The "API Keys" Organisation settings is renamed to "API Access" and expanded with Trust relationships.
When adding a Trust relationship, the user is prompted for:
- Trusted issuer URL.
- Expected audience.
- Claim matching rules — e.g. for GitHub: repo, environment, workflow filename.
- RBAC and/or admin toggle (same as with Master API Keys.)
Admin API exposes a POST /api/v1/auth/oidc/token/ exchange endpoint which validates the signature, checks claim, and mints a short-lived access token.
The "API Keys" Organisation settings is renamed to "API Access" and expanded with Trust relationships.
When adding a Trust relationship, the user is prompted for:
Admin API exposes a
POST /api/v1/auth/oidc/token/exchange endpoint which validates the signature, checks claim, and mints a short-lived access token.