Dev guideUser Guide
HomeDev guideAPI ReferenceGraphQL
Dev guideUser GuideGitHubNuGetDev CommunitySubmit a ticketLog In
GitHubNuGetDev CommunitySubmit a ticket

Generic OIDC provider

How to authenticate using a generic OIDC provider.

Suggest Edits

To use an external (generic) OIDC provider, you need to set up the OIDC config to verify the JWT token:

  1. Send a PUT request to the OIDC config url: https://cg.optimizely.com/api/config/oidc with epi-hmac or basic authorization header:

    curl -XPUT \
  -H 'Authorization: Basic {appKey}:{secret}' \
  -d '{
    "issuer": "{your_issue}",
    "audience": "{your_audience}",
  }' https://cg.optimizely.com/api/config/oidc

    {
    "issuer": "{your_issue}",
    "audience": "{your_audience}",
}

  2. After you authenticate, your JWT payload should have issuer and audience claims:

    {
  "sub": "1234567890",
  "name": "John Doe",
  "iat": 1516239022,
  "iss": "{your_issuer}",
  "audience": "{your_audience}"
}

  3. Send your GQL query to the query endpoint with your JWT token:

    curl -XPOST \
  -H 'Authorization: Bearer {jwt_token}' \
  -d '{query}' \
  https://cg.optimizely.com/content/v2/tenant_id={your_turnstile_tenant_id}

Updated 23 days ago