Timeout when creating onelogin_auth_servers

[Jamian]

I'm trying to create an Auth server and when applying I get the following:

Error: request error: context: ol http service, error_message: Post "https://api.us.onelogin.com/api/2/api_authorizations": context deadline exceeded (Client.Timeout exceeded while awaiting headers)

Any ideas on what may be causing this, or how to resolve it? The same Terraform project has successfully managed to create an onelogin_oidc_apps resource so this may be isolated to just the onelogin_auth_servers resource.

The resource block for the auth server is really basic, as follows:

resource "onelogin_auth_servers" "webapp" {
  name        = "Web App - Dev"
  description = "Authorization server for the Dev Web Application."
  configuration {
    resource_identifier              = "https://webapp-dev.example.com/contacts"
    audiences                        = ["https://webapp-dev.exampe.com/contacts"]
    refresh_token_expiration_minutes = 30
    access_token_expiration_minutes  = 10
  }
}

Thanks

[dcaponi]

Hey @Jamian this is an issue with the API itself with some requests taking on the order of minutes. We're aware of the issue and working on a fix. I'll leave this open as another forcing data point to make sure that API gets fixed. Once that fix is out, I'll let you know here by closing it.

[emtunc]

We've started seeing a lot of these timeout errors in the last few days too - incredibly frustrating!

Error: request error: context: ol http service, error_message: Get "https://api.eu.onelogin.com/api/2/mappings/XXX": context deadline exceeded (Client.Timeout exceeded while awaiting headers)

[dcaponi]

Hoping to ship an api-side fix for this by the end of the month as it's impacting some customers who aren't using TF as well. I'll follow up at the end of June to see if this is still happening and actually needs a provider-side update.

[dlethin]

Following.... we're experiencing this as well.

[dlethin]

In my case, it seem to be an issue with my local networking state. I stopped and started my WIFI and the error went away.

[Jamian]

Hey, @dcaponi did that api-side fix go in in the end? We're still seeing the timeout errors on our side.

[dcaponi]

Hey yall, we have tried to push a fix on the API side last week that would have fixed this but we noticed the performance degradation still exists for some accounts and it was reverted. We're working on a plan this week to fix and hopefully will have this out before the end of August (Ideally sooner and I'll update here when I have more information)

[endyrocket]

Hi @dcaponi , could you please update if this was fixed?

[dcaponi]

Hey @endyrocket sorry to be the bearer of bad news, but I haven't been involved with this project since OneLogin's Acquisition back in late 2021.

Please get in touch with someone at OneIdentity or Quest software to see if the internal API issues have been resolved. IIRC this was mostly due to a performance issue on the backend. (your account manager or customer service person should also be able to help)