{"id":28403843,"url":"https://github.com/openfga/terraform-provider-openfga","last_synced_at":"2025-06-27T08:31:23.467Z","repository":{"id":277053438,"uuid":"929546097","full_name":"openfga/terraform-provider-openfga","owner":"openfga","description":"Terraform provider for OpenFGA","archived":false,"fork":false,"pushed_at":"2025-06-05T21:55:35.000Z","size":386,"stargazers_count":14,"open_issues_count":4,"forks_count":3,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-06-05T22:28:32.623Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://registry.terraform.io/providers/openfga/openfga/latest/docs","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/openfga.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-02-08T19:48:53.000Z","updated_at":"2025-06-05T21:45:03.000Z","dependencies_parsed_at":"2025-02-11T22:26:07.345Z","dependency_job_id":"ed0a218c-9d41-4038-8e59-d5f8ac74ef13","html_url":"https://github.com/openfga/terraform-provider-openfga","commit_stats":null,"previous_names":["mauriceackel/terraform-provider-openfga","openfga/terraform-provider-openfga"],"tags_count":7,"template":false,"template_full_name":"hashicorp/terraform-provider-scaffolding-framework","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openfga%2Fterraform-provider-openfga","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openfga%2Fterraform-provider-openfga/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openfga%2Fterraform-provider-openfga/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openfga%2Fterraform-provider-openfga/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/openfga","download_url":"https://codeload.github.com/openfga/terraform-provider-openfga/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openfga%2Fterraform-provider-openfga/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":258749020,"owners_count":22751391,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-06-01T19:11:01.557Z","updated_at":"2025-06-27T08:31:23.458Z","avatar_url":"https://github.com/openfga.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Terraform provider for OpenFGA\n\n[![Go Reference](https://pkg.go.dev/badge/github.com/openfga/terraform-provider-openfga.svg)](https://pkg.go.dev/github.com/openfga/terraform-provider-openfga)\n[![Release](https://img.shields.io/github/v/release/openfga/terraform-provider-openfga?sort=semver\u0026color=green)](https://github.com/openfga/terraform-provider-openfga/releases)\n[![Go Report](https://goreportcard.com/badge/github.com/openfga/terraform-provider-openfga)](https://goreportcard.com/report/github.com/openfga/terraform-provider-openfga)\n[![License](https://img.shields.io/badge/License-Apache_2.0-blue.svg)](./LICENSE)\n[![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fopenfga%2Fterraform-provider-openfga.svg?type=shield)](https://app.fossa.com/projects/git%2Bgithub.com%2Fopenfga%2Fterraform-provider-openfga?ref=badge_shield)\n[![Join our community](https://img.shields.io/badge/slack-cncf_%23openfga-40abb8.svg?logo=slack)](https://openfga.dev/community)\n[![Twitter](https://img.shields.io/twitter/follow/openfga?color=%23179CF0\u0026logo=twitter\u0026style=flat-square \"@openfga on Twitter\")](https://twitter.com/openfga)\n\nThis is a Terraform/OpenTofu provider for OpenFGA. It enables managing the state of OpenFGA resources with code. for more details, check the [provider documentation](https://registry.terraform.io/providers/openfga/openfga/latest/docs).\n\n## Table of Contents\n\n- [About OpenFGA](#about)\n- [Resources](#resources)\n- [Installation](#installation)\n- [Getting Started](#getting-started)\n  - [Initializing the Provider](#initializing-the-provider)\n  - [Using the Provider](#using-the-provider)\n    - [Stores](#stores)\n      - [Create Store](#create-store)\n      - [Get Store](#get-store)\n      - [List Stores](#list-stores)\n    - [Authorization Models](#authorization-models)\n      - [Authorization Model Documents](#authorization-model-documents)\n      - [Create Authorization Model](#create-authorization-model)\n      - [Get Authorization Model](#get-authorization-model)\n      - [Get Latest Authorization Model](#get-latest-authorization-model)\n      - [List Authorization Models](#list-authorization-models)\n    - [Relationship Tuples](#relationship-tuples)\n      - [Create Relationship Tuple](#create-relationship-tuple)\n      - [Get Relationship Tuple](#get-relationship-tuple)\n      - [List Relationship Tuples](#list-relationship-tuples)\n      - [Query Relationship Tuples](#query-relationship-tuples)\n    - [Relationship Queries](#relationship-queries)\n      - [Check](#check)\n      - [List Objects](#list-objects)\n      - [List Users](#list-users)\n- [Contributing](#contributing)\n- [Author](#author)\n- [License](#license)\n\n## About\n\n[OpenFGA](https://openfga.dev) is an open source Fine-Grained Authorization solution inspired by [Google's Zanzibar paper](https://research.google/pubs/pub48190/). It was created by the FGA team at [Auth0](https://auth0.com) based on [Auth0 Fine-Grained Authorization (FGA)](https://fga.dev), available under [a permissive license (Apache-2)](https://github.com/openfga/rfcs/blob/main/LICENSE) and welcomes community contributions.\n\nOpenFGA is designed to make it easy for application builders to model their permission layer, and to add and integrate fine-grained authorization into their applications. OpenFGA’s design is optimized for reliability and low latency at a high scale.\n\n## Resources\n\n- [OpenFGA Documentation](https://openfga.dev/docs)\n- [OpenFGA API Documentation](https://openfga.dev/api/service)\n- [Twitter](https://twitter.com/openfga)\n- [OpenFGA Community](https://openfga.dev/community)\n- [Zanzibar Academy](https://zanzibar.academy)\n- [Google's Zanzibar Paper (2019)](https://research.google/pubs/pub48190/)\n\n## Installation\n\nTo install, add the provider to your configuration:\n\n```terraform\nterraform {\n  required_providers {\n    openfga = {\n      source  = \"openfga/openfga\"\n      version = \"\u003e=0.4.0\"\n    }\n  }\n}\n```\n\nThen run terraform init:\n\n```shell\nterraform init\n```\n\n## Getting Started\n\n### Initializing the Provider\n\nAfter installation, configure the provider to connect to your OpenFGA server.\n\n#### No Credentials\n\n```terraform\nprovider \"openfga\" {\n  api_url = \"http://openfga:8080\" # or use FGA_API_URL\n}\n```\n\n#### API Token\n\n```terraform\nprovider \"openfga\" {\n  api_url   = \"http://openfga:8080\" # or use FGA_API_URL\n  api_token = var.api_token         # or use FGA_API_TOKEN\n}\n```\n\n#### OAuth2 Client Credentials\n\n```terraform\nprovider \"openfga\" {\n  api_url          = \"http://openfga:8080\" # or use FGA_API_URL\n  client_id        = \"...\"                 # or use FGA_CLIENT_ID\n  client_secret    = var.client_secret     # or use FGA_CLIENT_SECRET\n  api_token_issuer = \"http://example.com\"  # or use FGA_API_TOKEN_ISSUER\n  api_audience     = \"...\"                 # or use FGA_API_AUDIENCE\n  api_scopes       = \"...\"                 # or use FGA_API_SCOPES\n}\n```\n\n#### Environment Variables\n\nYou can also use environment variables to configure the provider. In this case, you can leave the provider block empty. If both environment variable and provider config a specified, the provider config takes precedence.\n\n```terraform\nprovider \"openfga\" {}\n```\n\nThe available environment variables are:\n- `FGA_API_URL`\n- `FGA_API_TOKEN`\n- `FGA_CLIENT_ID`\n- `FGA_CLIENT_SECRET`\n- `FGA_API_SCOPES`\n- `FGA_API_AUDIENCE`\n- `FGA_API_TOKEN_ISSUER`\n\n### Using the Provider\n\n#### Stores\n\n##### Create Store\n\nCreate and initialize a store.\n\n[Terraform Documentation](https://registry.terraform.io/providers/openfga/openfga/latest/docs/resources/store)\n\n```terraform\nresource \"openfga_store\" \"example\" {\n  name = \"FGA Demo\"\n}\n```\n\n##### Get Store\n\nGet information about a store by ID.\n\n[Terraform Documentation](https://registry.terraform.io/providers/openfga/openfga/latest/docs/data-sources/store)\n\n```terraform\ndata \"openfga_store\" \"example\" {\n  id = \"01FQH7V8BEG3GPQW93KTRFR8JB\"\n}\n```\n\n##### List Stores\n\nGet a list of stores.\n\n[Terraform Documentation](https://registry.terraform.io/providers/openfga/openfga/latest/docs/data-sources/stores)\n\n```terraform\ndata \"openfga_stores\" \"example\" {}\n```\n\n#### Authorization Models\n\n##### Authorization Model Documents\n\nCreate a stable JSON representation of an authorization model.