Skip to main content
POST
/
api
/
v1
/
auth
/
oidc-auth
/
identities
/
{identityId}
cURL
curl --request POST \
  --url https://us.infisical.com/api/v1/auth/oidc-auth/identities/{identityId} \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "oidcDiscoveryUrl": "<string>",
  "boundIssuer": "<string>",
  "boundClaims": {},
  "caCert": "",
  "boundAudiences": "",
  "claimMetadataMapping": {},
  "boundSubject": "",
  "accessTokenTrustedIps": [
    {
      "ipAddress": "0.0.0.0/0"
    },
    {
      "ipAddress": "::/0"
    }
  ],
  "accessTokenTTL": 2592000,
  "accessTokenMaxTTL": 2592000,
  "accessTokenNumUsesLimit": 0
}
'
{
  "identityOidcAuth": {
    "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "identityId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "oidcDiscoveryUrl": "<string>",
    "boundIssuer": "<string>",
    "boundAudiences": "<string>",
    "createdAt": "2023-11-07T05:31:56Z",
    "updatedAt": "2023-11-07T05:31:56Z",
    "caCert": "<string>",
    "accessTokenTTL": 7200,
    "accessTokenMaxTTL": 7200,
    "accessTokenNumUsesLimit": 0,
    "accessTokenTrustedIps": "<unknown>",
    "boundClaims": "<unknown>",
    "claimMetadataMapping": null,
    "boundSubject": "<string>"
  }
}

Documentation Index

Fetch the complete documentation index at: https://infisical-saif-eng-4890-add-support-for-oracle-db-access-in.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

Authorizations

Authorization
string
header
required

An access token in Infisical

Path Parameters

identityId
string
required

The ID of the machine identity to attach the configuration onto.

Body

application/json
oidcDiscoveryUrl
string<uri>
required

The URL used to retrieve the OpenID Connect configuration from the identity provider.

Minimum string length: 1
boundIssuer
string
required

The unique identifier of the identity provider issuing the JWT.

Minimum string length: 1
boundClaims
object
required

The attributes that should be present in the JWT for it to be valid.

caCert
string
default:""

The PEM-encoded CA cert for establishing secure communication with the Identity Provider endpoints.

boundAudiences
string
default:""

The list of intended recipients.

claimMetadataMapping
object

The attributes that should be present in the permission metadata from the JWT.

boundSubject
string
default:""

The expected principal that is the subject of the JWT.

accessTokenTrustedIps
object[]

The IPs or CIDR ranges that access tokens can be used from.

Minimum array length: 1
accessTokenTTL
integer
default:2592000

The lifetime for an access token in seconds.

Required range: 0 <= x <= 315360000
accessTokenMaxTTL
integer
default:2592000

The maximum lifetime for an access token in seconds.

Required range: 0 <= x <= 315360000
accessTokenNumUsesLimit
integer
default:0

The maximum number of times that an access token can be used.

Required range: x >= 0

Response

Default Response

identityOidcAuth
object
required