• Overview
    • Enforce Policy as Code
    • Infrastructure as Code
    • Inject Secrets into Terraform
    • Integrate with Existing Workflows
    • Manage Kubernetes
    • Manage Virtual Machine Images
    • Multi-Cloud Deployment
    • Network Infrastructure Automation
    • Terraform CLI
    • Terraform Cloud
    • Terraform Enterprise
  • Registry
  • Tutorials
    • About the Docs
    • Intro to Terraform
    • Configuration Language
    • Terraform CLI
    • Terraform Cloud
    • Terraform Enterprise
    • Provider Use
    • Plugin Development
    • Registry Publishing
    • Integration Program
    • Terraform Tools
    • CDK for Terraform
    • Glossary
  • Community
GitHubTerraform Cloud
Download

    Terraform Cloud and Enterprise

  • Overview
  • Plans and Features
  • Getting Started
    • API Docs template
    • Overview
    • Account
    • Agent Pools
    • Agent Tokens
    • Applies
    • Audit Trails
    • Comments
    • Configuration Versions
    • Cost Estimates
    • Feature Sets
    • Invoices
    • IP Ranges
    • Notification Configurations
    • OAuth Clients
    • OAuth Tokens
    • Organizations
    • Organization Memberships
    • Organization Tags
    • Organization Tokens
    • Plan Exports
    • Plans
    • Policies
    • Policy Checks
    • Policy Sets
    • Policy Set Parameters
      • Modules
      • Providers
      • Private Provider Versions and Platforms
      • GPG Keys
    • Runs
      • Run Tasks
      • Stages and Results
      • Custom Integration
    • Run Triggers
    • SSH Keys
    • State Versions
    • State Version Outputs
    • Subscriptions
    • Team Access
    • Team Membership
    • Team Tokens
    • Teams
    • User Tokens
    • Users
    • Variables
    • VCS Events
    • Workspaces
    • Workspace-Specific Variables
    • Workspace Resources
    • Variable Sets
      • Overview
      • Module Sharing
      • Organizations
      • Runs
      • Settings
      • Terraform Versions
      • Users
      • Workspaces
    • Changelog
    • Stability Policy
    • Overview
    • Creating Workspaces
    • Naming
    • Terraform Configurations
      • Overview
      • Managing Variables
      • Overview
      • VCS Connections
      • Access
      • Drift Detection
      • Notifications
      • SSH Keys for Modules
      • Run Triggers
      • Run Tasks
    • Terraform State
    • JSON Filtering
    • Remote Operations
    • Viewing and Managing Runs
    • Run States and Stages
    • Run Modes and Options
    • UI/VCS-driven Runs
    • API-driven Runs
    • CLI-driven Runs
    • The Run Environment
    • Installing Software
    • Users
    • Teams
    • Organizations
    • Permissions
    • Two-factor Authentication
    • API Tokens
      • Overview
      • Microsoft Azure AD
      • Okta
      • SAML
      • Linking a User Account
      • Testing
    • Overview
    • GitHub.com
    • GitHub.com (OAuth)
    • GitHub Enterprise
    • GitLab.com
    • GitLab EE and CE
    • Bitbucket Cloud
    • Bitbucket Server and Data Center
    • Azure DevOps Services
    • Azure DevOps Server
    • Troubleshooting
    • Overview
    • Adding Public Providers and Modules
    • Publishing Private Providers
    • Publishing Private Modules
    • Using Providers and Modules
    • Configuration Designer
  • Migrating to Terraform Cloud
    • Overview
    • Using Sentinel with Terraform 0.12
    • Manage Policies
    • Enforce and Override Policies
    • Mocking Terraform Sentinel Data
    • Working With JSON Result Data
      • Overview
      • tfconfig
      • tfconfig/v2
      • tfplan
      • tfplan/v2
      • tfstate
      • tfstate/v2
      • tfrun
    • Example Policies
    • Overview
    • AWS
    • GCP
    • Azure
      • Overview
      • Service Catalog
      • Admin Guide
      • Developer Reference
      • Example Customizations
      • V1 Setup Instructions
    • Splunk Integration
    • Kubernetes Integration
    • Run Tasks Integration
    • Overview
    • IP Ranges
    • Data Security
    • Security Model
    • Overview
    • Part 1: Overview of Our Recommended Workflow
    • Part 2: Evaluating Your Current Provisioning Practices
    • Part 3: How to Evolve Your Provisioning Practices
    • Part 3.1: From Manual Changes to Semi-Automation
    • Part 3.2: From Semi-Automation to Infrastructure as Code
    • Part 3.3: From Infrastructure as Code to Collaborative Infrastructure as Code
    • Part 3.4: Advanced Workflow Improvements

  • Terraform Cloud Agents

  • Terraform Enterprise Admin

  • Other Docs

  • Intro to Terraform
  • Configuration Language
  • Terraform CLI
  • Terraform Cloud
  • Terraform Enterprise
  • Provider Use
  • Plugin Development
  • Registry Publishing
  • Integration Program
  • Terraform Tools
  • CDK for Terraform
  • Glossary
Type '/' to Search

»OAuth Tokens

The oauth-token object represents a VCS configuration which includes the OAuth connection and the associated OAuth token. This object is used when creating a workspace to identify which VCS connection to use.

