Hi,
I’m trying to achieve the following use case on Terraform Enterprise.
I have a “Project Team” granted at project level and for which I generate a token (“Project Team Token”).
For each Workspace inside the Project I have a “Workspace Team”.
I’d like with the “Project Team Token” to be able programmatically, so via API, to generate token for other “Workspace Team” for each Workspace.
I browsed docs, tested multiple permissions combinations (eg “Admin” permissions group for “Project Team”, etc…) without success. All my attempts end with 4xx errors, eg :
curl --header "Authorization: Bearer ${TOKEN}" \
--header "Content-Type: application/vnd.api+json" \
--request GET \
https://tfe.mydomain.com/api/v2/teams/team-aabbccddeeff123/authentication-token
{"errors":[{"status":"404","title":"not found"}]}
When reading docs (API Tokens - Terraform Enterprise | Terraform | HashiCorp Developer)
I see : “Team tokens” + “Manage team tokens” = “Implicit for token type” Permission so I thought it was possible, but may be it means manage its OWN token and not for others.
Is that possible ?
If so how to achieve this ?
Thanks.