nebius.api.nebius.iam.v1.OidcCredentialsProvider

class documentation

class OidcCredentialsProvider(pb_classes.Message): (source)

Constructor: OidcCredentialsProvider(initial_message, issuer_url, jwk_set_json)

The OIDC provider does not have to be a full OIDC provider, but it must expose OIDC discovery metadata at the "/.well-known/openid-configuration" endpoint. The discovery metadata must contain "jwks_uri", which points to the JSON Web Key Set (JWKS). The JWKS contains public keys used to verify JSON Web Tokens (JWTs) issued by the identity provider.

Method	`__dir__`	Undocumented
Method	`__init__`	Create a wrapper around a protobuf message instance.
Method	`issuer_url.setter`	Undocumented
Method	`jwk_set_json.setter`	Undocumented
Constant	`__PB2_DESCRIPTOR__`	Undocumented
Constant	`__PY_TO_PB2__`	Undocumented
Class Variable	`__mask_functions__`	Undocumented
Property	`issuer_url`	OIDC-compatible JWT issuer URL.
Property	`jwk_set_json`	JSON representation of a JSON Web Key Set (JWKS) with public keys used for JWT signature verification. If set, the token service uses this JWKS to verify token signatures.

Inherited from Message:

Class Method	`get_descriptor`	Return the protobuf descriptor for this message class.
Class Method	`is_credentials`	Return True if the field contains credentials.
Class Method	`is_sensitive`	Return True if the field is marked as sensitive.
Method	`__repr__`	Return a human-readable representation of the message, sanitizing sensitive fields.
Method	`check_presence`	Check explicit presence for a field in the protobuf message.
Method	`get_full_update_reset_mask`	Build a reset mask for a full update of this message.
Method	`get_mask`	Return the tracked reset mask.
Method	`is_default`	Return True if a field equals its default value.
Method	`set_mask`	Replace the tracked reset mask.
Method	`which_field_in_oneof`	Return the set field name for a given oneof.
Instance Variable	`__PB2_CLASS__`	Protobuf message class associated with this wrapper.
Instance Variable	`__pb2_message__`	Underlying protobuf message instance.
Method	`_clear_field`	Clear a field and record it in the reset mask.
Method	`_get_field`	Return a field value with optional wrapping and presence handling.
Method	`_set_field`	Set a field value and update the reset mask.
Class Variable	`__credentials_fields`	Undocumented
Class Variable	`__default`	Undocumented
Class Variable	`__sensitive_fields`	Undocumented
Instance Variable	`__recorded_reset_mask`	Mask tracking fields cleared or set to default.

def __dir__(self) -> abc.Iterable[builtins.str]: (source) ¶

Undocumented

overrides nebius.base.protos.pb_classes.Message.__init__

Create a wrapper around a protobuf message instance.

Raises
`AttributeError`	If the wrapper is missing required class metadata.

@issuer_url.setter
def issuer_url(self, value: builtins.str | None): (source) ¶

Undocumented

@jwk_set_json.setter
def jwk_set_json(self, value: builtins.str | None): (source) ¶

Undocumented

__PB2_DESCRIPTOR__ = (source) ¶

overrides nebius.base.protos.pb_classes.Message.__PB2_DESCRIPTOR__

Undocumented

Value

descriptor.DescriptorWrap[descriptor_1.Descriptor]('.nebius.iam.v1.OidcCredentia↵
lsProvider',
                                                   federated_credentials_pb2.DESCRIPTOR↵
,
                                                   descriptor_1.Descriptor)

__PY_TO_PB2__: builtins.dict[builtins.str, builtins.str] = (source) ¶

overrides nebius.base.protos.pb_classes.Message.__PY_TO_PB2__

Undocumented

Value

{'issuer_url': 'issuer_url', 'jwk_set_json': 'jwk_set_json'}

__mask_functions__: dict = (source) ¶

overrides nebius.base.protos.pb_classes.Message.__mask_functions__

Undocumented

@builtins.property
issuer_url: builtins.str = (source) ¶

OIDC-compatible JWT issuer URL.

@builtins.property
jwk_set_json: builtins.str = (source) ¶

JSON representation of a JSON Web Key Set (JWKS) with public keys used for JWT signature verification. If set, the token service uses this JWKS to verify token signatures.