Identity-Based Microsegmentation Guide
LAST UPDATED: October 8, 2021

Internal resources

internal/token

OAUTHInfo

OAUTHInfo provides the information for an OAUTH server to retrieve the secrets that can validate a JWT token issued by us.

Relations

GET /oauthinfo/:id

Retrieves the OAUTH info.

GET /namespaces/:id/oauthinfo

Retrieves the OAUTH info for this namespace.

Parameters:

  • mode (enum(oidc)): When set to type OIDC it will return the data as a raw JSON object and not a Microsegmentation Console-compatible API.

Attributes

IDTokenSigningAlgValuesSupported [autogenerated,read_only]

Type: []string

IDTokenSigningAlgValuesSupported is corresponding attribute of the OIDC spec.

JWKSURI [autogenerated,read_only]

Type: string

JWKSURI is the URI that can be used to retrieve the public keys that will verify a JWT.

auhorizationEndpoint [autogenerated,read_only]

Type: string

AuhorizationEndpoint is the authorization endpoint.

claimsSupported [autogenerated,read_only]

Type: []string

ClaimsSupported is corresponding attribute of the OIDC spec.

issuer [autogenerated,read_only]

Type: string

Issuer is the the URL pointing to the issuer of the token.

responseTypesSupported [autogenerated,read_only]

Type: []string

ResponseTypesSupported is corresponding attribute of the OIDC spec.

scopesSupported [autogenerated,read_only]

Type: []string

ScopesSupported is corresponding attribute of the OIDC spec.

subjectTypesSupported [autogenerated,read_only]

Type: []string

SubjectTypesSupported is corresponding attribute of the OIDC spec.

tokenEndpointAuthMethodsSupported [autogenerated,read_only]

Type: []string

TokenEndpointAuthMethodsSupported is corresponding attribute of the OIDC spec.

OAUTHKey

OAUTHInfo provides the information for an OAUTH server to retrieve the secrets that can validate a JWT token issued by us.

Relations

GET /oauthkeys/:id

Retrieves the OAUTH info.

GET /namespaces/:id/oauthkeys

Retrieves the OAUTH info for this namespace.

Parameters:

  • mode (enum(oidc)): When set to OIDC it will return the data as a raw JSON object and not a Microsegmentation Console-compatible API.

Attributes

keyString [autogenerated,read_only]

Type: string

KeyString is the JWKS key response for an OAUTH verifier. It provides the OAUTH compatible signing keys.

internal/x509

PKIXName

Represents a public key infrastructure X.509 (PKIX) certificate.

Attributes

commonName

Type: string

Represents the Common Name field.

country

Type: []string

Represents the Country field.

locality

Type: []string

Represents the Locality field.

organization

Type: []string

Represents the Organization field.

organizationalUnit

Type: []string

Represents the Organizational Unit field.

postalCode

Type: []string

Represents the Postal Code field.

province

Type: []string

Represents the Province field.

streetAddress

Type: []string

Represents the Street Address field.