Managing OIDC Tokens in CircleCI

Overview

Follow this guide to check for existing OpenID Connect (OIDC) tokens and generate a new one if needed.

Checking for Existing OIDC Tokens

Use the script below to verify the presence of OIDC tokens and create one if necessary:

- run: 
    name: Check OIDC Token
    command: |
      if [[ -z $CIRCLE_OIDC_TOKEN ]] || [[ -z $CIRCLE_OIDC_TOKEN_V2 ]]; then
        TOKEN=$(circleci run oidc get --claims '{"aud": ""}')
        echo 'export CIRCLE_OIDC_TOKEN="'"$TOKEN"'"'  "$BASH_ENV"
        # Uncomment below if you utilize the V2 token.
        # echo 'export CIRCLE_OIDC_TOKEN_V2="'"$TOKEN"'"'  "$BASH_ENV"
      else
        echo "OIDC token already exists"
      fi

Replace <audience> with your specific audience claim requirement.

 

Additional Resources

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.