Created
June 8, 2023 06:36
-
-
Save emanor-okta/0c44ad11bda95f23b321db6a3b7e7741 to your computer and use it in GitHub Desktop.
refresh_token_leeway Errol okta_app_oauth - terraform apply
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| terraform apply | |
| 2023-06-07T23:02:41.999-0700 [INFO] Terraform version: 1.4.6 | |
| 2023-06-07T23:02:42.000-0700 [DEBUG] using github.com/hashicorp/go-tfe v1.21.0 | |
| 2023-06-07T23:02:42.000-0700 [DEBUG] using github.com/hashicorp/hcl/v2 v2.16.2 | |
| 2023-06-07T23:02:42.000-0700 [DEBUG] using github.com/hashicorp/terraform-config-inspect v0.0.0-20210209133302-4fd17a0faac2 | |
| 2023-06-07T23:02:42.000-0700 [DEBUG] using github.com/hashicorp/terraform-svchost v0.1.0 | |
| 2023-06-07T23:02:42.000-0700 [DEBUG] using github.com/zclconf/go-cty v1.12.1 | |
| 2023-06-07T23:02:42.000-0700 [INFO] Go runtime version: go1.19.6 | |
| 2023-06-07T23:02:42.000-0700 [INFO] CLI args: []string{"terraform", "apply"} | |
| 2023-06-07T23:02:42.000-0700 [DEBUG] Attempting to open CLI config file: /Users/firstanor/.terraformrc | |
| 2023-06-07T23:02:42.000-0700 [DEBUG] File doesn't exist, but doesn't need to. Ignoring. | |
| 2023-06-07T23:02:42.000-0700 [DEBUG] checking for credentials in "/Users/e/.terraform.d/plugins" | |
| 2023-06-07T23:02:42.001-0700 [DEBUG] ignoring non-existing provider search directory terraform.d/plugins | |
| 2023-06-07T23:02:42.001-0700 [DEBUG] will search for provider plugins in /Users/e/.terraform.d/plugins | |
| 2023-06-07T23:02:42.003-0700 [DEBUG] ignoring non-existing provider search directory /Users/e/Library/Application Support/io.terraform/plugins | |
| 2023-06-07T23:02:42.003-0700 [DEBUG] ignoring non-existing provider search directory /Library/Application Support/io.terraform/plugins | |
| 2023-06-07T23:02:42.003-0700 [INFO] CLI command args: []string{"apply"} | |
| 2023-06-07T23:02:42.005-0700 [DEBUG] New state was assigned lineage "34b7ca1e-2261-7873-b3ea-4cb8eb8eb1a4" | |
| 2023-06-07T23:02:42.085-0700 [DEBUG] checking for provisioner in "." | |
| 2023-06-07T23:02:42.086-0700 [DEBUG] checking for provisioner in "/Users/e/Terraform" | |
| 2023-06-07T23:02:42.086-0700 [DEBUG] checking for provisioner in "/Users/e/.terraform.d/plugins" | |
| 2023-06-07T23:02:42.087-0700 [INFO] backend/local: starting Apply operation | |
| 2023-06-07T23:02:42.089-0700 [DEBUG] created provider logger: level=debug | |
| 2023-06-07T23:02:42.089-0700 [INFO] provider: configuring client automatic mTLS | |
| 2023-06-07T23:02:42.105-0700 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/okta/okta/4.0.0/darwin_amd64/terraform-provider-okta_v4.0.0 args=[.terraform/providers/registry.terraform.io/okta/okta/4.0.0/darwin_amd64/terraform-provider-okta_v4.0.0] | |
| 2023-06-07T23:02:42.109-0700 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/okta/okta/4.0.0/darwin_amd64/terraform-provider-okta_v4.0.0 pid=6263 | |
| 2023-06-07T23:02:42.109-0700 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/okta/okta/4.0.0/darwin_amd64/terraform-provider-okta_v4.0.0 | |
| 2023-06-07T23:02:42.122-0700 [INFO] provider.terraform-provider-okta_v4.0.0: configuring server automatic mTLS: timestamp=2023-06-07T23:02:42.122-0700 | |
| 2023-06-07T23:02:42.140-0700 [DEBUG] provider: using plugin: version=5 | |
| 2023-06-07T23:02:42.140-0700 [DEBUG] provider.terraform-provider-okta_v4.0.0: plugin address: address=/var/folders/7c/092rkjpx74bf48cyb8_hf0ym0000gn/T/plugin3857979625 network=unix timestamp=2023-06-07T23:02:42.140-0700 | |
| 2023-06-07T23:02:42.166-0700 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF" | |
| 2023-06-07T23:02:42.167-0700 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/okta/okta/4.0.0/darwin_amd64/terraform-provider-okta_v4.0.0 pid=6263 | |
| 2023-06-07T23:02:42.167-0700 [DEBUG] provider: plugin exited | |
| 2023-06-07T23:02:42.168-0700 [DEBUG] Building and walking validate graph | |
| 2023-06-07T23:02:42.168-0700 [DEBUG] ProviderTransformer: "okta_app_oauth.my_applicationName" (*terraform.NodeValidatableResource) needs provider["registry.terraform.io/okta/okta"] | |
| 2023-06-07T23:02:42.168-0700 [DEBUG] ReferenceTransformer: "okta_app_oauth.my_applicationName" references: [] | |
| 2023-06-07T23:02:42.168-0700 [DEBUG] ReferenceTransformer: "var.api_token" references: [] | |
| 2023-06-07T23:02:42.168-0700 [DEBUG] ReferenceTransformer: "var.base_url" references: [] | |
| 2023-06-07T23:02:42.168-0700 [DEBUG] ReferenceTransformer: "var.preconfig" references: [] | |
| 2023-06-07T23:02:42.168-0700 [DEBUG] ReferenceTransformer: "var.org_name" references: [] | |
| 2023-06-07T23:02:42.168-0700 [DEBUG] ReferenceTransformer: "provider[\"registry.terraform.io/okta/okta\"]" references: [var.org_name var.api_token var.base_url] | |
| 2023-06-07T23:02:42.168-0700 [DEBUG] Starting graph walk: walkValidate | |
| 2023-06-07T23:02:42.169-0700 [DEBUG] created provider logger: level=debug | |
| 2023-06-07T23:02:42.169-0700 [INFO] provider: configuring client automatic mTLS | |
| 2023-06-07T23:02:42.176-0700 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/okta/okta/4.0.0/darwin_amd64/terraform-provider-okta_v4.0.0 args=[.terraform/providers/registry.terraform.io/okta/okta/4.0.0/darwin_amd64/terraform-provider-okta_v4.0.0] | |
| 2023-06-07T23:02:42.180-0700 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/okta/okta/4.0.0/darwin_amd64/terraform-provider-okta_v4.0.0 pid=6264 | |
| 2023-06-07T23:02:42.180-0700 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/okta/okta/4.0.0/darwin_amd64/terraform-provider-okta_v4.0.0 | |
| 2023-06-07T23:02:42.194-0700 [INFO] provider.terraform-provider-okta_v4.0.0: configuring server automatic mTLS: timestamp=2023-06-07T23:02:42.194-0700 | |
| 2023-06-07T23:02:42.211-0700 [DEBUG] provider: using plugin: version=5 | |
| 2023-06-07T23:02:42.211-0700 [DEBUG] provider.terraform-provider-okta_v4.0.0: plugin address: address=/var/folders/7c/092rkjpx74bf48cyb8_hf0ym0000gn/T/plugin2662262549 network=unix timestamp=2023-06-07T23:02:42.211-0700 | |
| 2023-06-07T23:02:42.238-0700 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF" | |
| 2023-06-07T23:02:42.239-0700 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/okta/okta/4.0.0/darwin_amd64/terraform-provider-okta_v4.0.0 pid=6264 | |
| 2023-06-07T23:02:42.240-0700 [DEBUG] provider: plugin exited | |
| 2023-06-07T23:02:42.240-0700 [INFO] backend/local: apply calling Plan | |
| 2023-06-07T23:02:42.240-0700 [DEBUG] Building and walking plan graph for NormalMode | |
| 2023-06-07T23:02:42.240-0700 [DEBUG] ProviderTransformer: "okta_app_oauth.my_applicationName (expand)" (*terraform.nodeExpandPlannableResource) needs provider["registry.terraform.io/okta/okta"] | |
| 2023-06-07T23:02:42.240-0700 [DEBUG] ReferenceTransformer: "var.api_token" references: [] | |
| 2023-06-07T23:02:42.240-0700 [DEBUG] ReferenceTransformer: "provider[\"registry.terraform.io/okta/okta\"]" references: [var.api_token var.base_url var.org_name] | |
| 2023-06-07T23:02:42.240-0700 [DEBUG] ReferenceTransformer: "okta_app_oauth.my_applicationName (expand)" references: [] | |
| 2023-06-07T23:02:42.240-0700 [DEBUG] ReferenceTransformer: "var.base_url" references: [] | |
| 2023-06-07T23:02:42.240-0700 [DEBUG] ReferenceTransformer: "var.preconfig" references: [] | |
| 2023-06-07T23:02:42.240-0700 [DEBUG] ReferenceTransformer: "var.org_name" references: [] | |
| 2023-06-07T23:02:42.240-0700 [DEBUG] Starting graph walk: walkPlan | |
| 2023-06-07T23:02:42.241-0700 [DEBUG] created provider logger: level=debug | |
| 2023-06-07T23:02:42.241-0700 [INFO] provider: configuring client automatic mTLS | |
| 2023-06-07T23:02:42.247-0700 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/okta/okta/4.0.0/darwin_amd64/terraform-provider-okta_v4.0.0 args=[.terraform/providers/registry.terraform.io/okta/okta/4.0.0/darwin_amd64/terraform-provider-okta_v4.0.0] | |
| 2023-06-07T23:02:42.252-0700 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/okta/okta/4.0.0/darwin_amd64/terraform-provider-okta_v4.0.0 pid=6265 | |
| 2023-06-07T23:02:42.252-0700 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/okta/okta/4.0.0/darwin_amd64/terraform-provider-okta_v4.0.0 | |
