auth0_client_grant does not change audience

Question

auth0_client_grant does not change audience

adamu opened this issue 5 years ago · 2 comments

adamu commented 5 years ago

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version

v0.12.23

Affected Resource(s)

auth0_client_grant

Terraform Configuration Files

resource "auth0_client_grant" "foo_api_grant" {
  audience  = "https://bar/"
  client_id = "redacted"
  scope = []
}

Debug Output

auth0_client_grant.foo_api_grant: Modifying... [id=redacted]
2020/03/12 11:17:00 [DEBUG] auth0_client_grant.foo_api_grant: applying the planned Update change
2020/03/12 11:17:01 [WARN] Provider "registry.terraform.io/-/auth0" produced an unexpected new value for auth0_client_grant.foo_api_grant, but we are tolerating it because it is using the legacy plugin SDK.
    The following problems may be the cause of any confusing errors from downstream operations:
      - .audience: was cty.StringVal("http://bar/"), but now cty.StringVal("http://foo/")
auth0_client_grant.foo_api_grant: Modifications complete after 0s [id=redacted]

Expected Behavior

Terraform destroys the grant and creates a new one with the correct audience.

Actual Behavior

Tries to update in place, although the Auth0 API does not support this.

  # auth0_client_grant.foo_api_grant will be updated in-place
  ~ resource "auth0_client_grant" "foo_api_grant" {
      ~ audience  = "https://foo/" -> "https://bar/"
        client_id = "ASDFGHJKLQWERTYUIOP"
        id        = "redacted"
        scope     = []
    }

Steps to Reproduce

change the audience
terraform apply

Important Factoids

The Auth0 Management API does not support editing the audience field, so it's necessary to re-create the resource.

Here is the output from trying to change the audience via the API manually:

{
  "statusCode": 400,
  "error": "Bad Request",
  "message": "Payload validation error: 'Additional properties not allowed: audience'.",
  "errorCode": "invalid_body"
}

Answer 1 · 2020-03-17T22:00:20.000Z

Should probably be easily solved by a ForceNew on the attribute. Thanks for reporting.

If you’re feeling up for a PR it would be much appreciated. Otherwise I might get to it soon enough

Answer 2 · 2020-03-25T16:37:26.000Z

This issue was moved by alexkappa to alexkappa/terraform-provider-auth0#186.