Problem
User API tokens for Terraform Cloud fail with "401 Unauthorized"
Cause
- User API tokens associated with users configured for Single Sign-On require an active user session in order to be considered a valid token.
- In the past, this was not strictly enforced by TFC, so this error may appear suddenly and without any obvious changes made
Overview of possible solutions (if applicable)
Solutions:
-
Create a team token instead of a user token, as team tokens are not tied to SSO
-
Create a user outside of the SSO scope and create a non-expiring API token instead.
Outcome
These new tokens should be authorized without an active user session.