actions/jwt
4
0
Fork
You've already forked jwt
 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
2 commits 1 branch 0 tags 15 KiB
  • TypeScript 100%
Find a file
Exact
Repository files (latest commit first)
Filename Latest commit message Latest commit date
Jan Hamal Dvořák bd4952cdba Use runner's node
2026-06-25 16:09:14 +02:00
action.yml Use runner's node 2026-06-25 16:09:14 +02:00
index.mts Initial import 2026-06-25 15:44:35 +02:00
README.md Initial import 2026-06-25 15:44:35 +02:00

README.md

JWT Token

A Forgejo Action that obtains a JWT token from the Forgejo OIDC endpoint for use with Authorized Integrations.

Usage

jobs:
  example:
    runs-on: docker
    enable-openid-connect: true
    steps:
      - id: token
        uses: actions/jwt@v1
        with:
          audience: "u:1:f92855c4-d9b2-40e2-a136-432b16bb7a78"

      - run: |
          curl -H "Authorization: bearer ${{ steps.token.outputs.jwt }}" \
            "${{ forgejo.server_url }}/api/v1/user"

Prerequisites

  1. Create an Authorized Integration in Forgejo under Settings → Authorized Integrations → Create New.

  2. Choose Forgejo Actions (Local) and configure the source restrictions (repository, workflow file, git reference, event).

  3. Save and copy the Audience value.

  4. Set enable-openid-connect: true at the workflow or job level.

Inputs

Name Required Description
audience yes Audience UUID from the Authorized Integration.

Outputs

Name Description
jwt The JWT token, masked in runner logs.

Notes

  • The audience value is not confidential and can be committed to public repositories.

  • The default token lifetime is 1 hour (configurable server-side via [actions].ID_TOKEN_EXPIRATION_TIME).