Token Introspect configuration
Configuration needed to introspect a Person access token.
Requirements
- ServiceAccount credentials created in the IndyKite Hub for your organization.
Create a Token Introspect configuration for a Person node with email claim.
main.tf
terraform {
required_providers {
indykite = {
source = "indykite/indykite"
version = 1.26. // or latest version
}
}
}
# indykite provider integrates IndyKite platform with Terraform scripting.
# Provider for now does not support any parameters and all is set within service account credential file.
provider "indykite" {}
resource "indykite_token_introspect" "token_config" {
name = "terraform-token-introspect"
display_name = "Terraform token introspect"
description = "Token introspect for DigitalTwin access token"
location = "ProjectGID"
jwt_matcher {
issuer = "https://example.com"
audience = "client-id"
}
offline_validation {}
ikg_node_type = "Token"
claims_mapping = {
"email" = "email"
}
perform_upsert = true
}