mdmsua · September 11, 2024 14:02
diff --git a/oidc.tf b/oidc.tf
 locals {
  access_token_request_parameters = {
    scope                 = "https://management.azure.com/.default"
    grant_type            = "client_credentials"
    client_id             = data.azurerm_client_config.main.client_id
    client_assertion_type = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
    client_assertion      = data.local_file.jwt.content
  }
 }

 data "http" "main" {
  url          = "https://login.microsoftonline.com/${data.azurerm_client_config.main.tenant_id}/oauth2/v2.0/token"
  method       = "POST"
  request_body = join("&", [for k, v in local.access_token_request_parameters : "${k}=${urlencode(v)}"])

  request_headers = {
    "Accept"       = "application/json"
    "Content-Type" = "application/x-www-form-urlencoded"
  }
 }
  
 output "access_token" {
  value = jsondecode(data.http.main.response_body).access_token)
 }
	locals {
	access_token_request_parameters = {
	scope = "https://management.azure.com/.default"
	grant_type = "client_credentials"
	client_id = data.azurerm_client_config.main.client_id
	client_assertion_type = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
	client_assertion = data.local_file.jwt.content
	}
	}

	data "http" "main" {
	url = "https://login.microsoftonline.com/${data.azurerm_client_config.main.tenant_id}/oauth2/v2.0/token"
	method = "POST"
	request_body = join("&", [for k, v in local.access_token_request_parameters : "${k}=${urlencode(v)}"])

	request_headers = {
	"Accept" = "application/json"
	"Content-Type" = "application/x-www-form-urlencoded"
	}
	}

	output "access_token" {
	value = jsondecode(data.http.main.response_body).access_token)
	}