Skip to main content
env0 enables easy OIDC integration by passing an environment variable named ENV0_OIDC_TOKEN to your deployments - its value contains a short lived OIDC token (JWT) for authentication via a third party application.

Improved Authorization

Your authorization server can use our newly added claims for more secure and fine-grained authorization, for example, here are a few possible verifications:
  • Only a specific team can deploy to a specific environment
  • A specific template can only be deployed to your dev / staging projects and not to the production project
  • Enforce a workspace name pattern in your organization
We added the following claims to the OIDC token:
  • organizationId
  • projectId
  • templateId
  • templateName
  • environmentId
  • environmentName
  • workspaceName
  • deploymentLogId
  • deployerEmail
Learn more about OIDC integration.