Signing back into the Community for the first time? You'll need to reset your password to access your account. Find out more.
Forum Discussion
How to get TOTP token from API connect server using Terraform?
Hi,
I've set up the API connect server and I'm trying to get a TOTP token from an item.
I can successfully retrieve it while using the API with curl but not via Terraform provider.
It's supported the retrieval of TOTP token via Terraform?
Below a sample TF manifest:
```
terraform {
required_version = ">= 1.3.7"
required_providers {
onepassword = {
source = "1Password/onepassword"
version = "1.1.4"
}
}
}
provider "onepassword" {
url = var.onepassword_endpoint
token = var.onepassword_token
}
variable "onepassword_token" {
sensitive = true
}
variable "onepassword_endpoint" {
sensitive = true
}
data "onepassword_item" "test_token" {
vault = "66qfxcm...."
uuid = "h7fhsftv...."
}
output "token_value_hostname" {
value = data.onepassword_item.test_token.hostname
sensitive = true
}
output "token_value_username" {
value = data.onepassword_item.test_token.username
sensitive = true
}
output "token_value_password" {
value = data.onepassword_item.test_token.password
sensitive = true
}
output "token_value_otp" {
value = data.onepassword_item.test_token.otp
sensitive = true
}
output "token_value_all" {
value = data.onepassword_item.test_token
sensitive = true
}
```
but for otp output I receive the following error:
╷
│ Error: Unsupported attribute
│
│ on test.tf line 121, in output "token_value_otp":
│ 121: value = data.onepassword_item.test_token.otp
│
│ This object has no argument, nested block, or exported attribute named "otp".
and looking at terraform output of token_value_all the field is not present
➜ terraform output token_value_all
{
"category" = "api_credential"
"database" = tostring(null)
"hostname" = "https://hostname.domain.tld:8006"
"id" = "vaults/66qfxcm..../items/h7fhsftv...."
"password" = "xxxxxxxxxx"
"port" = tostring(null)
"section" = tolist([])
"tags" = tolist([
"cloud-infra",
"terraform",
])
"title" = "test_token"
"type" = tostring(null)
"url" = tostring(null)
"username" = "justarandomuser"
"uuid" = "h7fhsftv...."
"vault" = "66qfxcm...."
}
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided
I have found a workaround for achieve this, on Terraform manifest I have added:
data "external" "test_token_otp" {
program = [ "${path.module}/setup.sh" ]
}
and this what
setup.shscript does:
```!/usr/bin/env bash
set -e
echo '{"otp": "'$(curl -s $OP_ENDPOINT/v1/vaults/66qfxcm..../items/h7fhsftv.... -H "Authorization: Bearer $OP_TOKEN" | jq '.fields[]| select(.label=="token") | .totp' | tr -d '"')'"}'
```
