---
title: "Creating a Workload Identity Pool and Provider"
slug: "gcp-workload-identity-pool-and-provider"
updated: 2026-06-15T11:15:18Z
published: 2026-06-15T11:15:18Z
canonical: "docs.britive.com/gcp-workload-identity-pool-and-provider"
---

> ## Documentation Index
> Fetch the complete documentation index at: https://docs.britive.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Creating a Workload Identity Pool and Provider

1. Log in to the [GCP Console](https://console.cloud.google.com) using administrative privileges.
2. Select **IAM & Admin** -> **Workload Identity Federation** from the navigation menu.
3. From the selector on the top, select the project where you want to create a workload identity pool.
4. Click **+ CREATE POOL**.
5. Enter the following values in the Workload Identity Pool details on the **Create Workload Identity Pool** page:
  1. Enter the workload identity pool name and description and click **CONTINUE**.
  2. To add a provider to the pool, select **OpenID Connect (OIDC)** from the drop-down list and add the following provider details:
    1. Provider Name. This is the provider ID.
    2. Britive tenant’s OAuth URL, for example: *https://<TENANT_BASE_URL>/api/auth/sso/oauth2.*This field can be copied from the onboarded Britive GCP WIF app→**Settings**→**Britive Issuer URL**.
    3. Default Audience must be selected.
    4. Click **CONTINUE**.
  3. Add the following provider attributes:
    1. google.subject → assertion.sub
    2. click + Add Mapping
    3. attribute.email → assertion.email
  4. Click **SAVE**.