Update manifest and docs to 5.4.1

Venafi · Mar 9, 2023 · 40a6404 · 40a6404
1 parent 973b89a
commit 40a6404
Show file tree

Hide file tree

Showing 5 changed files with 64 additions and 8 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,6 @@
+## 5.4.1
+- Add support for JWT token authentication in `New-VenafiSession` and `New-TppToken`
+
 ## 5.4.0
 - Add 'all' token scope with 2 values, 'core' and 'admin'.  'Core' is all scopes except for admin and 'admin' includes admin.  Use as `New-VenafiSession -Scope @{'all'='core'}`.  Not suggested for production environments
 - Add `-SkipCertificateCheck` to `New-VenafiSession` and `New-TppToken` to bypass certificate checking, useful in pre-production environments, connecting via IP, etc.  If you aren't creating a new session, but providing a token directly to a function, the same functionality can be found by setting an environment variable `$env:VENAFIPS_SKIP_CERT_CHECK=1`.  If vaulting your token, this value will also be vaulted in the metadata making it very easy to use `New-VenafiSession -VaultRefreshAccessToken $name` and connect to pre-prod environments with no certificate checking
@@ -512,5 +515,6 @@
 
 
 
+
 
 
diff --git a/VenafiPS/VenafiPS.psd1 b/VenafiPS/VenafiPS.psd1
@@ -3,7 +3,7 @@
 #
 # Generated by: Venafi
 #
-# Generated on: 02/22/2023
+# Generated on: 03/09/2023
 #
 
 @{
@@ -12,7 +12,7 @@
 RootModule = 'VenafiPS.psm1'
 
 # Version number of this module.
-ModuleVersion = '5.4.0'
+ModuleVersion = '5.4.1'
 
 # Supported PSEditions
 # CompatiblePSEditions = @()

diff --git a/docs/changelog.md b/docs/changelog.md
@@ -1,3 +1,6 @@
+## 5.4.1
+- Add support for JWT token authentication in `New-VenafiSession` and `New-TppToken`
+
 ## 5.4.0
 - Add 'all' token scope with 2 values, 'core' and 'admin'.  'Core' is all scopes except for admin and 'admin' includes admin.  Use as `New-VenafiSession -Scope @{'all'='core'}`.  Not suggested for production environments
 - Add `-SkipCertificateCheck` to `New-VenafiSession` and `New-TppToken` to bypass certificate checking, useful in pre-production environments, connecting via IP, etc.  If you aren't creating a new session, but providing a token directly to a function, the same functionality can be found by setting an environment variable `$env:VENAFIPS_SKIP_CERT_CHECK=1`.  If vaulting your token, this value will also be vaulted in the metadata making it very easy to use `New-VenafiSession -VaultRefreshAccessToken $name` and connect to pre-prod environments with no certificate checking
@@ -512,5 +515,6 @@
 
 
 
+
 
 
diff --git a/docs/functions/New-TppToken.md b/docs/functions/New-TppToken.md
@@ -17,6 +17,12 @@ New-TppToken -AuthServer <String> -ClientId <String> -RefreshToken <PSCredential
  [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
+### Jwt
+```
+New-TppToken -AuthServer <String> -ClientId <String> -Scope <Hashtable> -Jwt <String> [-SkipCertificateCheck]
+ [-WhatIf] [-Confirm] [<CommonParameters>]
+```
+
 ### Certificate
 ```
 New-TppToken -AuthServer <String> -ClientId <String> -Scope <Hashtable> -Certificate <X509Certificate>
@@ -79,7 +85,7 @@ venafi.company.com
 
 ```yaml
 Type: String
-Parameter Sets: Integrated, RefreshToken, Certificate, OAuth
+Parameter Sets: Integrated, RefreshToken, Jwt, Certificate, OAuth
 Aliases: Server
 
 Required: True
@@ -94,7 +100,7 @@ Applcation Id configured in Venafi for token-based authentication
 
 ```yaml
 Type: String
-Parameter Sets: Integrated, RefreshToken, Certificate, OAuth
+Parameter Sets: Integrated, RefreshToken, Jwt, Certificate, OAuth
 Aliases:
 
 Required: True
@@ -116,7 +122,7 @@ Usage of the 'all' scope is not suggested for production.
 
