Update google-cloud-batch.md

justinegeffen · web-flow · commit 5ca842e55b02 · 2026-04-21T23:21:22.000+02:00
Signed-off-by: Justine Geffen &lt;justinegeffen@users.noreply.github.com&gt;
diff --git a/platform-enterprise_docs/compute-envs/google-cloud-batch.md b/platform-enterprise_docs/compute-envs/google-cloud-batch.md
@@ -100,8 +100,10 @@ You can manage your key from the **Service Accounts** page.
 
 **Workload Identity Federation**
 
-:::tip
 Workload Identity Federation (WIF) is the recommended authentication method for production and regulated environments because it eliminates the need for long-lived service account keys. WIF uses short-lived OIDC tokens for authentication, which are generated by Seqera Platform.
+
+:::note
+If you have not generated and set an RSA keypair as part of your Enterprise deployment, any authentication will fail with the message `WIF credentials require the OIDC provider to be configured (tower.oidc.pem.path)`.
 :::
 
 To authenticate using Workload Identity Federation, you must first configure a [Workload Identity Pool and Provider](https://cloud.google.com/iam/docs/workload-identity-federation-with-other-providers) in your Google Cloud project. After setting up WIF in Google Cloud, you need the following information to create a credential in Seqera:
