Generic OIDC provider
How to authenticate using a generic OIDC provider.
To use an external (generic) OIDC provider, you need to set up the OIDC config to verify the JWT token:
-
Send a PUT request to the OIDC config url:
https://cg.optimizely.com/api/config/oidc
with epi-hmac or basic authorization header:curl -XPUT \ -H 'Authorization: Basic {appKey}:{secret}' \ -d '{ "issuer": "{your_issue}", "audience": "{your_audience}", }' https://cg.optimizely.com/api/config/oidc
{ "issuer": "{your_issue}", "audience": "{your_audience}", }
-
After you authenticate, your
JWT
payload should haveissuer
andaudience
claims:{ "sub": "1234567890", "name": "John Doe", "iat": 1516239022, "iss": "{your_issuer}", "audience": "{your_audience}" }
-
Send your GQL query to the query endpoint with your JWT token:
curl -XPOST \ -H 'Authorization: Bearer {jwt_token}' \ -d '{query}' \ https://cg.optimizely.com/content/v2/tenant_id={your_turnstile_tenant_id}
Updated 6 months ago