 ```yaml
 Type: Hashtable
-Parameter Sets: Integrated, Certificate, OAuth
+Parameter Sets: Integrated, Jwt, Certificate, OAuth
 Aliases:
 
 Required: True
@@ -156,6 +162,23 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -Jwt
+JSON web token.
+Available in TPP v22.4 and later.
+Ensure jwt mapping has been configured in VCC, Access Management-\>JWT Mappings.
+
+```yaml
+Type: String
+Parameter Sets: Jwt
+Aliases:
+
+Required: True
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -Certificate
 Certificate used to request API token. 
 Certificate authentication must be configured for remote web sdk clients, https://docs.venafi.com/Docs/current/TopNav/Content/CA/t-CA-ConfiguringInTPPandIIS-tpp.php.

diff --git a/docs/functions/New-VenafiSession.md b/docs/functions/New-VenafiSession.md
@@ -35,6 +35,12 @@ New-VenafiSession -Server <String> -AccessToken <PSCredential> [-VaultAccessToke
  [-VaultMetadata] [-PassThru] [-SkipCertificateCheck] [<CommonParameters>]
 ```
 
+### TokenJwt
+```
+New-VenafiSession -Server <String> -ClientId <String> -Scope <Hashtable> -Jwt <String> [-PassThru]
+ [-SkipCertificateCheck] [<CommonParameters>]
+```
+
 ### TokenCertificate
 ```
 New-VenafiSession -Server <String> -ClientId <String> -Scope <Hashtable> -Certificate <X509Certificate>
@@ -162,7 +168,7 @@ If just the server name is provided, https:// will be appended.
 
 ```yaml
 Type: String
-Parameter Sets: KeyIntegrated, RefreshToken, AccessToken, TokenCertificate, TokenIntegrated, TokenOAuth, KeyCredential
+Parameter Sets: KeyIntegrated, RefreshToken, AccessToken, TokenJwt, TokenCertificate, TokenIntegrated, TokenOAuth, KeyCredential
 Aliases: ServerUrl, Url
 
 Required: True
@@ -217,7 +223,7 @@ Accept wildcard characters: False
 
 ```yaml
 Type: String
-Parameter Sets: RefreshToken, TokenCertificate, TokenIntegrated, TokenOAuth
+Parameter Sets: RefreshToken, TokenJwt, TokenCertificate, TokenIntegrated, TokenOAuth
 Aliases:
 
 Required: True
@@ -251,7 +257,7 @@ Accept wildcard characters: False
 
 ```yaml
 Type: Hashtable
-Parameter Sets: TokenCertificate, TokenIntegrated, TokenOAuth
+Parameter Sets: TokenJwt, TokenCertificate, TokenIntegrated, TokenOAuth
 Aliases:
 
 Required: True
@@ -307,6 +313,23 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -Jwt
+JSON web token.
+Available in TPP v22.4 and later.
+Ensure jwt mapping has been configured in VCC, Access Management-\>JWT Mappings.
+
+```yaml
+Type: String
+Parameter Sets: TokenJwt
+Aliases:
+
+Required: True
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -Certificate
 Certificate for token-based authentication
 
@@ -519,6 +542,8 @@ This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable
 
 [https://docs.venafi.com/Docs/current/TopNav/Content/SDK/AuthSDK/r-SDKa-POST-AuthorizeCertificate.php](https://docs.venafi.com/Docs/current/TopNav/Content/SDK/AuthSDK/r-SDKa-POST-AuthorizeCertificate.php)
 
+[https://docs.venafi.com/Docs/current/TopNav/Content/SDK/AuthSDK/r-SDKa-POST-AuthorizeJwt.php](https://docs.venafi.com/Docs/current/TopNav/Content/SDK/AuthSDK/r-SDKa-POST-AuthorizeJwt.php)
+
 [https://github.com/PowerShell/SecretManagement](https://github.com/PowerShell/SecretManagement)
 
 [https://github.com/PowerShell/SecretStore](https://github.com/PowerShell/SecretStore)