We are trying to secure a GKE service using IAP with Workforce Identity Federation. Everything is working, but it is unclear if I am able to configure it so that additional claims from the IdP are passed into the TokenPayload after validating the `x-goog-iap-jwt-assertion` header. We have done the attribute mapping at the provider. We are attempting to get the authenticated user's `given_name`, `family_name`, and `groups` claims/attributes. Previously, we were using IAP with Identity Platform, and those claims were passed through in the token at `gcip.firebase.sign_in_attributes`.
Does anybody know if this is possible?
User | Count |
---|---|
2 | |
1 | |
1 | |
1 |