Support OIDC authentication in iam http client

Question

Support OIDC authentication in iam http client

rahmatrhd opened this issue a year ago · 0 comments

Summary
Support OIDC authentication in policy iam's http client

Proposed solution
New fields for http client config:

type HTTPAuthConfig struct {
	Type string `mapstructure:"type" json:"type" yaml:"type" validate:"required,oneof=basic api_key bearer oidc"`

	...

+	// OIDC
+	Audience                        string `mapstructure:"audience,omitempty" json:"audience,omitempty" yaml:"audience,omitempty" validate:"required_if=Type oidc"`
+	GoogleServiceAccountCredentials string `mapstructure:"google_service_account_credentials,omitempty" json:"google_service_account_credentials,omitempty" yaml:"google_service_account_credentials,omitempty" validate:"required_if=Type oidc"`
}

we can utilize salt/oidc for the auth flow