| 2023-06-07T23:02:42.265-0700 [INFO] provider.terraform-provider-okta_v4.0.0: configuring server automatic mTLS: timestamp=2023-06-07T23:02:42.265-0700 | |
| 2023-06-07T23:02:42.283-0700 [DEBUG] provider: using plugin: version=5 | |
| 2023-06-07T23:02:42.283-0700 [DEBUG] provider.terraform-provider-okta_v4.0.0: plugin address: address=/var/folders/7c/092rkjpx74bf48cyb8_hf0ym0000gn/T/plugin2190168433 network=unix timestamp=2023-06-07T23:02:42.283-0700 | |
| 2023-06-07T23:02:42.308-0700 [WARN] ValidateProviderConfig from "provider[\"registry.terraform.io/okta/okta\"]" changed the config value, but that value is unused | |
| 2023-06-07T23:02:42.308-0700 [INFO] provider.terraform-provider-okta_v4.0.0: 2023/06/07 23:02:42 [INFO] Initializing Okta client: timestamp=2023-06-07T23:02:42.308-0700 | |
| 2023-06-07T23:02:42.308-0700 [DEBUG] provider.terraform-provider-okta_v4.0.0: 2023/06/07 11:02:42 [INFO] running with backoff http client, wait min 30000000000, wait max 300000000000, retry max 5 | |
| 2023-06-07T23:02:42.309-0700 [DEBUG] provider.terraform-provider-okta_v4.0.0: 2023/06/07 11:02:42 [DEBUG] performing request: method=GET url=https://first-classic.okta.com/api/v1/users/me | |
| 2023-06-07T23:02:42.309-0700 [INFO] provider.terraform-provider-okta_v4.0.0: 2023/06/07 23:02:42 [DEBUG] Okta API Request Details: | |
| ---[ REQUEST ]--------------------------------------- | |
| GET /api/v1/users/me HTTP/1.1 | |
| Host: first-classic.okta.com | |
| User-Agent: okta-sdk-golang/2.17.0 golang/go1.20.3 darwin/amd64 okta-terraform/4.0.0 | |
| Accept: application/json | |
| Authorization: SSWS <hidden> | |
| Accept-Encoding: gzip | |
| -----------------------------------------------------: timestamp=2023-06-07T23:02:42.309-0700 | |
| 2023-06-07T23:02:42.546-0700 [INFO] provider.terraform-provider-okta_v4.0.0: 2023/06/07 23:02:42 [DEBUG] Okta API Response Details: | |
| ---[ RESPONSE ]-------------------------------------- | |
| HTTP/2.0 200 OK | |
| Cache-Control: no-cache, no-store | |
| Content-Security-Policy: frame-ancestors 'self' | |
| Content-Type: application/json | |
| Date: Thu, 08 Jun 2023 06:02:42 GMT | |
| Expires: 0 | |
| P3p: CP="HONK" | |
| Pragma: no-cache | |
| Public-Key-Pins-Report-Only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" | |
| Server: nginx | |
| Set-Cookie: sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ | |
| Set-Cookie: autolaunch_triggered=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ | |
| Set-Cookie: JSESSIONID=559CAA48FC5C77DC2FA4DA8CBFD73D83; Path=/; Secure; HttpOnly | |
| Strict-Transport-Security: max-age=315360000; includeSubDomains | |
| Vary: Accept-Encoding | |
| X-Content-Type-Options: nosniff | |
| X-Okta-Request-Id: ZIFvAidBpTUXF81a9LDY0AAABwk | |
| X-Rate-Limit-Limit: 500 | |
| X-Rate-Limit-Remaining: 499 | |
| X-Rate-Limit-Reset: 1686204222 | |
| X-Xss-Protection: 0 | |
| { | |
| "id": "00u51vi328LLDPbrM697", | |
| "status": "ACTIVE", | |
| "created": "2023-04-19T16:46:48.000Z", | |
| "activated": null, | |
| "statusChanged": "2023-04-19T19:15:55.000Z", | |
| "lastLogin": "2023-06-07T16:32:09.000Z", | |
| "lastUpdated": "2023-04-19T19:15:56.000Z", | |
| "passwordChanged": "2023-04-19T19:15:55.000Z", | |
| "type": { | |
| "id": "oty51vi2zbJ1WvShy697" | |
| }, | |
| "profile": { | |
| "firstName": "First", | |
| "lastName": "Last", | |
| "mobilePhone": null, | |
| "secondEmail": null, | |
| "login": "[email protected]", | |
| "email": "[email protected]" | |
| }, | |
| "credentials": { | |
| "password": {}, | |
| "recovery_question": { | |
| "question": "What is the food you least liked as a child?" | |
| }, | |
| "provider": { | |
| "type": "OKTA", | |
| "name": "OKTA" | |
| } | |
| }, | |
| "_links": { | |
| "suspend": { | |
| "href": "https://first-classic.okta.com/api/v1/users/00u51vi328LLDPbrM697/lifecycle/suspend", | |
| "method": "POST" | |
| }, | |
| "schema": { | |
| "href": "https://first-classic.okta.com/api/v1/meta/schemas/user/osc51vi2zbJ1WvShy697" | |
| }, | |
| "resetPassword": { | |
| "href": "https://first-classic.okta.com/api/v1/users/00u51vi328LLDPbrM697/lifecycle/reset_password", | |
| "method": "POST" | |
| }, | |
