Security Token Service API (sts:v1)

2026-06-26

2 new methods

Additions

    Methods

  • sts.organizations.locations.workloadIdentityPools.openid.getJwks

      Flat Path : v1/organizations/{organizationsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/openid/jwks

      Parameters :

        name

          Description : Required. The name of the pool whose JWKS needs to be retrieved. Format: 'organizations/{ORGANIZATION_NUMBER}/locations/global/workloadIdentityPools/{POOL_ID}' 'projects/{PROJECT_NUMBER}/locations/global/workloadIdentityPools/{POOL_ID}' Example(s): 'organizations/1234/locations/global/workloadIdentityPools/agents.global.org-1234.system.id.goog' 'projects/12345678/locations/global/workloadIdentityPools/agents.global.proj-12345678.system.id.goog'

          Required : Yes

          Pattern : ^organizations/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+$

          Location : path

          Type : string

      Parameter Order : name

      Description : Fetches the signing keys for an agentic or managed workload identity pool and returns them in JWKs format, defined in [RFC 7517](https://tools.ietf.org/html/rfc7517). For now, only agentic system pools are supported.

      Path : v1/{+name}/openid/jwks

      HTTP Method : GET

  • sts.projects.locations.workloadIdentityPools.openid.getJwks

      HTTP Method : GET

      Flat Path : v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/openid/jwks

      Parameters :

        name

          Description : Required. The name of the pool whose JWKS needs to be retrieved. Format: 'organizations/{ORGANIZATION_NUMBER}/locations/global/workloadIdentityPools/{POOL_ID}' 'projects/{PROJECT_NUMBER}/locations/global/workloadIdentityPools/{POOL_ID}' Example(s): 'organizations/1234/locations/global/workloadIdentityPools/agents.global.org-1234.system.id.goog' 'projects/12345678/locations/global/workloadIdentityPools/agents.global.proj-12345678.system.id.goog'

          Required : Yes

          Pattern : ^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+$

          Location : path

          Type : string

      Parameter Order : name

      Description : Fetches the signing keys for an agentic or managed workload identity pool and returns them in JWKs format, defined in [RFC 7517](https://tools.ietf.org/html/rfc7517). For now, only agentic system pools are supported.

      Path : v1/{+name}/openid/jwks