env0 enables easy OIDC integration by passing an environment variable named
ENV0_OIDC_TOKEN to your deployments - its value contains a short lived OIDC token (JWT) for authentication via a third party application.
Your authorization server could leverage our newly added claims for more secure and fine grained authorization, for example, here are a few possible verifications:
- Only a specific team can deploy to a specific environment
- A specific template can only be deployed to your
stagingprojects and not to the
- Enforce a workspace name pattern in your organization
We added the following claims to the OIDC token:
Learn more about OIDC integration.