| "forgotPassword": { | |
| "href": "https://first-classic.okta.com/api/v1/users/00u51vi328LLDPbrM697/credentials/forgot_password", | |
| "method": "POST" | |
| }, | |
| "expirePassword": { | |
| "href": "https://first-classic.okta.com/api/v1/users/00u51vi328LLDPbrM697/lifecycle/expire_password", | |
| "method": "POST" | |
| }, | |
| "changeRecoveryQuestion": { | |
| "href": "https://first-classic.okta.com/api/v1/users/00u51vi328LLDPbrM697/credentials/change_recovery_question", | |
| "method": "POST" | |
| }, | |
| "self": { | |
| "href": "https://first-classic.okta.com/api/v1/users/00u51vi328LLDPbrM697" | |
| }, | |
| "resetFactors": { | |
| "href": "https://first-classic.okta.com/api/v1/users/00u51vi328LLDPbrM697/lifecycle/reset_factors", | |
| "method": "POST" | |
| }, | |
| "type": { | |
| "href": "https://first-classic.okta.com/api/v1/meta/types/user/oty51vi2zbJ1WvShy697" | |
| }, | |
| "changePassword": { | |
| "href": "https://first-classic.okta.com/api/v1/users/00u51vi328LLDPbrM697/credentials/change_password", | |
| "method": "POST" | |
| }, | |
| "deactivate": { | |
| "href": "https://first-classic.okta.com/api/v1/users/00u51vi328LLDPbrM697/lifecycle/deactivate", | |
| "method": "POST" | |
| } | |
| } | |
| } | |
| -----------------------------------------------------: timestamp=2023-06-07T23:02:42.546-0700 | |
| 2023-06-07T23:02:42.546-0700 [DEBUG] provider.terraform-provider-okta_v4.0.0: 2023/06/07 11:02:42 [INFO] running with backoff http client, wait min 30000000000, wait max 300000000000, retry max 5 | |
| 2023-06-07T23:02:42.547-0700 [DEBUG] Resource instance state not found for node "okta_app_oauth.my_applicationName", instance okta_app_oauth.my_applicationName | |
| 2023-06-07T23:02:42.547-0700 [DEBUG] ReferenceTransformer: "okta_app_oauth.my_applicationName" references: [] | |
| 2023-06-07T23:02:42.548-0700 [DEBUG] refresh: okta_app_oauth.my_applicationName: no state, so not refreshing | |
| 2023-06-07T23:02:42.555-0700 [WARN] Provider "registry.terraform.io/okta/okta" produced an invalid plan for okta_app_oauth.my_applicationName, but we are tolerating it because it is using the legacy plugin SDK. | |
| The following problems may be the cause of any confusing errors from downstream operations: | |
| - .user_name_template: planned value cty.StringVal("${source.login}") for a non-computed attribute | |
| - .status: planned value cty.StringVal("ACTIVE") for a non-computed attribute | |
| - .omit_secret: planned value cty.False for a non-computed attribute | |
| - .accessibility_self_service: planned value cty.False for a non-computed attribute | |
| - .auto_submit_toolbar: planned value cty.False for a non-computed attribute | |
| - .wildcard_redirect: planned value cty.StringVal("DISABLED") for a non-computed attribute | |
| - .user_name_template_type: planned value cty.StringVal("BUILT_IN") for a non-computed attribute | |
| 2023-06-07T23:02:42.556-0700 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF" | |
| 2023-06-07T23:02:42.558-0700 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/okta/okta/4.0.0/darwin_amd64/terraform-provider-okta_v4.0.0 pid=6265 | |
| 2023-06-07T23:02:42.558-0700 [DEBUG] provider: plugin exited | |
| 2023-06-07T23:02:42.558-0700 [DEBUG] building apply graph to check for errors | |
| 2023-06-07T23:02:42.558-0700 [DEBUG] Resource state not found for node "okta_app_oauth.my_applicationName", instance okta_app_oauth.my_applicationName | |
| 2023-06-07T23:02:42.559-0700 [DEBUG] ProviderTransformer: "okta_app_oauth.my_applicationName" (*terraform.NodeApplyableResourceInstance) needs provider["registry.terraform.io/okta/okta"] | |
| 2023-06-07T23:02:42.559-0700 [DEBUG] ProviderTransformer: "okta_app_oauth.my_applicationName (expand)" (*terraform.nodeExpandApplyableResource) needs provider["registry.terraform.io/okta/okta"] | |
| 2023-06-07T23:02:42.559-0700 [DEBUG] ReferenceTransformer: "okta_app_oauth.my_applicationName" references: [] | |
| 2023-06-07T23:02:42.559-0700 [DEBUG] ReferenceTransformer: "provider[\"registry.terraform.io/okta/okta\"]" references: [var.api_token var.base_url var.org_name] | |