»List OAuth Tokens

List all the OAuth Tokens for a given OAuth Client

GET /oauth-clients/:oauth_client_id/oauth-tokens

ParameterDescription
:oauth_client_idThe ID of the OAuth Client
StatusResponseReason
200JSON API document (type: "oauth-tokens")Success
404JSON API error objectOAuth Client not found, or user unauthorized to perform action

»Query Parameters

This endpoint supports pagination with standard URL query parameters. Remember to percent-encode [ as %5B and ] as %5D if your tooling doesn't automatically encode URLs. If neither pagination query parameters are provided, the endpoint will not be paginated and will return all results.

ParameterDescription
page[number]Optional. If omitted, the endpoint will return the first page.
page[size]Optional. If omitted, the endpoint will return 20 oauth tokens per page.

»Sample Request

curl \
  --header "Authorization: Bearer $TOKEN" \
  https://app.terraform.io/api/v2/oauth-clients/oc-GhHqb5rkeK19mLB8/oauth-tokens
curl \
  --header "Authorization: Bearer $TOKEN" \
  https://app.terraform.io/api/v2/oauth-clients/oc-GhHqb5rkeK19mLB8/oauth-tokens

»Sample Response

{
  "data": [
    {
      "id": "ot-hmAyP66qk2AMVdbJ",
      "type": "oauth-tokens",
      "attributes": {
        "created-at":"2017-11-02T06:37:49.284Z",
        "service-provider-user":"skierkowski",
        "has-ssh-key": false
      },
      "relationships": {
        "oauth-client": {
          "data": {
            "id": "oc-GhHqb5rkeK19mLB8",
            "type": "oauth-clients"
          },
          "links": {
            "related": "/api/v2/oauth-clients/oc-GhHqb5rkeK19mLB8"
          }
        }
      },
      "links": {
        "self": "/api/v2/oauth-tokens/ot-hmAyP66qk2AMVdbJ"
      }
    }
  ]
}
{
  "data": [
    {
      "id": "ot-hmAyP66qk2AMVdbJ",
      "type": "oauth-tokens",
      "attributes": {
        "created-at":"2017-11-02T06:37:49.284Z",
        "service-provider-user":"skierkowski",
        "has-ssh-key": false
      },
      "relationships": {
        "oauth-client": {
          "data": {
            "id": "oc-GhHqb5rkeK19mLB8",
            "type": "oauth-clients"
          },
          "links": {
            "related": "/api/v2/oauth-clients/oc-GhHqb5rkeK19mLB8"
          }
        }
      },
      "links": {
        "self": "/api/v2/oauth-tokens/ot-hmAyP66qk2AMVdbJ"
      }
    }
  ]
}

»Show an OAuth Token

GET /oauth-tokens/:id

ParameterDescription
:idThe ID of the OAuth token to show
StatusResponseReason
200JSON API document (type: "oauth-tokens")Success
404JSON API error objectOAuth Token not found, or user unauthorized to perform action

»Sample Request

curl \
  --header "Authorization: Bearer $TOKEN" \
  --header "Content-Type: application/vnd.api+json" \
  --request GET \
  https://app.terraform.io/api/v2/oauth-tokens/ot-29t7xkUKiNC2XasL
curl \
  --header "Authorization: Bearer $TOKEN" \
  --header "Content-Type: application/vnd.api+json" \
  --request GET \
  https://app.terraform.io/api/v2/oauth-tokens/ot-29t7xkUKiNC2XasL

»Sample Response

{
  "data": {
    "id": "ot-29t7xkUKiNC2XasL",
    "type": "oauth-tokens",
    "attributes": {
      "created-at": "2018-08-29T14:07:22.144Z",
      "service-provider-user": "EM26Jj0ikRsIFFh3fE5C",
      "has-ssh-key": false
    },
    "relationships": {
      "oauth-client": {
        "data": {
          "id": "oc-WMipGbuW8q7xCRmJ",
          "type": "oauth-clients"
        },
        "links": {
          "related": "/api/v2/oauth-clients/oc-WMipGbuW8q7xCRmJ"
        }
      }
    },
    "links": {
      "self": "/api/v2/oauth-tokens/ot-29t7xkUKiNC2XasL"
    }
  }
}
{
  "data": {
    "id": "ot-29t7xkUKiNC2XasL",
    "type": "oauth-tokens",
    "attributes": {
      "created-at": "2018-08-29T14:07:22.144Z",
      "service-provider-user": "EM26Jj0ikRsIFFh3fE5C",
      "has-ssh-key": false
    },
    "relationships": {
      "oauth-client": {
        "data": {
          "id": "oc-WMipGbuW8q7xCRmJ",
          "type": "oauth-clients"
        },
        "links": {
          "related": "/api/v2/oauth-clients/oc-WMipGbuW8q7xCRmJ"
        }
      }
    },
    "links": {
      "self": "/api/v2/oauth-tokens/ot-29t7xkUKiNC2XasL"
    }
  }
}

