • token service limits the number of handled keys by 50. If your JWKS return more than 50, the only first 50 will be used for signature verifying.
    • response size for jwks_uri and "/.well-known/openid-configuration limited by 100KB.
    jwkSetJson: string

    Literally json, which represents JWKS with public keys for JWT verification. It worth mentioned that in a case of adding/rotating keys the jwk_set_json also should be updated here. Besides, the "issuer" parameter should be set even if the JWKS will be resolved locally.

    Settings

    Member Visibility

    On This Page

    Properties