How to get redacted JSON plan

Hi,

I’m building a feature that requires me to process the JSON plan of a workspace run. I’ve been successfully fetching it with GET https://app.terraform.io/api/v2/plans/<PLAN_ID>/json-output. However this has failed for a customer who has a Team token with the View all workspaces permission. The customer reports that the endpoint returns a 404, but the redacted output endpoint (with the same plan ID) succeeds: GET https://app.terraform.io/api/v2/plans/<PLAN_ID>/json-output-redacted. The customer does not want to make a highly privileged token available to my feature, so he has requested that I work with the redacted plan instead.

In investigating whether I could switch to the redacted plan’s endpoint, I discovered that its output is 10,000 times as large as the vanilla plan. I also noticed that this endpoint is not documented in the Plan API Docs. What’s going on? What is the proper way to get a redacted JSON plan output?

1 Like

I’m in a similar situation where I would like developers that don’t have administrator access to be able to run scripts that can inspect the redacted plan. the json-output-redacted endpoint seems promising, but there is no documentation.