Introduction
Problem
“Step-up” authentication prompt using your HCP Terraform (known also as Terraform Cloud) or HCP credentials
Prerequisites
SSO is enabled for the HCP Terraform Organization
Cause
Scenario 1
If your Terraform Cloud account is linked to HCP account , then the additional prompt in the screenshot below should appear during the general SSO sign-in workflow. After you enter your HCP credentials you should be logged into HCP Terraform.
Scenario 2
For non-HCP linked accounts and after successfully logging into HCP Terraform with SSO you will be prompted to enter your HCP Terraform credentials if any of the following happens:
1) Try to access Account Settings (such as to manage 2FA or generate/revoke User API tokens)
2) Your HCP Terraform account is part of other organizations with SSO configured with a different SAML IdP. You will need to authenticate to each configured IdP separately.
3) Your HCP Terraform account is part of other organizations where SSO is not configured
Solutions:
These additional prompts are expected by design of the SSO workflow. Enter your credentials when requested.
Outcome
Successfully filling out the username and password will give you access to HCP Terraform.
Additional Information
More details about SSO workflow can be found in the documentation