`data_source_okta_app_user_assignments` - Expose entire api response

[exitcode0]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

okta_app_user_assignments uses /api/v1/apps/%v/users via ListApplicationUsers

The DataSource currently returns a list of user ids This API returns additional information that we currently don't expose to the user the result is that the user may need to call the API twice for the same data

Additional information this DataSource could surface

• externalId
• created
• lastUpdated
• scope
• status
• statusChanged
• passwordChanged
• syncState
• credentials
• profile

I'm curious if a change like this would warrant a major version or if this could go out in a minor version I also don't have any strong opinions on what should be surfaced in this dataSource, just calling out the gap 🙂

New or Affected Resource(s)

• okta_app_user_assignments

Potential Terraform Configuration

The below example is a contrived example, but hopefully it makes the point clear

Before

data "okta_app" "example_app" { label = "Example App" }
data "okta_app_user_assignments" "example_app" { id = data.okta_app.example_app.id }
data "okta_user" "example_app_users" {
  for_each    = data.okta_app_user_assignments.example_app.users
  user_id     = each.key
  skip_roles  = true
  skip_groups = true
}
resource "okta_group" "example_app_provisioning_errors" {name = "Example App provisioning errors"}
resource "okta_group_memberships" "example_app_provisioning_errors" {
  group_id = okta_group.example_app_provisioning_errors.id
  users = [for user in data.okta_user.example_app_users : user.id if user.syncState != "ERROR"]
}

After

data "okta_app" "example_app" { label = "Example App" }
data "okta_app_user_assignments" "example_app" { id = data.okta_app.example_app.id }
resource "okta_group" "example_app_provisioning_errors" {name = "Example App provisioning errors"}
resource "okta_group_memberships" "okta_administrators" {
  group_id = okta_group.okta_administrators.id
  users = [for user in data.okta_app_user_assignments.example_app.users : user.id if user.syncState != "ERROR"]
}

References

• 0000

[duytiennguyen-okta]

OKTA internal reference https://oktainc.atlassian.net/browse/OKTA-675524