\n\n[Terraform Documentation](https://registry.terraform.io/providers/openfga/openfga/latest/docs/data-sources/authorization_model_document)\n\nThis data source takes authorization models in different formats as an input and produces a semantiaclly equal JSON output for the use in a `openfga_authorization_model` resource. The output of this data source will only change if there are semantic changes to a model (i.e., the output won't change for formatting changes, etc.)\n\n\u003e Note: To learn how to build your authorization model, check the Docs at https://openfga.dev/docs.\n\n\u003e Learn more about [the OpenFGA configuration language](https://openfga.dev/docs/configuration-language).\n\n```terraform\ndata \"openfga_authorization_model_document\" \"dsl\" {\n  dsl = file(\"path/to/model.fga\")\n}\n\ndata \"openfga_authorization_model_document\" \"json\" {\n  json = file(\"path/to/model.json\")\n}\n\ndata \"openfga_authorization_model_document\" \"mod\" {\n  mod_file_path = \"path/to/fga.mod\"\n}\n\ndata \"openfga_authorization_model_document\" \"model\" {\n  model = {\n    schema_version = \"1.1\"\n    type_definitions = [{\n      type = \"user\"\n    }]\n  }\n}\n```\n\n##### Create Authorization Model\n\nCreate a new authorization model.\n\n[Terraform Documentation](https://registry.terraform.io/providers/openfga/openfga/latest/docs/resources/authorization_model)\n\n\u003e Note: You should use the `openfga_authorization_model_document` data source when when creating an authoriuation model.\n\n```terraform\nresource \"openfga_authorization_model\" \"example\" {\n  store_id = \"01FQH7V8BEG3GPQW93KTRFR8JB\"\n\n  model_json = data.openfga_authorization_model_document.example.result\n}\n```\n\n##### Get Authorization Model\n\nGet an authorization model in a store by ID.\n\n[Terraform Documentation](https://registry.terraform.io/providers/openfga/openfga/latest/docs/data-sources/authorization_model)\n\n```terraform\ndata \"openfga_authorization_model\" \"specific\" {\n  store_id = \"01FQH7V8BEG3GPQW93KTRFR8JB\"\n\n  id = \"01GXSA8YR785C4FYS3C0RTG7B1\"\n}\n```\n\n##### Get Latest Authorization Model\n\nGet latest authorization model in a store.\n\n[Terraform Documentation](https://registry.terraform.io/providers/openfga/openfga/latest/docs/data-sources/authorization_model)\n\n```terraform\ndata \"openfga_authorization_model\" \"example\" {\n  store_id = \"01FQH7V8BEG3GPQW93KTRFR8JB\"\n}\n```\n\n##### List Authorization Models\n\nGet a list of authorization models in a store.\n\n[Terraform Documentation](https://registry.terraform.io/providers/openfga/openfga/latest/docs/data-sources/authorization_models)\n\n```terraform\ndata \"openfga_authorization_models\" \"example\" {\n  store_id = \"01FQH7V8BEG3GPQW93KTRFR8JB\"\n}\n```\n\n#### Relationship Tuples\n\n##### Create Relationship Tuple\n\nCreate a new relationship tuple.\n\n[Terraform Documentation](https://registry.terraform.io/providers/openfga/openfga/latest/docs/resources/relationship_tuple)\n\n```terraform\nresource \"openfga_relationship_tuple\" \"example\" {\n  store_id               = \"01FQH7V8BEG3GPQW93KTRFR8JB\"\n  authorization_model_id = \"01GXSA8YR785C4FYS3C0RTG7B1\" # optional\n\n  user     = \"user:81684243-9356-4421-8fbf-a4f8d36aa31b\"\n  relation = \"viewer\"\n  object   = \"document:0192ab2a-d83f-756d-9397-c5ed9f3cb69a\"\n}\n```\n\n##### Get Relationship Tuple\n\nGet a relationship tuple in a store by attributes.\n\n[Terraform Documentation](https://registry.terraform.io/providers/openfga/openfga/latest/docs/data-sources/relationship_tuple)\n\n```terraform\ndata \"openfga_relationship_tuple\" \"example\" {\n  store_id = \"01FQH7V8BEG3GPQW93KTRFR8JB\"\n\n  user     = \"user:81684243-9356-4421-8fbf-a4f8d36aa31b\"\n  relation = \"viewer\"\n  object   = \"document:0192ab2a-d83f-756d-9397-c5ed9f3cb69a\"\n}\n```\n\n##### List Relationship Tuples\n\nGet all relationship tuple in a store.\n\n[Terraform Documentation](https://registry.terraform.io/providers/openfga/openfga/latest/docs/data-sources/relationship_tuples)\n\n```terraform\ndata \"openfga_relationship_tuples\" \"example\" {\n  store_id = \"01FQH7V8BEG3GPQW93KTRFR8JB\"\n}\n```\n\n##### Query Relationship Tuples\n\nGet a list of relationship tuple in a store based on a query.