Added support for API token authentication; (#251)

xellio · web-flow · commit 82f9ac2690dd · 2026-02-02T20:52:27.000+01:00
* Added support for API token authentication;

* added documentation about API token usage;

* fix

* fix

* Added check;
diff --git a/README.md b/README.md
@@ -6,8 +6,6 @@
 [![release](https://github.com/Myra-Security-GmbH/terraform-provider-myrasec/actions/workflows/release.yml/badge.svg?branch=v1.49.0)](https://github.com/Myra-Security-GmbH/terraform-provider-myrasec/actions/workflows/release.yml)
 [![tests](https://github.com/Myra-Security-GmbH/terraform-provider-myrasec/actions/workflows/test.yml/badge.svg)](https://github.com/Myra-Security-GmbH/terraform-provider-myrasec/actions/workflows/test.yml)
 ## Documentation
-
-- [How-to guide](https://github.com/Myra-Security-GmbH/terraform-provider-documentation)
 - [Official documentation](https://registry.terraform.io/providers/Myra-Security-GmbH/myrasec/latest/docs)
 
 ## Requirements
diff --git a/docs/index.md b/docs/index.md
@@ -25,6 +25,14 @@ provider "myrasec" {
 ...
 ```
 
+In case you prefer to use the API token for authentication, you can use this token, too:
+```
+# Configure the Myra Security Provider
+provider "myrasec" {
+  api_token = "${var.myra_api_token}"
+}
+```
+
 ## Variables
 Some attributes in the resources require specific values, therefore we created a list of variables that you can import to your terraform project:
 [Variable list](variables.md)
diff --git a/go.mod b/go.mod
@@ -3,7 +3,7 @@ module github.com/Myra-Security-GmbH/terraform-provider-myrasec
 go 1.24.0
 
 require (
-	github.com/Myra-Security-GmbH/myrasec-go/v2 v2.48.0
+	github.com/Myra-Security-GmbH/myrasec-go/v2 v2.50.0
 	github.com/hashicorp/go-multierror v1.1.1
 	github.com/hashicorp/terraform-plugin-sdk/v2 v2.38.0
 	golang.org/x/net v0.47.0
diff --git a/go.sum b/go.sum
@@ -1,5 +1,7 @@
 github.com/Myra-Security-GmbH/myrasec-go/v2 v2.48.0 h1:x9GDyLg47fYT9fst7MD4+nSkre7DeytGlq0Gu60xFjo=
 github.com/Myra-Security-GmbH/myrasec-go/v2 v2.48.0/go.mod h1:Sb2R2gu+OpcGCqoH5fjFrduyGcmYj5mJTT+/zgV4zDE=
+github.com/Myra-Security-GmbH/myrasec-go/v2 v2.50.0 h1:YJP5UFVPFqclQEZkm233tM+XkzBUs7Wh1+GSVoylbFg=
+github.com/Myra-Security-GmbH/myrasec-go/v2 v2.50.0/go.mod h1:JNnRAqwOMJ3x7VCAhoN9csnqxki2VkeYCXKGDKMN4nE=
 github.com/Myra-Security-GmbH/signature v1.1.0 h1:/Tv8SilN0P8k5fKArvQHkf9iJWU5H34TSvgEyyZ32f4=
 github.com/Myra-Security-GmbH/signature v1.1.0/go.mod h1:kyX4FQ2XWvJQnvxkWmcyUIqG0jAzGL22fQMf2RTvoj0=
 github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo=
diff --git a/myrasec/config.go b/myrasec/config.go
@@ -14,6 +14,7 @@ import (
 type Config struct {
 	APIKey        string
 	Secret        string
+	APIToken      string
 	Language      string
 	APIBaseURL    string
 	APICacheTTL   int
@@ -25,10 +26,16 @@ type Config struct {
 func (c Config) validate() error {
 	var err *multierror.Error
 
-	if c.APIKey == "" {
+	hasToken := c.APIToken != ""
+
+	if !hasToken && c.APIKey == "" && c.Secret == "" {
+		err = multierror.Append(err, fmt.Errorf("API token or API Key and API Secret is required for using the Myrasec provider"))
+	}
+
+	if !hasToken && c.APIKey == "" {
 		err = multierror.Append(err, fmt.Errorf("API Key must be configured for the Myrasec provider"))
 	}
-	if c.Secret == "" {
+	if !hasToken && c.Secret == "" {
 		err = multierror.Append(err, fmt.Errorf("API Secret must be configured for the Myrasec provider"))
 	}
 
@@ -41,7 +48,13 @@ func (c Config) validate() error {
 
 // Client returns a new instance of myrasec API client
 func (c Config) Client() (*myrasec.API, error) {
-	api, err := myrasec.New(c.APIKey, c.Secret)
+	var api *myrasec.API
+	var err error
+	if c.APIToken != "" {
+		api, err = myrasec.NewWithToken(c.APIToken)
+	} else {
+		api, err = myrasec.New(c.APIKey, c.Secret)
+	}
 	if err != nil {
 		return nil, err
 	}
diff --git a/myrasec/provider.go b/myrasec/provider.go
@@ -13,16 +13,22 @@ func Provider() *schema.Provider {
 		Schema: map[string]*schema.Schema{
 			"api_key": {
 				Type:        schema.TypeString,
-				Required:    true,
+				Required:    false,
 				DefaultFunc: schema.EnvDefaultFunc("MYRASEC_API_KEY", nil),
 				Description: "Your MYRA API Key",
 			},
 			"secret": {
 				Type:        schema.TypeString,
-				Required:    true,
+				Required:    false,
 				DefaultFunc: schema.EnvDefaultFunc("MYRASEC_API_SECRET", nil),
 				Description: "Your MYRA API Secret",
 			},
+			"api_token": {
+				Type:        schema.TypeString,
+				Required:    false,
+				DefaultFunc: schema.EnvDefaultFunc("MYRASEC_API_TOKEN", nil),
+				Description: "Your MYRA API Token",
+			},
 			"language": {
 				Type:        schema.TypeString,
 				Optional:    true,
@@ -95,6 +101,7 @@ func providerConfigure(ctx context.Context, d *schema.ResourceData) (any, diag.D
 	config := Config{
 		APIKey:        d.Get("api_key").(string),
 		Secret:        d.Get("secret").(string),
+		APIToken:      d.Get("api_token").(string),
 		Language:      d.Get("language").(string),
 		APIBaseURL:    d.Get("api_base_url").(string),
 		APICacheTTL:   d.Get("api_cache_ttl").(int),
