2025-10-31 21:12:48 +00:00
{/* THIS IS A AUTO-GENERATED FILE. DO NOT MODIFY MANUALLY! */}
```json
{
"$schema": "http://json-schema.org/draft-07/schema#",
"title": "IdentityProviderConfig",
"definitions": {
"GitHubIdentityProviderConfig": {
"type": "object",
2025-11-05 03:55:25 +00:00
"additionalProperties": false,
2025-10-31 21:12:48 +00:00
"properties": {
"provider": {
"const": "github"
},
"purpose": {
"enum": [
"sso",
2025-11-05 03:55:25 +00:00
"account_linking"
2025-10-31 21:12:48 +00:00
]
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
},
"baseUrl": {
2025-11-05 03:55:25 +00:00
"type": "string",
"format": "url",
"default": "https://github.com",
"description": "The URL of the GitHub host. Defaults to https://github.com",
"examples": [
"https://github.com",
"https://github.example.com"
],
"pattern": "^https?:\\/\\/[^\\s/$.?#].[^\\s]*$"
2025-11-03 00:11:48 +00:00
},
2025-11-05 03:55:25 +00:00
"accountLinkingRequired": {
2025-11-03 00:11:48 +00:00
"type": "boolean",
2025-11-04 05:42:35 +00:00
"default": false
2025-10-31 21:12:48 +00:00
}
},
"required": [
"provider",
"purpose",
"clientId",
"clientSecret"
]
},
"GitLabIdentityProviderConfig": {
"type": "object",
2025-11-05 03:55:25 +00:00
"additionalProperties": false,
2025-10-31 21:12:48 +00:00
"properties": {
"provider": {
"const": "gitlab"
},
"purpose": {
"enum": [
"sso",
2025-11-05 03:55:25 +00:00
"account_linking"
2025-10-31 21:12:48 +00:00
]
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
},
"baseUrl": {
2025-11-05 03:55:25 +00:00
"type": "string",
"format": "url",
"default": "https://gitlab.com",
"description": "The URL of the GitLab host. Defaults to https://gitlab.com",
"examples": [
"https://gitlab.com",
"https://gitlab.example.com"
],
"pattern": "^https?:\\/\\/[^\\s/$.?#].[^\\s]*$"
2025-11-03 00:11:48 +00:00
},
2025-11-05 03:55:25 +00:00
"accountLinkingRequired": {
2025-11-03 00:11:48 +00:00
"type": "boolean",
2025-11-04 05:42:35 +00:00
"default": false
2025-10-31 21:12:48 +00:00
}
},
"required": [
"provider",
"purpose",
"clientId",
2025-11-04 01:21:04 +00:00
"clientSecret"
2025-10-31 21:12:48 +00:00
]
},
"GoogleIdentityProviderConfig": {
"type": "object",
2025-11-05 03:55:25 +00:00
"additionalProperties": false,
2025-10-31 21:12:48 +00:00
"properties": {
"provider": {
"const": "google"
},
2025-11-05 03:55:25 +00:00
"purpose": {
"const": "sso"
},
2025-10-31 21:12:48 +00:00
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
}
},
"required": [
"provider",
2025-11-05 03:55:25 +00:00
"purpose",
2025-10-31 21:12:48 +00:00
"clientId",
"clientSecret"
]
},
"OktaIdentityProviderConfig": {
"type": "object",
2025-11-05 03:55:25 +00:00
"additionalProperties": false,
2025-10-31 21:12:48 +00:00
"properties": {
"provider": {
"const": "okta"
},
2025-11-05 03:55:25 +00:00
"purpose": {
"const": "sso"
},
2025-10-31 21:12:48 +00:00
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
},
"issuer": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
}
},
"required": [
"provider",
2025-11-05 03:55:25 +00:00
"purpose",
2025-10-31 21:12:48 +00:00
"clientId",
"clientSecret",
"issuer"
]
},
"KeycloakIdentityProviderConfig": {
"type": "object",
2025-11-05 03:55:25 +00:00
"additionalProperties": false,
