diff --git a/docs/data-sources/external_auth.md b/docs/data-sources/external_auth.md
index e4089f24..d1e6d649 100644
--- a/docs/data-sources/external_auth.md
+++ b/docs/data-sources/external_auth.md
@@ -39,4 +39,4 @@ data "coder_external_auth" "azure-identity" {
### Read-Only
-- `access_token` (String) The access token returned by the external auth provider. This can be used to pre-authenticate command-line tools.
+- `access_token` (String, Sensitive) The access token returned by the external auth provider. This can be used to pre-authenticate command-line tools.
diff --git a/docs/data-sources/workspace_owner.md b/docs/data-sources/workspace_owner.md
index 2a912e1f..f16480ef 100644
--- a/docs/data-sources/workspace_owner.md
+++ b/docs/data-sources/workspace_owner.md
@@ -52,9 +52,9 @@ resource "coder_env" "git_author_email" {
- `id` (String) The UUID of the workspace owner.
- `login_type` (String) The type of login the user has.
- `name` (String) The username of the user.
-- `oidc_access_token` (String) A valid OpenID Connect access token of the workspace owner. This is only available if the workspace owner authenticated with OpenID Connect. If a valid token cannot be obtained, this value will be an empty string.
+- `oidc_access_token` (String, Sensitive) A valid OpenID Connect access token of the workspace owner. This is only available if the workspace owner authenticated with OpenID Connect. If a valid token cannot be obtained, this value will be an empty string.
- `rbac_roles` (List of Object) The RBAC roles of which the user is assigned. (see [below for nested schema](#nestedatt--rbac_roles))
-- `session_token` (String) Session token for authenticating with a Coder deployment. It is regenerated every time a workspace is started.
+- `session_token` (String, Sensitive) Session token for authenticating with a Coder deployment. It is regenerated every time a workspace is started.
- `ssh_private_key` (String, Sensitive) The user's generated SSH private key.
- `ssh_public_key` (String) The user's generated SSH public key.
diff --git a/provider/externalauth.go b/provider/externalauth.go
index 915a21a9..b278ecc1 100644
--- a/provider/externalauth.go
+++ b/provider/externalauth.go
@@ -37,6 +37,7 @@ func externalAuthDataSource() *schema.Resource {
Type: schema.TypeString,
Description: "The access token returned by the external auth provider. This can be used to pre-authenticate command-line tools.",
Computed: true,
+ Sensitive: true,
},
"optional": {
Type: schema.TypeBool,
diff --git a/provider/workspace_owner.go b/provider/workspace_owner.go
index 078047ff..109b0b93 100644
--- a/provider/workspace_owner.go
+++ b/provider/workspace_owner.go
@@ -113,6 +113,7 @@ func workspaceOwnerDataSource() *schema.Resource {
Type: schema.TypeString,
Computed: true,
Description: "Session token for authenticating with a Coder deployment. It is regenerated every time a workspace is started.",
+ Sensitive: true,
},
"oidc_access_token": {
Type: schema.TypeString,
@@ -120,6 +121,7 @@ func workspaceOwnerDataSource() *schema.Resource {
Description: "A valid OpenID Connect access token of the workspace owner. " +
"This is only available if the workspace owner authenticated with OpenID Connect. " +
"If a valid token cannot be obtained, this value will be an empty string.",
+ Sensitive: true,
},
"login_type": {
Type: schema.TypeString,
pFad - Phonifier reborn
Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies:
Alternative Proxy
pFad Proxy
pFad v3 Proxy
pFad v4 Proxy