Package org.cdk8s.plus24.k8s

Interface TokenRequestSpec

  • All Superinterfaces:
    software.amazon.jsii.JsiiSerializable
    All Known Implementing Classes:
    TokenRequestSpec.Jsii$Proxy
    @Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)",
           date="2023-06-28T00:25:44.225Z")
@Stability(Stable)
public interface TokenRequestSpec
extends software.amazon.jsii.JsiiSerializable
    TokenRequestSpec contains client provided parameters of a token request.

    • Method Detail

      • getAudiences

        @Stability(Stable)
@NotNull
List<String> getAudiences()
        Audiences are the intendend audiences of the token.

        A recipient of a token must identitfy themself with an identifier in the list of audiences of the token, and otherwise should reject the token. A token issued for multiple audiences may be used to authenticate against any of the audiences listed but implies a high degree of trust between the target audiences.

      • getBoundObjectRef

        @Stability(Stable)
@Nullable
default BoundObjectReference getBoundObjectRef()
        BoundObjectRef is a reference to an object that the token will be bound to.

        The token will only be valid for as long as the bound object exists. NOTE: The API server's TokenReview endpoint will validate the BoundObjectRef, but other audiences may not. Keep ExpirationSeconds small if you want prompt revocation.

      • getExpirationSeconds

        @Stability(Stable)
@Nullable
default Number getExpirationSeconds()
        ExpirationSeconds is the requested duration of validity of the request.

        The token issuer may return a token with a different validity duration so a client needs to check the 'expiration' field in a response.