»Update an OAuth Token

PATCH /oauth-tokens/:id

ParameterDescription
:idThe ID of the OAuth token to update
StatusResponseReason
200JSON API document (type: "oauth-tokens")OAuth Token successfully updated
404JSON API error objectOAuth Token not found or user unauthorized to perform action
422JSON API error objectMalformed request body (missing attributes, wrong types, etc.)

»Request Body

This PATCH endpoint requires a JSON object with the following properties as a request payload.

Properties without a default value are required.

Key pathTypeDefaultDescription
data.typestringMust be "oauth-tokens".
data.attributes.ssh-keystringOptional. The SSH key

»Sample Payload

{
  "data": {
    "id": "ot-29t7xkUKiNC2XasL",
    "type": "oauth-tokens",
    "attributes": {
      "ssh-key": "..."
    }
  }
}
{
  "data": {
    "id": "ot-29t7xkUKiNC2XasL",
    "type": "oauth-tokens",
    "attributes": {
      "ssh-key": "..."
    }
  }
}

»Sample Request

curl \
  --header "Authorization: Bearer $TOKEN" \
  --header "Content-Type: application/vnd.api+json" \
  --request PATCH \
  --data @payload.json \
  https://app.terraform.io/api/v2/oauth-tokens/ot-29t7xkUKiNC2XasL
curl \
  --header "Authorization: Bearer $TOKEN" \
  --header "Content-Type: application/vnd.api+json" \
  --request PATCH \
  --data @payload.json \
  https://app.terraform.io/api/v2/oauth-tokens/ot-29t7xkUKiNC2XasL

»Sample Response

{
  "data": {
    "id": "ot-29t7xkUKiNC2XasL",
    "type": "oauth-tokens",
    "attributes": {
      "created-at": "2018-08-29T14:07:22.144Z",
      "service-provider-user": "EM26Jj0ikRsIFFh3fE5C",
      "has-ssh-key": false
    },
    "relationships": {
      "oauth-client": {
        "data": {
          "id": "oc-WMipGbuW8q7xCRmJ",
          "type": "oauth-clients"
        },
        "links": {
          "related": "/api/v2/oauth-clients/oc-WMipGbuW8q7xCRmJ"
        }
      }
    },
    "links": {
      "self": "/api/v2/oauth-tokens/ot-29t7xkUKiNC2XasL"
    }
  }
}
{
  "data": {
    "id": "ot-29t7xkUKiNC2XasL",
    "type": "oauth-tokens",
    "attributes": {
      "created-at": "2018-08-29T14:07:22.144Z",
      "service-provider-user": "EM26Jj0ikRsIFFh3fE5C",
      "has-ssh-key": false
    },
    "relationships": {
      "oauth-client": {
        "data": {
          "id": "oc-WMipGbuW8q7xCRmJ",
          "type": "oauth-clients"
        },
        "links": {
          "related": "/api/v2/oauth-clients/oc-WMipGbuW8q7xCRmJ"
        }
      }
    },
    "links": {
      "self": "/api/v2/oauth-tokens/ot-29t7xkUKiNC2XasL"
    }
  }
}

»Destroy an OAuth Token

DELETE /oauth-tokens/:id

ParameterDescription
:idThe ID of the OAuth Token to destroy
StatusResponseReason
204Empty responseThe OAuth Token was successfully destroyed
404JSON API error objectOAuth Token not found, or user unauthorized to perform action

»Sample Request

curl \
  --header "Authorization: Bearer $TOKEN" \
  --header "Content-Type: application/vnd.api+json" \
  --request DELETE \
  https://app.terraform.io/api/v2/oauth-tokens/ot-29t7xkUKiNC2XasL
curl \
  --header "Authorization: Bearer $TOKEN" \
  --header "Content-Type: application/vnd.api+json" \
  --request DELETE \
  https://app.terraform.io/api/v2/oauth-tokens/ot-29t7xkUKiNC2XasL
github logoEdit this page
  • Overview
  • Docs
  • Extend
  • Privacy
  • Security
  • Press Kit
  • Consent Manager