A Terraform provider to manage Okta resources, enabling infrastructure-as-code provisioning and management of users, groups, applications, and other Okta objects.
Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment
The DataSource currently returns a list of user ids
This API returns additional information that we currently don't expose to the user
the result is that the user may need to call the API twice for the same data
Additional information this DataSource could surface
externalId
created
lastUpdated
scope
status
statusChanged
passwordChanged
syncState
credentials
profile
I'm curious if a change like this would warrant a major version or if this could go out in a minor version
I also don't have any strong opinions on what should be surfaced in this dataSource, just calling out the gap 🙂
New or Affected Resource(s)
okta_app_user_assignments
Potential Terraform Configuration
The below example is a contrived example, but hopefully it makes the point clear
Before
data "okta_app" "example_app" { label = "Example App" }
data "okta_app_user_assignments" "example_app" { id = data.okta_app.example_app.id }
data "okta_user" "example_app_users" {
for_each = data.okta_app_user_assignments.example_app.users
user_id = each.key
skip_roles = true
skip_groups = true
}
resource "okta_group" "example_app_provisioning_errors" {name = "Example App provisioning errors"}
resource "okta_group_memberships" "example_app_provisioning_errors" {
group_id = okta_group.example_app_provisioning_errors.id
users = [for user in data.okta_user.example_app_users : user.id if user.syncState != "ERROR"]
}
After
data "okta_app" "example_app" { label = "Example App" }
data "okta_app_user_assignments" "example_app" { id = data.okta_app.example_app.id }
resource "okta_group" "example_app_provisioning_errors" {name = "Example App provisioning errors"}
resource "okta_group_memberships" "okta_administrators" {
group_id = okta_group.okta_administrators.id
users = [for user in data.okta_app_user_assignments.example_app.users : user.id if user.syncState != "ERROR"]
}
Community Note
Description
okta_app_user_assignments
uses/api/v1/apps/%v/users
via ListApplicationUsersThe DataSource currently returns a list of user
id
s This API returns additional information that we currently don't expose to the user the result is that the user may need to call the API twice for the same dataAdditional information this DataSource could surface
I'm curious if a change like this would warrant a major version or if this could go out in a minor version I also don't have any strong opinions on what should be surfaced in this dataSource, just calling out the gap 🙂
New or Affected Resource(s)
okta_app_user_assignments
Potential Terraform Configuration
The below example is a contrived example, but hopefully it makes the point clear
Before
After
References
0000