# actions-oidc-debugger **Repository Path**: mirrors_github/actions-oidc-debugger ## Basic Information - **Project Name**: actions-oidc-debugger - **Description**: An Action for printing OIDC claims in GitHub Actions. - **Primary Language**: Unknown - **License**: MIT - **Default Branch**: main - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 0 - **Forks**: 0 - **Created**: 2022-07-20 - **Last Updated**: 2026-02-14 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README # ⚠️ Archival notice Due to the lack of time we could allocate to this repo, we've decided to archive it. You can use [`steve-todorov`'s version](https://github.com/steve-todorov/oidc-debugger-action/blob/f9915fe9dc64133704c072eb59436373c23e9fdd/action.yml) instead. If you want just the code ([reference](https://github.com/github/actions-oidc-debugger/issues/30#issuecomment-3169059282), thanks again to `steve-todorov`): ```yaml - name: Show OIDC claims (right before assume) env: AUDIENCE: "sts.amazonaws.com" run: | TOKEN_JSON=$(curl -s -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=$AUDIENCE") ID_TOKEN=$(echo "$TOKEN_JSON" | jq -r .value) echo "$ID_TOKEN" | awk -F. '{print $2}' | base64 -d 2>/dev/null | jq -r ``` --- # actions-oidc-debugger This action requests a JWT and prints the claims included within the JWT received from GitHub Actions. ## How to use this Action Here's an example of how to use this action: ```yaml name: Test Debugger Action on: pull_request: workflow_dispatch: jobs: oidc_debug_test: permissions: contents: read id-token: write runs-on: ubuntu-latest name: A test of the oidc debugger steps: - name: Debug OIDC Claims uses: github/actions-oidc-debugger@main with: audience: '${{ github.server_url }}/${{ github.repository_owner }}' ``` The resulting output in your Actions log will look something like this: ```json { "actor": "GrantBirki", "actor_id": "23362539", "aud": "https://github.com/github", "base_ref": "main", "enterprise": "github", "enterprise_id": "11468", "event_name": "pull_request", "exp": 1751581975, "head_ref": "release-setup", "iat": 1751560375, "iss": "https://token.actions.githubusercontent.com", "job_workflow_ref": "github/actions-oidc-debugger/.github/workflows/action-test.yml@refs/pull/27/merge", "job_workflow_sha": "7f93a73b8273af5d35fcd70661704c1cadc57054", "jti": "4a576b35-ff09-41c5-af2c-ca62dd89b76a", "nbf": 1751560075, "ref": "refs/pull/27/merge", "ref_protected": "false", "ref_type": "branch", "repository": "github/actions-oidc-debugger", "repository_id": "487920697", "repository_owner": "github", "repository_owner_id": "9919", "repository_visibility": "public", "run_attempt": "1", "run_id": "16055869479", "run_number": "33", "runner_environment": "github-hosted", "sha": "7f93a73b8273af5d35fcd70661704c1cadc57054", "sub": "repo:github/actions-oidc-debugger:pull_request", "workflow": "Test Debugger Action", "workflow_ref": "github/actions-oidc-debugger/.github/workflows/action-test.yml@refs/pull/27/merge", "workflow_sha": "7f93a73b8273af5d35fcd70661704c1cadc57054" } ``` ## Maintainers Here is the general flow for developing this Action and releasing a new version: ### Bootstrapping This assumes you have `goenv` installed and the version listed in the `.go-version` file is installed as well. ```bash go mod vendor && go mod tidy && go mod verify ``` ### Releasing Please run `script/release` and publish a new release on GitHub from the resulting tag.