» SSH Keys
Note: These API endpoints are in beta and are subject to change.
The ssh-key
object represents an SSH key which includes a name and the SSH private key. An organization can have multiple SSH keys available.
SSH keys can be used in two places:
- They can be assigned to VCS provider integrations (available in the API as
oauth-tokens
). Bitbucket Server requires an SSH key; other providers only need an SSH key if your repositories include submodules that are only accessible via SSH (instead of your VCS provider's API). - They can be assigned to workspaces and used when Terraform needs to clone modules from a Git server. This is only necessary when your configurations directly reference modules from a Git server; you do not need to do this if you use Terraform Enterprise's private module registry.
Important: The list and read methods on this API only provide metadata about SSH keys. The actual private key text is write-only, and Terraform Enterprise never provides it to users via the API or UI.
» List SSH Keys
GET /organizations/:organization_name/ssh-keys
Parameter | Description |
---|---|
:organization_name |
The name of the organization to list SSH keys for. |
Note: This endpoint cannot be accessed with organization tokens. You must access it with a user token or team token.
Status | Response | Reason |
---|---|---|
200 | Array of JSON API documents (type: "ssh-keys" ) |
Success |
404 | JSON API error object | Organization not found or user not authorized |
» Sample Request
curl \
--header "Authorization: Bearer $TOKEN" \
https://app.terraform.io/api/v2/organizations/my-organization/ssh-keys
» Sample Response
{
"data": [
{
"attributes": {
"name": "SSH Key"
},
"id": "sshkey-GxrePWre1Ezug7aM",
"links": {
"self": "/api/v2/ssh-keys/sshkey-GxrePWre1Ezug7aM"
},
"type": "ssh-keys"
}
]
}
» Get an SSH Key
GET /ssh-keys/:ssh_key_id
Parameter | Description |
---|---|
:ssh_key_id |
The SSH key ID to get. |
This endpoint is for looking up the name associated with an SSH key ID. It does not retrieve the key text.
Note: This endpoint cannot be accessed with organization tokens. You must access it with a user token or team token.
Status | Response | Reason |
---|---|---|
200 |
JSON API document (type: "ssh-keys" ) |
Success |
404 | JSON API error object | SSH key not found or user not authorized |
» Sample Request
curl \
--header "Authorization: Bearer $TOKEN" \
https://app.terraform.io/api/v2/ssh-keys/sshkey-GxrePWre1Ezug7aM
» Sample Response
{
"data": {
"attributes": {
"name": "SSH Key"
},
"id": "sshkey-GxrePWre1Ezug7aM",
"links": {
"self": "/api/v2/ssh-keys/sshkey-GxrePWre1Ezug7aM"
},
"type": "ssh-keys"
}
}
» Create an SSH Key
POST /organizations/:organization_name/ssh-keys
Parameter | Description |
---|---|
:organization_name |
The name of the organization to create an SSH key in. The organization must already exist, and the token authenticating the API request must belong to the "owners" team or a member of the "owners" team. |
Note: This endpoint cannot be accessed with organization tokens. You must access it with a user token or team token.
Status | Response | Reason |
---|---|---|
201 |
JSON API document (type: "ssh-keys" ) |
Success |
422 | JSON API error object | Malformed request body (missing attributes, wrong types, etc.) |
404 | JSON API error object | User not authorized |
» Request Body
This POST endpoint requires a JSON object with the following properties as a request payload.
Properties without a default value are required.
Key path | Type | Default | Description |
---|---|---|---|
data.type |
string | Must be "ssh-keys" . |
|
data.attributes.name |
string | A name to identify the SSH key. | |
data.attributes.value |
string | The text of the SSH private key. |
» Sample Payload
{
"data": {
"type": "ssh-keys",
"attributes": {
"name": "SSH Key",
"value": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAm6+JVgl..."
}
}
}
» Sample Request
curl \
--header "Authorization: Bearer $TOKEN" \
--request POST \
--data @payload.json \
https://app.terraform.io/api/v2/organizations/my-organization/ssh-keys
» Sample Response
{
"data": {
"attributes": {
"name": "SSH Key"
},
"id": "sshkey-GxrePWre1Ezug7aM",
"links": {
"self": "/api/v2/ssh-keys/sshkey-GxrePWre1Ezug7aM"
},
"type": "ssh-keys"
}
}
» Update an SSH Key
PATCH /ssh-keys/:ssh_key_id
Parameter | Description |
---|---|
:ssh_key_id |
The SSH key ID to update. |
This endpoint replaces the name and/or key text of an existing SSH key. Existing workspaces that use the key will be updated with the new values.
Only members of the owners team (or the owners team service account) can edit SSH keys.
Note: This endpoint cannot be accessed with organization tokens. You must access it with a user token or team token.
Status | Response | Reason |
---|---|---|
200 |
JSON API document (type: "ssh-keys" ) |
Success |
404 | JSON API error object | SSH key not found or user not authorized |
» Request Body
This POST endpoint requires a JSON object with the following properties as a request payload.
Properties without a default value are required.
Key path | Type | Default | Description |
---|---|---|---|
data.type |
string | Must be "ssh-keys" . |
|
data.attributes.name |
string | (nothing) | A name to identify the SSH key. If omitted, the existing name is preserved. |
data.attributes.value |
string | (nothing) | The text of the SSH private key. If omitted, the existing value is preserved. |
» Sample Payload
{
"data": {
"attributes": {
"name": "SSH Key for GitHub"
}
}
}
» Sample Request
curl \
--header "Authorization: Bearer $TOKEN" \
--request PATCH \
--data @payload.json \
https://app.terraform.io/api/v2/ssh-keys/sshkey-GxrePWre1Ezug7aM
» Sample Response
{
"data": {
"attributes": {
"name": "SSH Key for GitHub"
},
"id": "sshkey-GxrePWre1Ezug7aM",
"links": {
"self": "/api/v2/ssh-keys/sshkey-GxrePWre1Ezug7aM"
},
"type": "ssh-keys"
}
}
» Delete an SSH Key
DELETE /ssh-keys/:ssh_key_id
Parameter | Description |
---|---|
:ssh_key_id |
The SSH key ID to delete. |
Only members of the owners team (or the owners team service account) can delete SSH keys.
Note: This endpoint cannot be accessed with organization tokens. You must access it with a user token or team token.
Status | Response | Reason |
---|---|---|
204 | Nothing | Success |
404 | JSON API error object | SSH key not found or user not authorized |
» Sample Request
curl \
--header "Authorization: Bearer $TOKEN" \
--request DELETE \
https://app.terraform.io/api/v2/ssh-keys/sshkey-GxrePWre1Ezug7aM