Failed to create auto login application: the API returned an error: Api validation failed: mediated. Causes: errorSummary: 'signOnMode' does not match 'settings.signOn.signOnMode'

The-Croissant commented 7 months ago

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version

Terraform Version 1.7.5 Provider Version 4.8.0

Affected Resource(s)

okta_app_auto_login

Terraform Configuration Files

# Copy-paste your Terraform configurations here - for large Terraform configs,
# please use a service like Dropbox and share a link to the ZIP file. For
# security, you can also encrypt the files using our GPG public key: https://keybase.io/hashicorp

resource "okta_app_auto_login" "foo_bar_app" {
  label               = "Foo Bar"
  logo                = "logos/foo_bar.png"
  status              = "ACTIVE"
  preconfigured_app   = "sharepoint_local"
  app_settings_json   = "{\"siteURL\":\"https://xxxxx.sharepoint.com/sites/xxxxx/xxxxx/xxxx\"}"
  app_links_json      = "{\"login\":true}"
  auto_submit_toolbar = true
  reveal_password     = false
  admin_note          = "Managed in Terraform"
}

Expected Behavior

The app should have been created. Deployed a similar app 4 weeks prior to time of writing with no issue using the following config

resource "okta_app_auto_login" "foo_app" {
  label               = "Foo"
  logo                = "logos/fool.png"
  status              = "ACTIVE"
  preconfigured_app   = "sharepoint_local"
  app_settings_json   = "{\"siteURL\":\"https://xxxx.sharepoint.com/sites/xxxx\"}"
  app_links_json      = "{\"login\":true}"
  auto_submit_toolbar = true
  reveal_password     = false
  admin_note          = "Managed in Terraform"
}

Can this be done in the Admin UI?

Yes

Can this be done in the actual API call?

I dont know

Actual Behavior

Error on Apply:

│ Error: failed to create auto login application: the API returned an error: Api validation failed: mediated. Causes: errorSummary: 'signOnMode' does not match 'settings.signOn.signOnMode'
│ 
│   with okta_app_auto_login.foo_bar_app,
│   on apps.tf line 1898, in resource "okta_app_auto_login" "foo_bar_app":
│ 1898: resource "okta_app_auto_login" "foo_bar_app" {

Steps to Reproduce

Make a okta_app_auto_login using the preconfigured_app of sharepoint_local
terraform apply

Important Factoids

Running in TF Cloud, deploying through Github Actions.

duytiennguyen-okta commented 7 months ago

This error is coming from the API, and it should be fix in the April release. Please contact support if you see the error in production

MattJenko commented 7 months ago

Hi @duytiennguyen-okta

Is there a reference to this bug in the Okta API that we can track? It's causing us a lot of issues with our app rollouts, we may have to remove those apps from the state and manage manually until it's fixed.

jefftaylor-okta commented 7 months ago

@MattJenko Thanks for your question. Since this is with our internal teams, this bug would not be trackable externally. I can assure you the fix has been checked and should be released in April. Usually, these releases will hit prod mid month.

stevem42 commented 5 months ago

@duytiennguyen-okta @jefftaylor-okta The initial error has been resolved with the April API update. Unfortunately there is a new/still exisiting error specifically relating to office365 okta_app_auto_login applications.

│ Error: failed to update auto login application: the API returned an error: Api validation failed: customRuleSettings.customRule. Causes: errorSummary: customRuleSettings.customRule: The expression is invalid: Property 'source' not found, Status: 400 Bad Request

This error applies when trying to update an application imported back into state (post April Release) but also when trying to update an application created successfully through Terraform 3 months ago, and untouched since. The only update is a label change which fails with the above error.

okta / terraform-provider-okta