| 2023-06-07T23:02:42.559-0700 [DEBUG] ReferenceTransformer: "okta_app_oauth.my_applicationName (expand)" references: [] | |
| 2023-06-07T23:02:42.559-0700 [DEBUG] ReferenceTransformer: "var.api_token" references: [] | |
| 2023-06-07T23:02:42.559-0700 [DEBUG] ReferenceTransformer: "var.base_url" references: [] | |
| 2023-06-07T23:02:42.559-0700 [DEBUG] ReferenceTransformer: "var.preconfig" references: [] | |
| 2023-06-07T23:02:42.559-0700 [DEBUG] ReferenceTransformer: "var.org_name" references: [] | |
| Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: | |
| + create | |
| Terraform will perform the following actions: | |
| # okta_app_oauth.my_applicationName will be created | |
| + resource "okta_app_oauth" "my_applicationName" { | |
| + accessibility_self_service = false | |
| + auto_key_rotation = true | |
| + auto_submit_toolbar = false | |
| + client_id = (known after apply) | |
| + client_secret = (sensitive value) | |
| + consent_method = "REQUIRED" | |
| + grant_types = [ | |
| + "authorization_code", | |
| + "refresh_token", | |
| ] | |
| + hide_ios = true | |
| + hide_web = true | |
| + id = (known after apply) | |
| + implicit_assignment = false | |
| + issuer_mode = "DYNAMIC" | |
| + label = "r" | |
| + login_mode = "DISABLED" | |
| + logo_url = (known after apply) | |
| + name = (known after apply) | |
| + omit_secret = false | |
| + pkce_required = true | |
| + post_logout_redirect_uris = [ | |
| + "http://127.0.0.1:18499/logout", | |
| + "http://127.0.0.1:27367/logout", | |
| + "http://127.0.0.1:45978/logout", | |
| + "http://127.0.0.1:8176/logout", | |
| + "http://127.0.0.1:9342/logout", | |
| ] | |
| + redirect_uris = [ | |
| + "com.oktapreview.domain:/callback", | |
| + "http://127.0.0.1:8176/session", | |
| + "http://127.0.0.1:9342/session", | |
| + "http://127.0.0.1:18499/session", | |
| + "http://127.0.0.1:27367/session", | |
| + "http://127.0.0.1:45978/session", | |
| ] | |
| + refresh_token_leeway = 0 | |
| + refresh_token_rotation = "ROTATE" | |
| + response_types = [ | |
| + "code", | |
| ] | |
| + sign_on_mode = (known after apply) | |
| + status = "ACTIVE" | |
| + token_endpoint_auth_method = "none" | |
| + type = "native" | |
| + user_name_template = "${source.login}" | |
| + user_name_template_type = "BUILT_IN" | |
| + wildcard_redirect = "DISABLED" | |
| } | |
| Plan: 1 to add, 0 to change, 0 to destroy. | |
| 2023-06-07T23:02:42.561-0700 [DEBUG] command: asking for input: "\nDo you want to perform these actions?" | |
| Do you want to perform these actions? | |
| Terraform will perform the actions described above. | |
| Only 'yes' will be accepted to approve. | |
| Enter a value: yes | |
| 2023-06-07T23:02:46.396-0700 [INFO] backend/local: apply calling Apply | |
| 2023-06-07T23:02:46.396-0700 [DEBUG] Building and walking apply graph for NormalMode plan | |
| 2023-06-07T23:02:46.396-0700 [DEBUG] Resource state not found for node "okta_app_oauth.my_applicationName", instance okta_app_oauth.my_applicationName | |
| 2023-06-07T23:02:46.396-0700 [DEBUG] ProviderTransformer: "okta_app_oauth.my_applicationName (expand)" (*terraform.nodeExpandApplyableResource) needs provider["registry.terraform.io/okta/okta"] | |
| 2023-06-07T23:02:46.397-0700 [DEBUG] ProviderTransformer: "okta_app_oauth.my_applicationName" (*terraform.NodeApplyableResourceInstance) needs provider["registry.terraform.io/okta/okta"] | |
| 2023-06-07T23:02:46.397-0700 [DEBUG] ReferenceTransformer: "var.preconfig" references: [] | |
| 2023-06-07T23:02:46.397-0700 [DEBUG] ReferenceTransformer: "okta_app_oauth.my_applicationName" references: [] | |
| 2023-06-07T23:02:46.397-0700 [DEBUG] ReferenceTransformer: "provider[\"registry.terraform.io/okta/okta\"]" references: [var.api_token var.base_url var.org_name] | |
| 2023-06-07T23:02:46.397-0700 [DEBUG] ReferenceTransformer: "okta_app_oauth.my_applicationName (expand)" references: [] | |
| 2023-06-07T23:02:46.397-0700 [DEBUG] ReferenceTransformer: "var.org_name" references: [] | |
| 2023-06-07T23:02:46.397-0700 [DEBUG] ReferenceTransformer: "var.api_token" references: [] | |
