OpenID Connect
NetActuate supports OpenID Connect (OIDC) for token-based authentication and authorization. OIDC enables secure, standards-based integration between your applications and NetActuate services without managing API keys directly.
Overview
OIDC is built on top of OAuth 2.0 and provides identity verification through ID tokens (JWTs). You can use OIDC to:
- Authenticate service accounts and CI/CD pipelines
- Federate identity with cloud providers (e.g., GCP Workload Identity Federation)
- Build custom integrations that securely access the NetActuate API
Configuration
To configure OIDC for your account, navigate to Account → Settings → OIDC in the NetActuate portal.
API Endpoints
| Endpoint | URL |
|---|---|
| OIDC Discovery | https://portal.netactuate.com/.well-known/openid-configuration |
| Authorization | https://portal.netactuate.com/oauth/authorize |
| Token | https://portal.netactuate.com/oauth/token |
| UserInfo | https://portal.netactuate.com/oauth/userinfo |
| JWKS | https://portal.netactuate.com/.well-known/jwks.json |
Integration Guides
Sample Applications
- GoLang Example - Complete OIDC integration using Go
- Node.js Example - Complete OIDC integration using Node.js and TypeScript
GCP Integration
- GCP OIDC Federation - Federate NetActuate OIDC tokens with Google Cloud
- GCP STS Integration - Exchange NetActuate tokens using GCP Security Token Service
Token Claims
NetActuate OIDC tokens include the following standard claims:
| Claim | Description |
|---|---|
sub | Unique user identifier |
email | User email address |
name | User display name |
iss | Token issuer URL |
aud | Client ID (audience) |
exp | Token expiration time |
iat | Token issued-at time |
Need Help?
If you run into issues configuring OIDC, contact NetActuate Support.