\n\n[Terraform Documentation](https://registry.terraform.io/providers/openfga/openfga/latest/docs/data-sources/relationship_tuples)\n\n```terraform\ndata \"openfga_relationship_tuples\" \"query\" {\n  store_id = \"01FQH7V8BEG3GPQW93KTRFR8JB\"\n\n  query = {\n    user     = \"user:81684243-9356-4421-8fbf-a4f8d36aa31b\"\n    relation = \"viewer\"\n    object   = \"document:\"\n  }\n}\n```\n\n#### Relationship Queries\n\n##### Check\n\nCheck if a user has a particular relation with an object.\n\n[Terraform Documentation](https://registry.terraform.io/providers/openfga/openfga/latest/docs/data-sources/check_query)\n\n```terraform\ndata \"openfga_check_query\" \"example\" {\n  store_id = \"01FQH7V8BEG3GPQW93KTRFR8JB\"\n\n  user     = \"user:81684243-9356-4421-8fbf-a4f8d36aa31b\"\n  relation = \"viewer\"\n  object   = \"document:0192ab2a-d83f-756d-9397-c5ed9f3cb69a\"\n}\n```\n\nYou can also add contextual tuples and context to the query.\n\n```terraform\ndata \"openfga_check_query\" \"example\" {\n  store_id = \"01FQH7V8BEG3GPQW93KTRFR8JB\"\n\n  user     = \"user:81684243-9356-4421-8fbf-a4f8d36aa31b\"\n  relation = \"viewer\"\n  object   = \"document:0192ab2a-d83f-756d-9397-c5ed9f3cb69a\"\n\n  contextual_tuples = [\n    {\n      user     = \"user:81684243-9356-4421-8fbf-a4f8d36aa31b\"\n      relation = \"viewer\"\n      object   = \"document:0192ab2a-d83f-756d-9397-c5ed9f3cb69a\"\n    }\n  ]\n\n  context_json = jsonencode({\n    time = timestamp()\n  })\n}\n```\n\n##### List Objects\n\nList the objects of a particular type a user has access to.\n\n[Terraform Documentation](https://registry.terraform.io/providers/openfga/openfga/latest/docs/data-sources/list_objects_query)\n\n```\ndata \"openfga_list_objects_query\" \"example\" {\n  store_id = \"01FQH7V8BEG3GPQW93KTRFR8JB\"\n\n  user     = \"user:81684243-9356-4421-8fbf-a4f8d36aa31b\"\n  relation = \"viewer\"\n  type     = \"document\"\n}\n```\n\nYou can also add contextual tuples and context to the query.\n\n```terraform\ndata \"openfga_list_objects_query\" \"example\" {\n  store_id = \"01FQH7V8BEG3GPQW93KTRFR8JB\"\n\n  user     = \"user:81684243-9356-4421-8fbf-a4f8d36aa31b\"\n  relation = \"viewer\"\n  type     = \"document\"\n\n  contextual_tuples = [\n    {\n      user     = \"user:81684243-9356-4421-8fbf-a4f8d36aa31b\"\n      relation = \"viewer\"\n      object   = \"document:0192ab2a-d83f-756d-9397-c5ed9f3cb69a\"\n    }\n  ]\n\n  context_json = jsonencode({\n    time = timestamp()\n  })\n}\n```\n\n##### List Users\n\nList the users who have a certain relation to a particular type.\n\n[Terraform Documentation](https://registry.terraform.io/providers/openfga/openfga/latest/docs/data-sources/list_users_query)\n\n```\ndata \"openfga_list_users_query\" \"example\" {\n  store_id = \"01FQH7V8BEG3GPQW93KTRFR8JB\"\n\n  type     = \"user\"\n  relation = \"viewer\"\n  object   = \"document:0192ab2a-d83f-756d-9397-c5ed9f3cb69a\"\n}\n```\n\nYou can also add contextual tuples and context to the query.\n\n```terraform\ndata \"openfga_list_users_query\" \"example\" {\n  store_id = \"01FQH7V8BEG3GPQW93KTRFR8JB\"\n\n  type     = \"user\"\n  relation = \"viewer\"\n  object   = \"document:0192ab2a-d83f-756d-9397-c5ed9f3cb69a\"\n\n  contextual_tuples = [\n    {\n      user     = \"user:81684243-9356-4421-8fbf-a4f8d36aa31b\"\n      relation = \"viewer\"\n      object   = \"document:0192ab2a-d83f-756d-9397-c5ed9f3cb69a\"\n    }\n  ]\n\n  context_json = jsonencode({\n    time = timestamp()\n  })\n}\n```\n\n## Contributing\n\nSee [CONTRIBUTING](https://github.com/openfga/.github/blob/main/CONTRIBUTING.md).\n\n## Author\n\n[OpenFGA](https://github.com/openfga), [Maurice Ackel](https://github.com/mauriceackel)\n\nThis provider was created by [Maurice Ackel](https://github.com/mauriceackel), and then donated to the OpenFGA team, and Maurice stayed on as a maintainer.\n\nVersions \u003cv0.4.0 can be found at: https://registry.terraform.io/providers/mauriceackel/openfga, licensed as MIT.\n\n## License\n\nThis project is licensed under the Apache-2.0 license. See the [LICENSE](https://github.com/openfga/terraform-provider-openfga/blob/main/LICENSE) file for more info.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenfga%2Fterraform-provider-openfga","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopenfga%2Fterraform-provider-openfga","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenfga%2Fterraform-provider-openfga/lists"}