Closed marcusvoss closed 3 years ago
Hey @marcusvoss we currently support the relaystate
parameter on SAML apps
I'm not certain about the newrelic app in particular, but its also likely that relay
is a custom configuration parameter of the app you are defining. Is relay
in fact what you wish to set here, or are you trying to specify the relaystate
of such SAML app?
If I may, I'd suggest trying to set relaystate
now and see if that unblocks you. If so, please comment & close the issue, otherwise, let me know and we'll get relay
plugged in as well.
Thanks for reaching out!
Hey @dcaponi I was confused by the line 53 in the same file. It was indicating for me that the relaystate will only work for OIDC apps.
But anyhow @tkallenberg-tw and me tried it with this code:
resource "onelogin_saml_apps" "app" {
visible = true
allow_assumed_signin = false
connector_id = var.connector_id
description = var.description
name = var.name
notes = "IaC: ${var.vcs_url}"
configuration = {
signature_algorithm = "SHA-512"
relaystate = "https://one.eu.newrelic.com/"
}
provisioning = {
enabled = true
}
The result was this error:
Error: error: context: [ol http service], error_message: [{"message":"Unknown parameter on configuration section: relaystate","statusCode":400,"name":"BadRequestError"}]
on ../../modules/onelogin_app/saml_app.tf line 1, in resource "onelogin_saml_apps" "app":
1: resource "onelogin_saml_apps" "app" {
Any idea what we can improve?
Cheers, Marcus
Im going to add relay
as a configuration field so our provider looks out for it and manages it. You can try with v0.1.7 by setting relay = "https://one.eu.newrelic.com/"
as you attempted earlier.
Please let me know the outcome @marcusvoss 😄
@marcusvoss Can I go ahead and close this out?
@dcaponi great it is working. Thank you :) Sorry we had trouble on other ends and so limit test capacity.
Hi,
we would like to be able to maintain the relayState with the terraform verb onelogin_saml_app.
It is already possible with the API, so I hope, it is easy for you to add to the terraform provider as well. API example: "configuration": { "relay": "superduper", "certificate_id": 271155, "account_id": "9d11aa89-2033-4111-869a-e6c24e22556c", "signature_algorithm": "SHA-1" }
For us it is another step towards having the New Relic with organization app configured fully with terraform. In this sense #29 is related to this issue.
In our case we do use the EU region of New Relic and we would like to have users being ending up in this region right away. The app it self is able to do so (Thanks to Chris from your support team).
Thanks in advance