java.lang.Object
- net.snowflake.client.core.auth.wif.WorkloadIdentityUtil

```
@SnowflakeJdbcInternalApi
public class WorkloadIdentityUtil
extends Object
```
Utility class for Workload Identity Federation (WIF) specific operations. This class contains functions that are used exclusively within the WIF package.

Nested Class Summary

Nested Classes
Modifier and Type Class Description

static class WorkloadIdentityUtil.SubjectAndIssuer
Container class for JWT subject and issuer claims.

Field Summary

Fields
Modifier and Type Field Description

static String DEFAULT_METADATA_SERVICE_BASE_URL

static String SNOWFLAKE_AUDIENCE

static String SNOWFLAKE_AUDIENCE_HEADER_NAME

Constructor Summary

Constructors
Constructor Description

WorkloadIdentityUtil()

Method Summary

All Methods Static Methods Concrete Methods
Modifier and Type	Method	Description
`static WorkloadIdentityUtil.SubjectAndIssuer`	`extractClaimsWithoutVerifyingSignature(String token)`	Extracts claims (subject and issuer) from a JWT token without verifying the signature.
`static String`	`performIdentityRequest(org.apache.http.client.methods.HttpRequestBase tokenRequest, SFLoginInput loginInput)`	Performs an HTTP request for WIF identity token retrieval.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail
- DEFAULT_METADATA_SERVICE_BASE_URL
```
public static final String DEFAULT_METADATA_SERVICE_BASE_URL
```
  See Also:
  
  Constant Field Values
- SNOWFLAKE_AUDIENCE_HEADER_NAME
```
public static final String SNOWFLAKE_AUDIENCE_HEADER_NAME
```
  See Also:
  
  Constant Field Values
- SNOWFLAKE_AUDIENCE
```
public static final String SNOWFLAKE_AUDIENCE
```
  See Also:
  
  Constant Field Values

Constructor Detail
- WorkloadIdentityUtil
```
public WorkloadIdentityUtil()
```

Method Detail

performIdentityRequest

public static String performIdentityRequest(org.apache.http.client.methods.HttpRequestBase tokenRequest,
                                            SFLoginInput loginInput)
                                     throws SnowflakeSQLException,
                                            IOException

Performs an HTTP request for WIF identity token retrieval. This method is used by WIF authentication flows to communicate with cloud metadata services.

Throws:: SnowflakeSQLException; IOException

extractClaimsWithoutVerifyingSignature

public static WorkloadIdentityUtil.SubjectAndIssuer extractClaimsWithoutVerifyingSignature(String token)
                                                                                    throws SFException

Extracts claims (subject and issuer) from a JWT token without verifying the signature. This is used in WIF flows where signature verification is handled elsewhere.

Throws:: SFException

Modifier and Type	Field	Description
`static String`	`DEFAULT_METADATA_SERVICE_BASE_URL`
`static String`	`SNOWFLAKE_AUDIENCE`
`static String`	`SNOWFLAKE_AUDIENCE_HEADER_NAME`

Class WorkloadIdentityUtil

Nested Class Summary

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

DEFAULT_METADATA_SERVICE_BASE_URL

SNOWFLAKE_AUDIENCE_HEADER_NAME

SNOWFLAKE_AUDIENCE

Constructor Detail

WorkloadIdentityUtil

Method Detail

performIdentityRequest

extractClaimsWithoutVerifyingSignature