2025-10-31 21:12:48 +00:00
"properties": {
"provider": {
"const": "keycloak"
},
2025-11-05 03:55:25 +00:00
"purpose": {
"const": "sso"
},
2025-10-31 21:12:48 +00:00
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
},
"issuer": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
}
},
"required": [
"provider",
2025-11-05 03:55:25 +00:00
"purpose",
2025-10-31 21:12:48 +00:00
"clientId",
"clientSecret",
"issuer"
]
},
"MicrosoftEntraIDIdentityProviderConfig": {
"type": "object",
2025-11-05 03:55:25 +00:00
"additionalProperties": false,
2025-10-31 21:12:48 +00:00
"properties": {
"provider": {
"const": "microsoft-entra-id"
},
2025-11-05 03:55:25 +00:00
"purpose": {
"const": "sso"
},
2025-10-31 21:12:48 +00:00
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
},
"issuer": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
}
},
"required": [
"provider",
2025-11-05 03:55:25 +00:00
"purpose",
2025-10-31 21:12:48 +00:00
"clientId",
"clientSecret",
"issuer"
]
},
"GCPIAPIdentityProviderConfig": {
"type": "object",
2025-11-05 03:55:25 +00:00
"additionalProperties": false,
2025-10-31 21:12:48 +00:00
"properties": {
"provider": {
"const": "gcp-iap"
},
2025-11-05 03:55:25 +00:00
"purpose": {
"const": "sso"
},
2025-10-31 21:12:48 +00:00
"audience": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
}
},
"required": [
"provider",
2025-11-05 03:55:25 +00:00
"purpose",
2025-10-31 21:12:48 +00:00
"audience"
]
}
},
"oneOf": [
{
"type": "object",
2025-11-05 03:55:25 +00:00
"additionalProperties": false,
2025-10-31 21:12:48 +00:00
"properties": {
"provider": {
"const": "github"
},
"purpose": {
"enum": [
"sso",
2025-11-05 03:55:25 +00:00
"account_linking"
2025-10-31 21:12:48 +00:00
]
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
},
"baseUrl": {
2025-11-05 03:55:25 +00:00
"type": "string",
"format": "url",
"default": "https://github.com",
"description": "The URL of the GitHub host. Defaults to https://github.com",
"examples": [
"https://github.com",
"https://github.example.com"
],
"pattern": "^https?:\\/\\/[^\\s/$.?#].[^\\s]*$"
2025-11-03 00:11:48 +00:00
},
2025-11-05 03:55:25 +00:00
"accountLinkingRequired": {
2025-11-03 00:11:48 +00:00
"type": "boolean",
2025-11-04 05:42:35 +00:00
"default": false
2025-10-31 21:12:48 +00:00
}
},
"required": [
"provider",
"purpose",
"clientId",
"clientSecret"
]
},
{
"type": "object",
2025-11-05 03:55:25 +00:00
"additionalProperties": false,
2025-10-31 21:12:48 +00:00
"properties": {
"provider": {
"const": "gitlab"
},
"purpose": {
"enum": [
"sso",
2025-11-05 03:55:25 +00:00
"account_linking"
2025-10-31 21:12:48 +00:00
]
},
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
},
"baseUrl": {
2025-11-05 03:55:25 +00:00
"type": "string",
"format": "url",
"default": "https://gitlab.com",
"description": "The URL of the GitLab host. Defaults to https://gitlab.com",
"examples": [
"https://gitlab.com",
"https://gitlab.example.com"
],
"pattern": "^https?:\\/\\/[^\\s/$.?#].[^\\s]*$"
2025-11-03 00:11:48 +00:00
},
2025-11-05 03:55:25 +00:00
"accountLinkingRequired": {
2025-11-03 00:11:48 +00:00
"type": "boolean",
2025-11-04 05:42:35 +00:00
"default": false
2025-10-31 21:12:48 +00:00
}
},
"required": [
"provider",
