How-to use browser Session Cookie for Terraform Enterprise API Access

Avatar
Zothan Sanga
  • Updated

Introduction

When you log in to the Terraform Enterprise UI, the browser creates a session cookie that authenticates your session. You can use this temporary cookie to make authorized requests to the Terraform Enterprise (TFE) API without creating a long-lived API token. The session cookie is automatically invalidated when you log out, which enhances security.

Expected Outcome

This guide demonstrates how to retrieve your browser's session cookie and use it to make authenticated API calls to Terraform Enterprise endpoints.

Prerequisites

  • Access to a local terminal with curl and jq installed.
  • Alternatively, Postman installed on your local machine.

Procedure

Follow these steps to retrieve and use the session cookie.

Step 1: Retrieve the Session Cookie

First, you need to locate and copy the session cookie value from your browser's developer tools.

  1. Log in to your Terraform Enterprise instance in a web browser.
  2. Open the browser's developer tools. You can typically do this by right-clicking the page and selecting Inspect or by pressing F12.
  3. Navigate to the Application tab.
  4. In the left-hand pane, expand the Cookies section under Storage.
  5. Select the domain for your Terraform Enterprise instance.
  6. Locate the cookie named _atlas_session_data in the main panel.
  7. Copy the entire string from the Value column for this cookie.

Step 2: Use the Session Cookie

After copying the cookie value, you can use it to authenticate API requests from your terminal or an API client like Postman.

Method 1: Use the Cookie in a Terminal with cURL

You can export the cookie value as an environment variable and pass it to a curl command.

  1. Set the cookie value as an environment variable named TOKEN in your terminal. Replace <COOKIE_VALUE> with the value you copied.

    $ export TOKEN="<COOKIE_VALUE>"

  2. Run the following curl command to request your account details. Replace <TFE_HOSTNAME> with your Terraform Enterprise hostname.

    $ curl https://<TFE_HOSTNAME>/api/v2/account/details \
  --cookie "_atlas_session_data=$TOKEN" | jq "."

Method 2: Use the Cookie in Postman

You can add the session cookie to Postman to authenticate all requests to your Terraform Enterprise domain.

  1. Open Postman.
  2. Click Cookies, located under the Send button on the right.
  3. In the Manage Cookies window, add the domain for your Terraform Enterprise instance.
  4. Add a new cookie with the following details:
    • Name:_atlas_session_data
    • Value: Paste the cookie value you copied from the browser.
  5. Save the cookie.
  6. You can now make authenticated API requests to your Terraform Enterprise instance.

Additional Information

Articles in this section

See more

Related articles