Running our Terraform apply jobs in GitHub Actions. The workflow generates a token using the client credentials flow right at the start. It works fine for small environments, but our full deployment takes about 25 minutes. Halfway through, the API calls start failing with 401 Unauthorized. The docs say tokens expire after an hour, but something feels off because I’ve seen them die much faster in CI. Is there a way to generate a long-lived token specifically for pipelines, or do I have to write a retry loop that refreshes the token every 15 minutes? The current setup is brittle. We’re using the standard Python requests library to get the token before passing it to the Terraform provider.
import requests
token_url = "https://api.mypurecloud.com/oauth/token"
payload = {
"grant_type": "client_credentials",
"client_id": os.environ.get('GC_CLIENT_ID'),
"client_secret": os.environ.get('GC_CLIENT_SECRET')
}
resp = requests.post(token_url, data=payload)
token = resp.json()['access_token']
The token variable gets exported to the environment, but it’s stale by step 3. Looking for a cleaner way to handle this without bloating the workflow with token refresh steps.