target_host: openclaw.example.com
authorized_by: roger@example.com
identity_provider: okta-saml
identity_assertion: eyJhbGciOiJIUzI1NiJ9.fake.payload
valid_from: 2026-04-25T00:00:00Z
valid_until: 2026-05-25T00:00:00Z
scope: [server-audit, remote-evaluation]
report_output_path_prefix: ./report-2026-04-25/
signature_mode: hmac_sha256
signature: "PLACEHOLDER_BASE64_SIG"
signature_key_env: AGENTSEC_AUTH_SIGNING_KEY