| 2023-06-07T23:02:46.397-0700 [DEBUG] ReferenceTransformer: "var.base_url" references: [] | |
| 2023-06-07T23:02:46.397-0700 [DEBUG] Starting graph walk: walkApply | |
| 2023-06-07T23:02:46.398-0700 [DEBUG] created provider logger: level=debug | |
| 2023-06-07T23:02:46.398-0700 [INFO] provider: configuring client automatic mTLS | |
| 2023-06-07T23:02:46.407-0700 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/okta/okta/4.0.0/darwin_amd64/terraform-provider-okta_v4.0.0 args=[.terraform/providers/registry.terraform.io/okta/okta/4.0.0/darwin_amd64/terraform-provider-okta_v4.0.0] | |
| 2023-06-07T23:02:46.411-0700 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/okta/okta/4.0.0/darwin_amd64/terraform-provider-okta_v4.0.0 pid=6266 | |
| 2023-06-07T23:02:46.411-0700 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/okta/okta/4.0.0/darwin_amd64/terraform-provider-okta_v4.0.0 | |
| 2023-06-07T23:02:46.425-0700 [INFO] provider.terraform-provider-okta_v4.0.0: configuring server automatic mTLS: timestamp=2023-06-07T23:02:46.424-0700 | |
| 2023-06-07T23:02:46.443-0700 [DEBUG] provider: using plugin: version=5 | |
| 2023-06-07T23:02:46.444-0700 [DEBUG] provider.terraform-provider-okta_v4.0.0: plugin address: address=/var/folders/7c/092rkjpx74bf48cyb8_hf0ym0000gn/T/plugin2433703256 network=unix timestamp=2023-06-07T23:02:46.443-0700 | |
| 2023-06-07T23:02:46.468-0700 [WARN] ValidateProviderConfig from "provider[\"registry.terraform.io/okta/okta\"]" changed the config value, but that value is unused | |
| 2023-06-07T23:02:46.469-0700 [INFO] provider.terraform-provider-okta_v4.0.0: 2023/06/07 23:02:46 [INFO] Initializing Okta client: timestamp=2023-06-07T23:02:46.468-0700 | |
| 2023-06-07T23:02:46.469-0700 [DEBUG] provider.terraform-provider-okta_v4.0.0: 2023/06/07 11:02:46 [INFO] running with backoff http client, wait min 30000000000, wait max 300000000000, retry max 5 | |
| 2023-06-07T23:02:46.469-0700 [DEBUG] provider.terraform-provider-okta_v4.0.0: 2023/06/07 11:02:46 [DEBUG] performing request: method=GET url=https://first-classic.okta.com/api/v1/users/me | |
| 2023-06-07T23:02:46.469-0700 [INFO] provider.terraform-provider-okta_v4.0.0: 2023/06/07 23:02:46 [DEBUG] Okta API Request Details: | |
| ---[ REQUEST ]--------------------------------------- | |
| GET /api/v1/users/me HTTP/1.1 | |
| Host: first-classic.okta.com | |
| User-Agent: okta-sdk-golang/2.17.0 golang/go1.20.3 darwin/amd64 okta-terraform/4.0.0 | |
| Accept: application/json | |
| Authorization: SSWS <hidden> | |
| Accept-Encoding: gzip | |
| -----------------------------------------------------: timestamp=2023-06-07T23:02:46.469-0700 | |
| 2023-06-07T23:02:46.739-0700 [INFO] provider.terraform-provider-okta_v4.0.0: 2023/06/07 23:02:46 [DEBUG] Okta API Response Details: | |
| ---[ RESPONSE ]-------------------------------------- | |
| HTTP/2.0 200 OK | |
| Cache-Control: no-cache, no-store | |
| Content-Security-Policy: frame-ancestors 'self'; report-uri https://oktacsp.report-uri.com/r/t/csp/enforce; report-to csp | |
| Content-Type: application/json | |
| Date: Thu, 08 Jun 2023 06:02:46 GMT | |
| Expires: 0 | |
| P3p: CP="HONK" | |
| Pragma: no-cache | |
| Public-Key-Pins-Report-Only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" | |
| Report-To: {"group":"csp","max_age":31536000,"endpoints":[{"url":"https://oktacsp.report-uri.com/a/t/g"}],"include_subdomains":true} | |
| Server: nginx | |
| Set-Cookie: sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ | |
| Set-Cookie: autolaunch_triggered=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ | |
| Set-Cookie: JSESSIONID=503EE5AA28D7DC3D00ED75E6BFF6A86E; Path=/; Secure; HttpOnly | |
| Strict-Transport-Security: max-age=315360000; includeSubDomains | |
| Vary: Accept-Encoding | |
| X-Content-Type-Options: nosniff | |
| X-Okta-Request-Id: ZIFvBhhN4aabfApWNiEnmgAACFo | |
| X-Rate-Limit-Limit: 500 | |
| X-Rate-Limit-Remaining: 498 | |
| X-Rate-Limit-Reset: 1686204222 | |
| X-Xss-Protection: 0 | |
| { | |
| "id": "00u51vi328LLDPbrM697", | |
| "status": "ACTIVE", | |
| "created": "2023-04-19T16:46:48.000Z", | |
| "activated": null, | |
| "statusChanged": "2023-04-19T19:15:55.000Z", | |
