Cora
Remote backend

Use Cora as a Terraform Enterprise-compatible backend

Cora now speaks Terraform Enterprise's V2 API surface. You can authenticate with an organization-scoped token, configure a standard backend "remote" block, and push state updates straight from terraform apply or terraform state push.

Prerequisites

  • A Cora account with Terraform state ingestion enabled.
  • An active API token created from /tokens. Tokens inherit your current organization and are required for CLI auth.
  • Terraform CLI version 1.5 or later.

Step 1 — Login with Terraform CLI

Start with terraform login thecora.app. Terraform stores the token in ~/.terraform.d/credentials.tfrc.json and reuses it for backend requests to thecora.app.

$ terraform login thecora.app
┌─────────────────────────────────────────────────────────────────┐
│ Enter the hostname (e.g. app.terraform.io) to authenticate with │
└─────────────────────────────────────────────────────────────────┘
Hostname: thecora.app
Token for thecora.app: ********************

Need to rotate the token? Re-run terraform login with the same hostname—Terraform will overwrite the credential entry.

Step 2 — Configure the remote backend block

Add a remote backend configuration that mirrors Terraform Cloud. Replace organization with your Cora organization slug (visible in the account menu) and workspace with the Terraform workspace name you want to target.

terraform {
  backend "remote" {
    hostname     = "thecora.app"
    organization = "AcmeCorp"

    workspaces {
      name = "networking-prod"
    }
  }
}
  • hostname must match the domain you logged into.
  • organization must match the slug stored on your token; you can confirm this in /account.
  • Workspace names are free-form; Cora will create them on first upload if they do not exist.

Step 3 — Initialize and push state

Run terraform init. Terraform negotiates backend settings using the same V2 endpoints it would for Terraform Enterprise. Once initialized you can run terraform apply or push historical state with terraform state push.

$ terraform init
Initializing the backend...
Successfully configured the backend "remote"!

Cora enforces the organization slug on every state upload, lock, and download request. If you see an organization mismatch error, confirm the backend block and token were created for the same slug.

Verifying uploads in Cora

After a successful command, open /my and filter by the workspace you configured. New uploads appear within a few seconds. You can also inspect the raw state version metadata at /api/v2/workspaces/<workspaceId>/current-state-version when authenticated.

Need to debug? Enable TF_LOG=debug and watch for any 4xx responses from /api/v2 endpoints. Organization mismatches will be called out explicitly.

Frequently asked questions

Can I use workspaces prefixed with my organization?

Yes. Cora stores the workspace exactly as provided in the backend block or state payload. You only need to ensure the organization slug itself matches the token.

What about Terraform Cloud agent features?

Remote runs are not supported yet. Cora focuses on state storage and visualization. Continue executing plans locally or in CI, then push state to Cora for graphing.

Do I need to reissue tokens when switching organizations?

Yes. Tokens are permanently scoped to the organization active in your session when you created them. Create a new token after switching organizations.