đ OIDC Additional Claims
over 2 years ago by Tom Porat
env0 enables easy OIDC integration by passing an environment variable named ENV0_OIDC_TOKEN to your deployments - its value contains a short lived OIDC token (JWT) for authentication via a third party application.
⨠Improved Authorization â¨
Your authorization server could leverage our newly added claims for more secure and fine grained authorization, for example, here are a few possible verifications:
- Only a specific team can deploy to a specific environment
- A specific template can only be deployed to your
dev/stagingprojects and not to theproductionproject - Enforce a workspace name pattern in your organization
We added the following claims to the OIDC token:
organizationIdprojectIdtemplateIdtemplateNameenvironmentIdenvironmentNameworkspaceNamedeploymentLogIddeployerEmail
Learn more about OIDC integration.