okta_email_domain_verification throws 400 error if email domain is already verified

[mvitt]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version

1.5.7

Affected Resource(s)

• okta_email_domain_verification

Terraform Configuration Files

resource "okta_email_domain_verification" "vanity_email_address_verification" {
  email_domain_id = okta_email_domain.vanity_email_address.id
}

Debug Output

From Terraform: Error: failed to verify email domain: 400 Bad Request

Expected Behavior

Resource should check to see if the email domain is already verified and if so return as successful (Maybe do aGET call to check the status of the email domain first before trying to verify)

Can this be done in the Admin UI?

Yes

Can this be done in the actual API call?

Yes

Actual Behavior

If the email Domain is already verified (via manually in the UI or an API call) the resource will throw a 400 with the following error message: "errorSummary": "status: Cannot validate email domain in current status."

Since this resource currently does not have the ability to be imported we will always get this error if the email has already been verified.

[duytiennguyen-okta]

OKTA internal reference https://oktainc.atlassian.net/browse/OKTA-701643