Logs
The ezoidc server outputs logs to stdout in JSON lines format.
{ "level": "info", "request_id": "41619360-28b4-41b6-b7dc-06f6540c9c03", "status": 200, "method": "GET", "path": "/ezoidc/1.0/variables", "client_ip": "192.168.194.0", "response_time": 8.890716, "allowed": { "success": "read", "secret": "internal" }, "issuer": "k8s", "sub": "system:serviceaccount:default:default", "iss": "https://kubernetes.default.svc.cluster.local", "params": [ "param_name" ], "time": "2024-10-22T17:41:53Z"}Reasons
If the provided token cannot be validated, the status will be set to 401 and the reason field will include the reason.
| Reason | Description |
|---|---|
| invalid:jwt | The token is empty or malformed. |
| invalid:kid | The token was signed with an unknown key. |
| invalid:claims:iss | The issuer is invalid or the server is not configured to accept tokens from this issuer. |
| invalid:claims:aud | The token is not intended for an audience configured by the server. |
| invalid:claims:exp | The token is expired. |
| invalid:claims:nbf | The token is not valid yet. |
| invalid:claims:iat | The token was issued in the future. |