"purpose",
"clientId",
2025-11-04 01:21:04 +00:00
"clientSecret"
2025-10-31 21:12:48 +00:00
]
},
{
"type": "object",
2025-11-05 03:55:25 +00:00
"additionalProperties": false,
2025-10-31 21:12:48 +00:00
"properties": {
"provider": {
"const": "google"
},
2025-11-05 03:55:25 +00:00
"purpose": {
"const": "sso"
},
2025-10-31 21:12:48 +00:00
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
}
},
"required": [
"provider",
2025-11-05 03:55:25 +00:00
"purpose",
2025-10-31 21:12:48 +00:00
"clientId",
"clientSecret"
]
},
{
"type": "object",
2025-11-05 03:55:25 +00:00
"additionalProperties": false,
2025-10-31 21:12:48 +00:00
"properties": {
"provider": {
"const": "okta"
},
2025-11-05 03:55:25 +00:00
"purpose": {
"const": "sso"
},
2025-10-31 21:12:48 +00:00
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
},
"issuer": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
}
},
"required": [
"provider",
2025-11-05 03:55:25 +00:00
"purpose",
2025-10-31 21:12:48 +00:00
"clientId",
"clientSecret",
"issuer"
]
},
{
"type": "object",
2025-11-05 03:55:25 +00:00
"additionalProperties": false,
2025-10-31 21:12:48 +00:00
"properties": {
"provider": {
"const": "keycloak"
},
2025-11-05 03:55:25 +00:00
"purpose": {
"const": "sso"
},
2025-10-31 21:12:48 +00:00
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
},
"issuer": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
}
},
"required": [
"provider",
2025-11-05 03:55:25 +00:00
"purpose",
2025-10-31 21:12:48 +00:00
"clientId",
"clientSecret",
"issuer"
]
},
{
"type": "object",
2025-11-05 03:55:25 +00:00
"additionalProperties": false,
2025-10-31 21:12:48 +00:00
"properties": {
"provider": {
"const": "microsoft-entra-id"
},
2025-11-05 03:55:25 +00:00
"purpose": {
"const": "sso"
},
2025-10-31 21:12:48 +00:00
"clientId": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
},
"clientSecret": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
},
"issuer": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
}
},
"required": [
"provider",
2025-11-05 03:55:25 +00:00
"purpose",
2025-10-31 21:12:48 +00:00
"clientId",
"clientSecret",
"issuer"
]
},
{
"type": "object",
2025-11-05 03:55:25 +00:00
"additionalProperties": false,
2025-10-31 21:12:48 +00:00
"properties": {
"provider": {
"const": "gcp-iap"
},
2025-11-05 03:55:25 +00:00
"purpose": {
"const": "sso"
},
2025-10-31 21:12:48 +00:00
"audience": {
"anyOf": [
{
"type": "object",
"properties": {
"env": {
"type": "string",
2025-11-03 00:20:25 +00:00
"description": "The name of the environment variable that contains the token."
2025-10-31 21:12:48 +00:00
}
},
"required": [
"env"
],
"additionalProperties": false
2025-11-03 00:20:25 +00:00
},
{
"type": "object",
"properties": {
"googleCloudSecret": {
"type": "string",
"description": "The resource name of a Google Cloud secret. Must be in the format `projects/<project-id>/secrets/<secret-name>/versions/<version-id>`. See https://cloud.google.com/secret-manager/docs/creating-and-accessing-secrets"
}
},
"required": [
"googleCloudSecret"
],
"additionalProperties": false
2025-10-31 21:12:48 +00:00
}
]
}
},
"required": [
"provider",
2025-11-05 03:55:25 +00:00
"purpose",
2025-10-31 21:12:48 +00:00
"audience"
]
}
]
}
```
