NSX-T Data Center REST API
OidcEndPoint (schema)
OpenID Connect end-point
OpenID Connect end-point specifying where to fetch the JWKS document used to
validate JWT tokens for TokenBasedPrincipalIdentities.
| Name | Description | Type | Notes |
|---|---|---|---|
| _create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
| _create_user | ID of the user who created this resource | string | Readonly |
| _last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
| _last_modified_user | ID of the user who last modified this resource | string | Readonly |
| _links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
| _protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
| _revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
| _schema | Schema for this resource | string | Readonly |
| _self | Link to this resource | SelfResourceLink | Readonly |
| _system_owned | Indicates system owned resource | boolean | Readonly |
| authorization_endpoint | Authorization endpoint The URL of the OpenID provider's authorization endpoint. |
string | Readonly |
| claims_supported | Claims supported The list of claims that the OpenID provider supports. |
array of string | Readonly |
| description | Description of this resource | string | Maximum length: 1024 Sortable |
| display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
| id | Unique identifier of this resource | string | Sortable |
| issuer | JWT token issuer Issuer of the JWT tokens for the given type. This field is fetched from the meta-data located at the oidc_uri. |
string | Readonly |
| jwks_uri | URI of JWKS document The URI where the JWKS document is located that has the key used to validate the JWT signature. |
string | Readonly |
| name | Unique name for this OpenID Connect end-point A short, unique name for this OpenID Connect end-point. OIDC endpoint names may not contain spaces. If not provided, defaults to the ID of the OidcEndPoint. |
string | |
| oidc_type | OIDC Type Type used to distinguish the OIDC end-points by IDP. |
string | Enum: vcenter, ws_one Maximum length: 255 Default: "vcenter" |
| oidc_uri | OpenID Connect URI URI of the OpenID Connect end-point. |
string | Required Maximum length: 255 |
| override_roles | Roles used instead of token roles When specified this role or roles are used instead of the nsx-role in the JWT |
array of string | Readonly |
| resource_type | Must be set to the value OidcEndPoint | string | |
| tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
| thumbprint | Thumbprint Thumbprint in SHA-256 format used to verify the server certificate at the URI. |
string | Required Maximum length: 255 |
| token_endpoint | Token endpoint The URL of the OpenID provider's token endpoint. |
string | Readonly |
| userinfo_endpoint | Userinfo endpoint The URL of the OpenID provider's userinfo endpoint. |
string | Readonly |