oidc-provider-plugin icon indicating copy to clipboard operation
oidc-provider-plugin copied to clipboard

Published 20 hours ago verified publisher icon jenkinsci

JWT aud claim should be dynamic.

Open elinesterov opened this issue 1 year ago • 7 comments

What feature do you want to see added?

In the current implementation, the audience claim is static, which means that the administrator can configure the OIDC issuer to only a specific audience, which is very limiting. I want my job to be able to authenticate to AWS but also to Vault, and in this case, I need the option to have a different audience.

The process of requesting tokens should be able. to specify audience claim depending on the party is going to use the talking for (Vault vs. AWS STS)

Upstream changes

No response

elinesterov avatar Sep 07 '23 03:09 elinesterov