Notes on OIDC, identity federation, and securely verifying tokens from private services.
May 28, 2026
To federate a self-hosted OIDC IdP with AWS, GCP, or Vault, your discovery endpoint must be reachable from the public internet. Here's why — and how to expose only what's needed.
We use cookies for analytics to improve our service. You can change your preference at any time in the footer. Learn more