zartan
zartan copied to clipboard
Published
20 hours ago •
udplabs
udplabs
[BUG] Specify consent_method and response_types to all resource okta_app_oauth
In the .tf files, add to all okta_app_oauth resources the following fields: consent_method = "TRUSTED" response_types = ["code"]
During testing it was found that SQS sometimes duplicates its request (cause not known yet). This causes terraform apply to happen > 1 times during a provision. When this happens the status of the provisioning changes to "Error" because the 2nd terraform apply finds a change in state:
Example output during plan
# okta_app_oauth.travelagency will be updated in-place
~ resource "okta_app_oauth" "travelagency" {
auto_key_rotation = true
auto_submit_toolbar = false
client_id = "0oasr7o1x6z1P1YL80h7"
client_secret = (sensitive value)
- consent_method = "TRUSTED" -> null
grant_types = [
"authorization_code",
]
hide_ios = true
hide_web = true
id = "0oasr7o1x6z1P1YL80h7"
issuer_mode = "ORG_URL"
label = "test-123 travelagency Demo (Generated by UDP)"
name = "oidc_client"
omit_secret = false
post_logout_redirect_uris = []
redirect_uris = [
"http://localhost:8666/authorization-code/callback",
]
~ response_types = [
- "code",
]
sign_on_mode = "OPENID_CONNECT"
status = "ACTIVE"
token_endpoint_auth_method = "client_secret_basic"
type = "web"
}
Plan: 0 to add, 1 to change, 0 to destroy.
Notice the change to consent_method:
consent_method = "TRUSTED" -> null
The resulting apply:
okta_app_oauth.travelagency: Modifying... [id=0oasr7o1x6z1P1YL80h7]
Error: The API returned an error: Api validation failed: App Instance. Causes: errorSummary: 'consent_method' is required.
Adding the fields with explicit settings will avoid this issue.
