Hashicorp Cloud - Notification Configuration with Token

I am trying this out, but I could not figure out what format is required for the token.

My callback API requires

POST /v1/api/callback/<my_generated_id>/callback HTTP/1.1
Host: http://my.example.host.com
Authorization: Bearer bfa620013597e9c30c179037ad74527a4956a561
Content-Type: application/json
  "payload_version": 1,
  "notification_configuration_id": "nc-123",
  "run_url": "https://app.terraform.io/api/v2/runs/run-234",
  "run_id": "run-234",
  "run_message": "Add five new queue workers",
  "run_created_at": "2019-01-25T18:34:00.000Z",
  "run_created_by": "sample-user",
  "workspace_id": "ws-xyz",
  "workspace_name": "my-workspace",
  "organization_name": "acme-org",
  "notifications": [
      "message": "Run Planned",
      "trigger": "run:completed",
      "run_status": "planned",
      "run_updated_at": "2019-01-25T18:37:04.000Z",
      "run_updated_by": "sample-user"

And I tried registering with below payload but I get a 401 error.

POST /api/v2/workspaces/ws-xyz/notification-configurations HTTP/1.1
Host: app.terraform.io
Authorization: Bearer <my-terraform-cloud-token>
content-type: application/vnd.api+json
  "data": {
    "type": "notification-configurations",
    "attributes": {
      "destination-type": "generic",
      "enabled": true,
      "name": "My Integration",
      "token": "bfa620013597e9c30c179037ad74527a4956a561",
      "url": "http://my.example.host.com/v1/api/callback/1122334455/callback",
      "triggers": [


    "errors": [
            "status": "400",
            "title": "Verification Delivery Error",
            "detail": "Verification failed with the error: 401. Check that your URL is correct."

It looks like your callback API is expecting a bearer token authorization header. Unfortunately, Terraform Cloud notifications do not support an authorization header on outbound requests.

The documentation you linked to uses a stored token to generate an HMAC signature of the request, which allows your callback API to verify that the notification came from your Terraform Cloud configuration. This would need to be implemented on your end to process the X-TFE-Notification-Signature header. This is different from bearer authentication.

Sorry that I don’t have an easy solution, but I hope you can modify your callback API to work with Terraform Cloud notifications!