At times, a customer may find the need to add the
IsServiceAccount attribute to Terraform Enterprise SAML users that are intended to behave like service accounts.
General steps to enable this workaround for any SAML provider are:
- Create a user account in your organization’s AD/IdP to represent a system.
- Add the
IsServiceAccountattribute to that user with value of
- Have a user login to Terraform Enterprise, via SAML, as that system user. This should only need to happen once.
- Generate an API token as that user via the steps listed here.
- You can then use the API token which will now include the
More information about Terraform Enterprise users can be read here.
If your issues persist after completing the steps outlined in this guide, please contact HashiCorp Support to request further assistance.