okta-sdk-nodejs icon indicating copy to clipboard operation
okta-sdk-nodejs copied to clipboard

Published 20 hours ago verified publisher icon okta

PolicyRule for IDP_DISCOVERY ignores actions.idp.providers setting

Open antonenkoDev opened this issue 10 months ago • 0 comments

Describe the bug

when using policyApi.replacePolicyRule I expect to update an existing policy with a new list of domain names to use as a pattern to discover IDP. My PolicyRule object is { "name": "idp_connectionpoolcheck2_Email_Rule", "type": "IDP_DISCOVERY", "status": "ACTIVE", "system": false, "conditions": { "network": { "connection": "ANYWHERE" }, "platform": { "include": [ { "type": "ANY", "os": { "type": "ANY" } } ], "exclude": [] }, "userIdentifier": { "patterns": [ { "matchType": "SUFFIX", "value": "test5.com" }, { "matchType": "SUFFIX", "value": "test6.com" } ], "type": "IDENTIFIER" }, "app": { "include": [], "exclude": [] } }, "actions": { "idp": { "providers": [ { "id": "0oa1pciz8kfNsAZMY1d8", "name": "idp_connectionpoolcheck2", "type": "SAML2" } ] } } } When I use it in Postman it creates a Rule I expect. But policyApi.replacePolicyRule creates a rule where actions.idp.providers are set to default Okta: { "id": "0pr1pcizpeiyjruKY1d8", "status": "ACTIVE", "name": "idp_connectionpoolcheck2_Email_Rule", "priority": 7, "created": null, "lastUpdated": "2024-04-22T21:02:11.000Z", "system": false, "conditions": { "network": { "connection": "ANYWHERE" }, "platform": { "include": [ { "type": "ANY", "os": { "type": "ANY" } } ], "exclude": [] }, "userIdentifier": { "patterns": [ { "matchType": "SUFFIX", "value": "test5.com" }, { "matchType": "SUFFIX", "value": "test6.com" } ], "type": "IDENTIFIER" }, "app": { "include": [], "exclude": [] } }, "actions": { "idp": { "providers": [ { "type": "OKTA" } ], "idpSelectionType": "SPECIFIC" } }, "_links": { "self": { "href": "**NDA**/api/v1/policies/**NDA**/rules/**NDA**", "hints": { "allow": [ "GET", "PUT", "DELETE" ] } }, "deactivate": { "href": "**NDA**/api/v1/policies/**NDA**/rules/**NDA**/lifecycle/deactivate", "hints": { "allow": [ "POST" ] } } }, "type": "IDP_DISCOVERY" },

Reproduction Steps?

create a rule using policyApi.createPolicyRule or update using policyApi.replacePolicyRule with setting from bug description. Check created PolicyRule in Okta

SDK Versions

System: OS: macOS 14.4 CPU: (12) x64 Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz Memory: 227.79 MB / 32.00 GB Shell: 5.2.15 - /usr/local/bin/bash Binaries: Node: 20.10.0 - ~/.nvm/versions/node/v20.10.0/bin/node npm: 10.5.1 - ~/.nvm/versions/node/v20.10.0/bin/npm Browsers: Chrome: 124.0.6367.62 Safari: 17.4 npmPackages: @okta/jwt-verifier: ^3.0.0 => 3.0.0 @okta/okta-auth-js: ^7.1.0 => 7.1.0 @okta/okta-sdk-nodejs: ^7.0.1 => 7.0.1

Additional Information

No response

antonenkoDev avatar Apr 22 '24 21:04 antonenkoDev