Add relayState to configuration of onelogin_saml_app

[marcusvoss]

Hi,

we would like to be able to maintain the relayState with the terraform verb onelogin_saml_app.

It is already possible with the API, so I hope, it is easy for you to add to the terraform provider as well. API example: "configuration": { "relay": "superduper", "certificate_id": 271155, "account_id": "9d11aa89-2033-4111-869a-e6c24e22556c", "signature_algorithm": "SHA-1" }

For us it is another step towards having the New Relic with organization app configured fully with terraform. In this sense #29 is related to this issue.

In our case we do use the EU region of New Relic and we would like to have users being ending up in this region right away. The app it self is able to do so (Thanks to Chris from your support team).

Thanks in advance

[dcaponi]

Hey @marcusvoss we currently support the relaystate parameter on SAML apps

I'm not certain about the newrelic app in particular, but its also likely that relay is a custom configuration parameter of the app you are defining. Is relay in fact what you wish to set here, or are you trying to specify the relaystate of such SAML app?

If I may, I'd suggest trying to set relaystate now and see if that unblocks you. If so, please comment & close the issue, otherwise, let me know and we'll get relay plugged in as well.

Thanks for reaching out!

[marcusvoss]

Hey @dcaponi I was confused by the line 53 in the same file. It was indicating for me that the relaystate will only work for OIDC apps.

But anyhow @tkallenberg-tw and me tried it with this code:

resource "onelogin_saml_apps" "app" {
  visible              = true
  allow_assumed_signin = false
  connector_id         = var.connector_id
  description          = var.description
  name                 = var.name
  notes                = "IaC: ${var.vcs_url}"
  configuration = {
    signature_algorithm = "SHA-512"
    relaystate          = "https://one.eu.newrelic.com/"
  }
  provisioning = {
    enabled = true
  }

The result was this error:

Error: error: context: [ol http service], error_message: [{"message":"Unknown parameter on configuration section: relaystate","statusCode":400,"name":"BadRequestError"}]
  on ../../modules/onelogin_app/saml_app.tf line 1, in resource "onelogin_saml_apps" "app":
   1: resource "onelogin_saml_apps" "app" {

Any idea what we can improve?

Cheers, Marcus

[dcaponi]

Im going to add relay as a configuration field so our provider looks out for it and manages it. You can try with v0.1.7 by setting relay = "https://one.eu.newrelic.com/" as you attempted earlier.

Please let me know the outcome @marcusvoss 😄

[dcaponi]

@marcusvoss Can I go ahead and close this out?

[marcusvoss]

@dcaponi great it is working. Thank you :) Sorry we had trouble on other ends and so limit test capacity.