Azure OIDC configuration API reference

Note

Hold your own key is available on the HCP Terraform Premium edition. Refer to HCP Terraform pricing for details.

An Azure OIDC configuration is the model that lets you configure how hold your own key (HYOK) in HCP Terraform connects to your Microsoft Azure keys.

To learn more about hold your own key, refer to the Overview.

Create OIDC configuration

POST /api/v2/organizations/:organization_id/oidc-configurations

Parameter	Description
`:organization_id`	The ID of your organization.

Status	Response	Reason
201	JSON API document	Successfully created OIDC configuration.
404	JSON API error object	Organization not found, or user unauthorized to perform action.

Request body

This POST endpoint requires a JSON object with the following properties as a request payload.

Properties without a default value are required.

Key path	Type	Description
`data.type`	string	Must be `"azure-oidc-configurations"`.
`data.attributes.client-id`	string	The Client (or Application) ID of your Entra ID application.
`data.attributes.subscription-id`	string	The ID of your Azure subscription.
`data.attributes.tenant-id`	string	The Tenant (or Directory) ID of your Entra ID application.

Sample payload

{
  "data": {
    "attributes": {
      "client-id": "application-id1",
      "subscription-id": "subscription-id1",
      "tenant-id": "tenant-id1"
    },
    "type": "azure-oidc-configurations"
  }
}

Sample request

curl \
  --header "Authorization: Bearer $TOKEN" \
  --header "Content-Type: application/vnd.api+json" \
  --data @payload.json \
  --request POST \
  https://app.terraform.io/api/v2/organizations/:organization_id/oidc-configurations

Sample response

{
    "data": {
        "id": "azoidc-iWNz3taW7aRYiRfF",
        "type": "azure-oidc-configurations",
        "attributes": {
            "type": "AzureOidcConfiguration",
            "client-id": "application-id1",
            "subscription-id": "subscription-id1",
            "tenant-id": "tenant-id1"
        },
        "relationships": {
            "organization": {
                "data": {
                    "id": "my-hyok-org",
                    "type": "organizations"
                }
            }
        },
        "links": {
            "self": "/api/v2/oidc-configurations/azoidc-iWNz3taW7aRYiRfF"
        }
    }
}

Show OIDC configuration

GET /api/v2/oidc-configurations/:id

Parameter	Description
`id`	The ID of the OIDC configuration.

Status	Response	Reason
200	JSON API document	Successfully fetched OIDC configuration.
404	JSON API error object	OIDC configuration not found, or user unauthorized to perform action.

Sample request

curl \
  --header "Authorization: Bearer $TOKEN" \
  --header "Content-Type: application/vnd.api+json" \
  --request GET \
  https://app.terraform.io/api/v2/oidc-configurations/:id

Sample response

{
    "data": {
        "id": "azoidc-iWNz3taW7aRYiRfF",
        "type": "azure-oidc-configurations",
        "attributes": {
            "type": "AzureOidcConfiguration",
            "client-id": "application-id1",
            "subscription-id": "subscription-id1",
            "tenant-id": "tenant-id1"
        },
        "relationships": {
            "organization": {
                "data": {
                    "id": "my-hyok-org",
                    "type": "organizations"
                }
            }
        },
        "links": {
            "self": "/api/v2/oidc-configurations/azoidc-iWNz3taW7aRYiRfF"
        }
    }
}