OIDC Rollout — Strait Docs

Monitoring & Alerts OIDC Rollout RBAC Policy Rollout API Key Rotation Rollout AuthZ Incident Response

Operations

Safely roll out OIDC authentication for user API traffic.

Rollout Steps

Enable OIDC config in a non-production environment.
Verify issuer/audience mapping and actor/project claim mapping.
Run in dual mode (OIDC + internal secret user headers) during migration.
Monitor 401/403 rates and permission-denied logs.
Gradually shift user traffic to OIDC bearer tokens.

Rollback

Disable OIDC config flags and revert to internal-secret header path.
Keep API keys and service-to-service flows unchanged.

Was this page helpful?

Monitoring & Alerts

Production monitoring baselines for health checks, metrics, auth, RBAC, audit events, and webhooks.

RBAC Policy Rollout

Safe rollout process for role inheritance, resource policies, and tag policies.

On this page

Rollout Steps Rollback