Maybe in some other form, but the current style of injecting an oidc token was d... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		jdeastwood 20 hours ago \| parent \| context \| favorite \| on: GitHub Actions has a package manager, and it might... Maybe in some other form, but the current style of injecting an oidc token was definitely in github actions first. Here is the gitlab issue tracking the final bit of it's implementation directly mentioning github: https://gitlab.com/gitlab-org/gitlab/-/issues/356986

sofixa 20 hours ago [–]

This is the more flexible and secure (specific aud) replacement for CI_JOB_JWT which has been there since at least 2017, if not before. Functionally it was exactly the same, a JWT token per pipeline allowing you to authenticate to third parties that support OIDC/JWT Auth.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact