Update - Infisical

Overview

Endpoints

Identities
Token Auth
Universal Auth
GCP Auth
AWS Auth
Azure Auth
Kubernetes Auth
OIDC Auth
- POST
  Login
- POST
  Attach
- GET
  Retrieve
- PATCH
  Update
- DEL
  Revoke
JWT Auth
Groups
Organizations
Projects
Project Users
Project Groups
Project Identities
Project Roles
Project Templates
Environments
Folders
Secret Tags
Secrets
Dynamic Secrets
Secret Imports
Secret Rotations
Identity Specific Privilege
App Connections
Secret Syncs
Integrations
Service Tokens
Audit Logs

Infisical PKI

Certificate Authorities
Certificates
Certificate Templates
Certificate Collections
PKI Alerting

Infisical SSH

Certificates
Certificate Authorities
Certificate Templates

Infisical KMS

Keys
Encryption
Signing

PATCH

api

auth

oidc-auth

identities

{identityId}

curl --request PATCH \
  --url https://us.infisical.com/api/v1/auth/oidc-auth/identities/{identityId} \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "oidcDiscoveryUrl": "<string>",
  "caCert": "",
  "boundIssuer": "<string>",
  "boundAudiences": "",
  "boundClaims": {},
  "claimMetadataMapping": {},
  "boundSubject": "",
  "accessTokenTrustedIps": [
    {
      "ipAddress": "0.0.0.0/0"
    },
    {
      "ipAddress": "::/0"
    }
  ],
  "accessTokenTTL": 2592000,
  "accessTokenMaxTTL": 2592000,
  "accessTokenNumUsesLimit": 0
}'

{
  "identityOidcAuth": {
    "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "accessTokenTTL": 7200,
    "accessTokenMaxTTL": 7200,
    "accessTokenNumUsesLimit": 0,
    "accessTokenTrustedIps": "<any>",
    "identityId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "oidcDiscoveryUrl": "<string>",
    "boundIssuer": "<string>",
    "boundAudiences": "<string>",
    "boundClaims": "<any>",
    "claimMetadataMapping": "<any>",
    "boundSubject": "<string>",
    "createdAt": "2023-11-07T05:31:56Z",
    "updatedAt": "2023-11-07T05:31:56Z",
    "caCert": "<string>"
  }
}

Authorizations

Authorization

string

header

required

An access token in Infisical

Path Parameters

identityId

string

required

The ID of the identity to update the auth method for.

Body

application/json

oidcDiscoveryUrl

string

The new URL used to retrieve the OpenID Connect configuration from the identity provider.

Minimum length: 1

caCert

string

default:

The new PEM-encoded CA cert for establishing secure communication with the Identity Provider endpoints.

boundIssuer

string

The new unique identifier of the identity provider issuing the JWT.

Minimum length: 1

boundAudiences

string

default:

The new list of intended recipients.

boundClaims

object

The new attributes that should be present in the JWT for it to be valid.

claimMetadataMapping

object

The new attributes that should be present in the permission metadata from the JWT.

boundSubject

string

default:

The new expected principal that is the subject of the JWT.

accessTokenTrustedIps

object[]

The new IPs or CIDR ranges that access tokens can be used from.

accessTokenTTL

integer

default:2592000

The new lifetime for an access token in seconds.

Required range: 0 <= x <= 315360000

accessTokenMaxTTL

integer

default:2592000

The new maximum lifetime for an access token in seconds.

Required range: 0 <= x <= 315360000

accessTokenNumUsesLimit

integer

default:0

The new maximum number of times that an access token can be used.

Required range: x >= 0

Response

200

application/json

Default Response

identityOidcAuth

object

required

Was this page helpful?

Suggest edits Raise issue

Retrieve Revoke

curl --request PATCH \
  --url https://us.infisical.com/api/v1/auth/oidc-auth/identities/{identityId} \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "oidcDiscoveryUrl": "<string>",
  "caCert": "",
  "boundIssuer": "<string>",
  "boundAudiences": "",
  "boundClaims": {},
  "claimMetadataMapping": {},
  "boundSubject": "",
  "accessTokenTrustedIps": [
    {
      "ipAddress": "0.0.0.0/0"
    },
    {
      "ipAddress": "::/0"
    }
  ],
  "accessTokenTTL": 2592000,
  "accessTokenMaxTTL": 2592000,
  "accessTokenNumUsesLimit": 0
}'

{
  "identityOidcAuth": {
    "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "accessTokenTTL": 7200,
    "accessTokenMaxTTL": 7200,
    "accessTokenNumUsesLimit": 0,
    "accessTokenTrustedIps": "<any>",
    "identityId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "oidcDiscoveryUrl": "<string>",
    "boundIssuer": "<string>",
    "boundAudiences": "<string>",
    "boundClaims": "<any>",
    "claimMetadataMapping": "<any>",
    "boundSubject": "<string>",
    "createdAt": "2023-11-07T05:31:56Z",
    "updatedAt": "2023-11-07T05:31:56Z",
    "caCert": "<string>"
  }
}