Running terraform apply in our Jenkins pipeline keeps failing halfway through provisioning routing queues. The logs show a 401 Unauthorized error after about 30 minutes.
Error: Request returned status code 401
Response: {"status":401,"code":"unauthorized","message":"The access token is invalid or expired"}
We’ve been using the standard client credentials grant to get the token before the Terraform step. Here is the bash snippet we use to generate it:
TOKEN=$(curl -X POST https://api.mypurecloud.com/oauth/token \
-d "grant_type=client_credentials&scope=api:all" \
-H "Authorization: Basic $(echo -n $CLIENT_ID:$CLIENT_SECRET | base64)")
export PURECLOUD_OAUTH_TOKEN=$(echo $TOKEN | jq -r .access_token)
The token seems to expire before the long-running Terraform apply finishes. I know the default expiration is one hour, but our deployment takes longer than that due to the number of resources.
Is there a way to generate a longer-lived token via the API for CI/CD purposes, or should we be implementing a token refresh loop in the pipeline script? I’ve checked the docs but they mostly talk about user tokens, not machine-to-machine auth for automated pipelines. Any pointers on the right approach here?