Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PolicyRule for IDP_DISCOVERY ignores actions.idp.providers setting #411

Open
antonenkoDev opened this issue Apr 22, 2024 · 0 comments
Open
Labels

Comments

@antonenkoDev
Copy link

Describe the bug

when using policyApi.replacePolicyRule I expect to update an existing policy with a new list of domain names to use as a pattern to discover IDP.
My PolicyRule object is
{ "name": "idp_connectionpoolcheck2_Email_Rule", "type": "IDP_DISCOVERY", "status": "ACTIVE", "system": false, "conditions": { "network": { "connection": "ANYWHERE" }, "platform": { "include": [ { "type": "ANY", "os": { "type": "ANY" } } ], "exclude": [] }, "userIdentifier": { "patterns": [ { "matchType": "SUFFIX", "value": "test5.com" }, { "matchType": "SUFFIX", "value": "test6.com" } ], "type": "IDENTIFIER" }, "app": { "include": [], "exclude": [] } }, "actions": { "idp": { "providers": [ { "id": "0oa1pciz8kfNsAZMY1d8", "name": "idp_connectionpoolcheck2", "type": "SAML2" } ] } } }
When I use it in Postman it creates a Rule I expect.
But policyApi.replacePolicyRule creates a rule where actions.idp.providers are set to default Okta:
{ "id": "0pr1pcizpeiyjruKY1d8", "status": "ACTIVE", "name": "idp_connectionpoolcheck2_Email_Rule", "priority": 7, "created": null, "lastUpdated": "2024-04-22T21:02:11.000Z", "system": false, "conditions": { "network": { "connection": "ANYWHERE" }, "platform": { "include": [ { "type": "ANY", "os": { "type": "ANY" } } ], "exclude": [] }, "userIdentifier": { "patterns": [ { "matchType": "SUFFIX", "value": "test5.com" }, { "matchType": "SUFFIX", "value": "test6.com" } ], "type": "IDENTIFIER" }, "app": { "include": [], "exclude": [] } }, "actions": { "idp": { "providers": [ { "type": "OKTA" } ], "idpSelectionType": "SPECIFIC" } }, "_links": { "self": { "href": "**NDA**/api/v1/policies/**NDA**/rules/**NDA**", "hints": { "allow": [ "GET", "PUT", "DELETE" ] } }, "deactivate": { "href": "**NDA**/api/v1/policies/**NDA**/rules/**NDA**/lifecycle/deactivate", "hints": { "allow": [ "POST" ] } } }, "type": "IDP_DISCOVERY" },

Reproduction Steps?

create a rule using policyApi.createPolicyRule or update using policyApi.replacePolicyRule with setting from bug description.
Check created PolicyRule in Okta

SDK Versions

System:
OS: macOS 14.4
CPU: (12) x64 Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz
Memory: 227.79 MB / 32.00 GB
Shell: 5.2.15 - /usr/local/bin/bash
Binaries:
Node: 20.10.0 - ~/.nvm/versions/node/v20.10.0/bin/node
npm: 10.5.1 - ~/.nvm/versions/node/v20.10.0/bin/npm
Browsers:
Chrome: 124.0.6367.62
Safari: 17.4
npmPackages:
@okta/jwt-verifier: ^3.0.0 => 3.0.0
@okta/okta-auth-js: ^7.1.0 => 7.1.0
@okta/okta-sdk-nodejs: ^7.0.1 => 7.0.1

Additional Information

No response

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

1 participant