| "lastLogin": "2023-06-07T16:32:09.000Z", | |
| "lastUpdated": "2023-04-19T19:15:56.000Z", | |
| "passwordChanged": "2023-04-19T19:15:55.000Z", | |
| "type": { | |
| "id": "oty51vi2zbJ1WvShy697" | |
| }, | |
| "profile": { | |
| "firstName": "First", | |
| "lastName": "Last", | |
| "mobilePhone": null, | |
| "secondEmail": null, | |
| "login": "[email protected]", | |
| "email": "[email protected]" | |
| }, | |
| "credentials": { | |
| "password": {}, | |
| "recovery_question": { | |
| "question": "What is the food you least liked as a child?" | |
| }, | |
| "provider": { | |
| "type": "OKTA", | |
| "name": "OKTA" | |
| } | |
| }, | |
| "_links": { | |
| "suspend": { | |
| "href": "https://first-classic.okta.com/api/v1/users/00u51vi328LLDPbrM697/lifecycle/suspend", | |
| "method": "POST" | |
| }, | |
| "schema": { | |
| "href": "https://first-classic.okta.com/api/v1/meta/schemas/user/osc51vi2zbJ1WvShy697" | |
| }, | |
| "resetPassword": { | |
| "href": "https://first-classic.okta.com/api/v1/users/00u51vi328LLDPbrM697/lifecycle/reset_password", | |
| "method": "POST" | |
| }, | |
| "forgotPassword": { | |
| "href": "https://first-classic.okta.com/api/v1/users/00u51vi328LLDPbrM697/credentials/forgot_password", | |
| "method": "POST" | |
| }, | |
| "expirePassword": { | |
| "href": "https://first-classic.okta.com/api/v1/users/00u51vi328LLDPbrM697/lifecycle/expire_password", | |
| "method": "POST" | |
| }, | |
| "changeRecoveryQuestion": { | |
| "href": "https://first-classic.okta.com/api/v1/users/00u51vi328LLDPbrM697/credentials/change_recovery_question", | |
| "method": "POST" | |
| }, | |
| "self": { | |
| "href": "https://first-classic.okta.com/api/v1/users/00u51vi328LLDPbrM697" | |
| }, | |
| "resetFactors": { | |
| "href": "https://first-classic.okta.com/api/v1/users/00u51vi328LLDPbrM697/lifecycle/reset_factors", | |
| "method": "POST" | |
| }, | |
| "type": { | |
| "href": "https://first-classic.okta.com/api/v1/meta/types/user/oty51vi2zbJ1WvShy697" | |
| }, | |
| "changePassword": { | |
| "href": "https://first-classic.okta.com/api/v1/users/00u51vi328LLDPbrM697/credentials/change_password", | |
| "method": "POST" | |
| }, | |
| "deactivate": { | |
| "href": "https://first-classic.okta.com/api/v1/users/00u51vi328LLDPbrM697/lifecycle/deactivate", | |
| "method": "POST" | |
| } | |
| } | |
| } | |
| -----------------------------------------------------: timestamp=2023-06-07T23:02:46.739-0700 | |
| 2023-06-07T23:02:46.739-0700 [DEBUG] provider.terraform-provider-okta_v4.0.0: 2023/06/07 11:02:46 [INFO] running with backoff http client, wait min 30000000000, wait max 300000000000, retry max 5 | |
| 2023-06-07T23:02:46.748-0700 [WARN] Provider "registry.terraform.io/okta/okta" produced an invalid plan for okta_app_oauth.my_applicationName, but we are tolerating it because it is using the legacy plugin SDK. | |
| The following problems may be the cause of any confusing errors from downstream operations: | |
| - .user_name_template: planned value cty.StringVal("${source.login}") for a non-computed attribute | |
| - .omit_secret: planned value cty.False for a non-computed attribute | |
| - .status: planned value cty.StringVal("ACTIVE") for a non-computed attribute | |
| - .auto_submit_toolbar: planned value cty.False for a non-computed attribute | |
| - .accessibility_self_service: planned value cty.False for a non-computed attribute | |
| - .wildcard_redirect: planned value cty.StringVal("DISABLED") for a non-computed attribute | |
| - .user_name_template_type: planned value cty.StringVal("BUILT_IN") for a non-computed attribute | |
| okta_app_oauth.my_applicationName: Creating... | |
| 2023-06-07T23:02:46.748-0700 [INFO] Starting apply for okta_app_oauth.my_applicationName | |
| 2023-06-07T23:02:46.748-0700 [DEBUG] okta_app_oauth.my_applicationName: applying the planned Create change | |
| 2023-06-07T23:02:46.750-0700 [DEBUG] provider.terraform-provider-okta_v4.0.0: 2023/06/07 11:02:46 [DEBUG] performing request: method=POST url=https://first-classic.okta.com/api/v1/apps?activate=true | |
