All posts
Technical
4 min read

Announcing the Vidos Terraform Provider

The Vidos Terraform provider is now available on the Terraform Registry, enabling teams to manage digital identity infrastructure, including IAM resources, service configurations, and verification instances using the same IaC workflows you already use for cloud resources.
Published on
February 6, 2026

Managing identity infrastructure is rarely a single click.

You need consistent environments (dev/stage/prod), reviewable changes, and a clean path from “we agreed on the policy” to “it’s running.” Terraform is the IaC tool that already gives teams that workflow for cloud infrastructure. Now you can use the same workflow for Vidos.

We’re excited to announce that the Vidos Terraform provider is live on the Terraform Registry and lets you manage Vidos through the management APIs (control plane): IAM resources, service configurations, and service instances.

What is the Vidos Terraform provider?

The Vidos Terraform provider manages Vidos control-plane resources.

  • It creates and updates Vidos resources and configuration via management APIs.
  • It does not sit in your request path.
  • Your apps still call Vidos verification APIs at runtime (data plane).

That separation is intentional: use Terraform to provision and govern the platform, then use your application code to execute verification flows.

What the Vidos Terraform provider can manage today

Our provider focuses on the pieces teams typically need to standardise environments. This includes:

IAM resources:

  • API keys
  • Policies
  • Attachments (API key -> policy, service role -> policy)
  • Service roles

Service resources:

  • Gateway: configurations and instances
  • Authorizer: configurations and instances
  • Validator: configurations and instances
  • Resolver: configurations and instances
  • Verifier: configurations and instances

Getting started

Organisations can follow the three steps outlined below to get started with the Vidos Terraform provider.

Step 1: Add the provider to your Terraform configuration:

1terraform {
2  required_version = ">= 1.6.0"
3
4  required_providers {
5    vidos = {
6      source  = "registry.terraform.io/vidos-id/vidos"
7      # Pin to a minor line for predictable upgrades.
8      version = "~> 0.3"
9    }
10  }
11}
12

Step 2: Authenticate using an existing Vidos IAM API key secret:

1export VIDOS_API_KEY="<YOUR_VIDOS_IAM_API_SECRET>"
2

Step 3: Then configure the provider (region is optional; IAM is global by design):

1variable "vidos_region" {
2  type        = string
3  description = "Region for service management endpoints (for example: eu)."
4  default     = "eu"
5}
6
7provider "vidos" {
8  region = var.vidos_region
9}
10

A real example: Gateway + Authorizer + Validator

One of the fastest ways to see the provider in action is by provisioning an architecture that mirrors common production layouts:

  • A Validator instance that enforces your trust anchors (issuer root certificates)
  • An Authorizer instance configured to validate via that Validator instance
  • A Gateway instance routing:
    • /auth/* to the Authorizer
    • /validate/* directly to the Validator

This wiring is done explicitly in Terraform by referencing instance resource_ids and managed service roles:

  • authorizer_all_actions for Gateway -> Authorizer
  • validator_all_actions for Authorizer -> Validator (and optionally Gateway -> Validator)

If you want a working, copy/paste starting point, the Vidos docs include a full quickstart and example guides:

  • Terraform landing page: applications/web/site/src/content/docs/guides/management/terraform/index.md
  • Quickstart: applications/web/site/src/content/docs/guides/management/terraform/quickstart.md
  • Examples index: applications/web/site/src/content/docs/guides/management/terraform/examples/index.md

Operational notes worth knowing

These behaviors are deliberate and show up quickly in real workflows:

  • vidos_iam_api_key.api_secret is write-only. Terraform receives it on create, but it can’t be recovered after import.
  • Many resources accept an optional resource_id that is immutable. If you omit it, the provider generates a stable tf-<hex> id.
  • Attachment resources fail fast by validating the referenced policy exists before attaching.
  • Instance status transitions are deferred to a later version.

Where to go next

If you’re standardising Vidos across multiple environments, this provider is designed to make that work simple through reviewable diffs, repeatable applies, and fewer “what changed?” moments.

For teams ready to start using the Vidos Terraform provider, here are some recommended next steps:

Talk to our team

Our team is ready to help you understand how the Vidos Terraform provider can enhance your identity verification workflows. Contact our team to discuss your specific use case or to schedule a technical deep-dive session.

Receive our newsletter
Sign up for our monthly round up of industry updates, regulatory developments across the EU & UK, and news from Vidos.

Want to learn more?
Download our guide:

The New Digital Identity Landscape

As we look towards the future, the landscape of digital identity is poised for further evolution. Innovations in technology, shifts in regulatory frameworks, and changing user expectations are all shaping the direction of this journey.
Download here
Dashboard mockup