Skip to content

Trust Relationships (OIDC) #8040

Description

@khvn26

The "API Keys" Organisation settings is renamed to "API Access" and expanded with Trust relationships.

When adding a Trust relationship, the user is prompted for:

  • Trusted issuer URL.
  • Expected audience.
  • Claim matching rules — e.g. for GitHub: repo, environment, workflow filename.
  • RBAC and/or admin toggle (same as with Master API Keys.)

Admin API exposes a POST /api/v1/auth/oidc/token/ exchange endpoint which validates the signature, checks claim, and mints a short-lived access token.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Fields

    No fields configured for Enhancement.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions