Attach - Infisical

Overview

Endpoints

Identities
Token Auth
Universal Auth
GCP Auth
AWS Auth
Azure Auth
- POST
  Login
- POST
  Attach
- GET
  Retrieve
- PATCH
  Update
- DEL
  Revoke
Kubernetes Auth
OIDC Auth
JWT Auth
Groups
Organizations
Projects
Project Users
Project Groups
Project Identities
Project Roles
Project Templates
Environments
Folders
Secret Tags
Secrets
Dynamic Secrets
Secret Imports
Identity Specific Privilege
App Connections
Secret Syncs
Integrations
Service Tokens
Audit Logs

Infisical PKI

Certificate Authorities
Certificates
Certificate Templates
Certificate Collections
PKI Alerting

Infisical SSH

Certificates
Certificate Authorities
Certificate Templates

Infisical KMS

Keys

POST

api

auth

azure-auth

identities

{identityId}

curl --request POST \
  --url https://us.infisical.com/api/v1/auth/azure-auth/identities/{identityId} \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "tenantId": "<string>",
  "resource": "<string>",
  "allowedServicePrincipalIds": "",
  "accessTokenTrustedIps": [
    {
      "ipAddress": "0.0.0.0/0"
    },
    {
      "ipAddress": "::/0"
    }
  ],
  "accessTokenTTL": 2592000,
  "accessTokenMaxTTL": 2592000,
  "accessTokenNumUsesLimit": 0
}'

{
  "identityAzureAuth": {
    "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "accessTokenTTL": 7200,
    "accessTokenMaxTTL": 7200,
    "accessTokenNumUsesLimit": 0,
    "accessTokenTrustedIps": "<any>",
    "createdAt": "2023-11-07T05:31:56Z",
    "updatedAt": "2023-11-07T05:31:56Z",
    "identityId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "tenantId": "<string>",
    "resource": "<string>",
    "allowedServicePrincipalIds": "<string>"
  }
}

Authorizations

Authorization

string

header

required

An access token in Infisical

Path Parameters

identityId

string

required

The ID of the identity to login.

Body

application/json

tenantId

string

required

The tenant ID for the Azure AD organization.

resource

string

required

The resource URL for the application registered in Azure AD.

allowedServicePrincipalIds

string

default:

The comma-separated list of Azure AD service principal IDs that are allowed to authenticate with Infisical.

accessTokenTrustedIps

object[]

The IPs or CIDR ranges that access tokens can be used from.

accessTokenTTL

integer

default:

2592000

The lifetime for an access token in seconds.

Required range: 0 < x < 315360000

accessTokenMaxTTL

integer

default:

2592000

The maximum lifetime for an access token in seconds.

Required range: 0 < x < 315360000

accessTokenNumUsesLimit

integer

default:

The maximum number of times that an access token can be used.

Required range: x > 0

Response

200

application/json

Default Response

identityAzureAuth

object

required

Was this page helpful?

Suggest edits Raise issue

curl --request POST \
  --url https://us.infisical.com/api/v1/auth/azure-auth/identities/{identityId} \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "tenantId": "<string>",
  "resource": "<string>",
  "allowedServicePrincipalIds": "",
  "accessTokenTrustedIps": [
    {
      "ipAddress": "0.0.0.0/0"
    },
    {
      "ipAddress": "::/0"
    }
  ],
  "accessTokenTTL": 2592000,
  "accessTokenMaxTTL": 2592000,
  "accessTokenNumUsesLimit": 0
}'

{
  "identityAzureAuth": {
    "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "accessTokenTTL": 7200,
    "accessTokenMaxTTL": 7200,
    "accessTokenNumUsesLimit": 0,
    "accessTokenTrustedIps": "<any>",
    "createdAt": "2023-11-07T05:31:56Z",
    "updatedAt": "2023-11-07T05:31:56Z",
    "identityId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "tenantId": "<string>",
    "resource": "<string>",
    "allowedServicePrincipalIds": "<string>"
  }
}