What Is OIDC Token Exchange? Swapping Identity for Short-Lived Access
OIDC token exchange lets a CI pipeline present a signed identity token and receive a short-lived cloud credential in return, eliminating stored secrets.
The old way to let a pipeline deploy to the cloud was to store a long-lived cloud key as a CI secret, a value that could leak and worked forever. OIDC token exchange replaces that. The CI provider issues a signed identity token, the cloud verifies it and trusts the provider, and hands back a short-lived credential. No standing secret ever changes hands.
The handshake
- The CI provider mints a signed OIDC token describing the job.
- The pipeline presents it to the cloud (AWS, GCP, Azure).
- The cloud verifies the signature and the token's claims.
- It returns a short-lived, scoped credential for that job.
Why it removes the stored secret
The cloud trusts the CI provider as an identity provider, not a particular key you stored. The pipeline proves who it is each run, so there is no long-lived cloud key sitting in CI secrets to leak. The credential it receives lives only for the job.
Trust through claims
The OIDC token carries claims: which repo, which branch, which workflow. The cloud's trust policy can require specific claims, so only your main branch in your repo can assume a deploy role. This binds access to exactly the right pipeline context.
Why it is a big deal
It collapses two hard problems, secret storage and secret rotation, into nothing. There is no secret to store and none to rotate, because the credential is ephemeral and identity-based. It is the cleanest answer to cloud access from CI.
The token must come from a trusted runner
The whole model rests on the identity token being authentic. It must be issued for a real, untampered job, which is why running on a trusted, isolated build environment matters: an attacker who controlled the runner could try to obtain tokens for jobs that are not really yours.
Key takeaways
- OIDC token exchange trades a signed identity token for a short-lived cloud credential.
- It removes the stored long-lived cloud key, so there is nothing durable to leak.
- Trust policies key on token claims (repo, branch) to bind access to the right job.