| 2023-06-07T23:02:46.750-0700 [INFO] provider.terraform-provider-okta_v4.0.0: 2023/06/07 23:02:46 [DEBUG] Okta API Request Details: | |
| ---[ REQUEST ]--------------------------------------- | |
| POST /api/v1/apps?activate=true HTTP/1.1 | |
| Host: first-classic.okta.com | |
| User-Agent: okta-sdk-golang/2.17.0 golang/go1.20.3 darwin/amd64 okta-terraform/4.0.0 | |
| Content-Length: 1184 | |
| Accept: application/json | |
| Authorization: SSWS <hidden> | |
| Content-Type: application/json | |
| Accept-Encoding: gzip | |
| { | |
| "accessibility": { | |
| "selfService": false | |
| }, | |
| "credentials": { | |
| "userNameTemplate": { | |
| "template": "${source.login}", | |
| "type": "BUILT_IN" | |
| }, | |
| "oauthClient": { | |
| "autoKeyRotation": true, | |
| "pkce_required": true, | |
| "token_endpoint_auth_method": "none" | |
| } | |
| }, | |
| "label": "r", | |
| "name": "oidc_client", | |
| "settings": { | |
| "app": {}, | |
| "implicitAssignment": false, | |
| "notes": { | |
| "admin": null, | |
| "enduser": null | |
| }, | |
| "oauthClient": { | |
| "application_type": "native", | |
| "consent_method": "REQUIRED", | |
| "grant_types": [ | |
| "authorization_code", | |
| "refresh_token" | |
| ], | |
| "idp_initiated_login": { | |
| "default_scope": [], | |
| "mode": "DISABLED" | |
| }, | |
| "issuer_mode": "DYNAMIC", | |
| "post_logout_redirect_uris": [ | |
| "http://127.0.0.1:9342/logout", | |
| "http://127.0.0.1:45978/logout", | |
| "http://127.0.0.1:8176/logout", | |
| "http://127.0.0.1:18499/logout", | |
| "http://127.0.0.1:27367/logout" | |
| ], | |
| "redirect_uris": [ | |
| "com.oktapreview.domain:/callback", | |
| "http://127.0.0.1:8176/session", | |
| "http://127.0.0.1:9342/session", | |
| "http://127.0.0.1:18499/session", | |
| "http://127.0.0.1:27367/session", | |
| "http://127.0.0.1:45978/session" | |
| ], | |
| "refresh_token": { | |
| "leeway": null, | |
| "rotation_type": "ROTATE" | |
| }, | |
| "response_types": [ | |
| "code" | |
| ], | |
| "wildcard_redirect": "DISABLED" | |
| } | |
| }, | |
| "signOnMode": "OPENID_CONNECT", | |
| "visibility": { | |
| "autoSubmitToolbar": false, | |
| "hide": { | |
| "iOS": true, | |
| "web": true | |
| } | |
| } | |
| } | |
| -----------------------------------------------------: timestamp=2023-06-07T23:02:46.750-0700 | |
| 2023-06-07T23:02:47.520-0700 [INFO] provider.terraform-provider-okta_v4.0.0: 2023/06/07 23:02:47 [DEBUG] Okta API Response Details: | |
| ---[ RESPONSE ]-------------------------------------- | |
| HTTP/2.0 400 Bad Request | |
| Connection: close | |
| Cache-Control: no-cache, no-store | |
| Content-Security-Policy: default-src 'self' first-classic.okta.com *.oktacdn.com; connect-src 'self' first-classic.okta.com first-classic-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com first-classic.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' first-classic.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' first-classic.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' first-classic.okta.com first-classic-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' first-classic.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' first-classic.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' | |
| Content-Type: application/json | |
| Date: Thu, 08 Jun 2023 06:02:47 GMT | |
| Expires: 0 | |
| P3p: CP="HONK" | |
| Pragma: no-cache | |
| Public-Key-Pins-Report-Only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" | |
| Server: nginx | |
| Set-Cookie: sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ | |
| Set-Cookie: autolaunch_triggered=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ | |
| Set-Cookie: JSESSIONID=774F0B47547F8EC4AE2F3363C4507B3F; Path=/; Secure; HttpOnly | |
| Strict-Transport-Security: max-age=315360000; includeSubDomains | |
| X-Content-Type-Options: nosniff | |
| X-Okta-Request-Id: ZIFvBqivxotkiWSbT5TrGgAACDE | |
| X-Rate-Limit-Limit: 50 | |
| X-Rate-Limit-Remaining: 48 | |
| X-Rate-Limit-Reset: 1686204187 | |
| X-Xss-Protection: 0 | |
| { | |
| "errorCode": "E0000001", | |
| "errorSummary": "Api validation failed: App Instance", | |
| "errorLink": "E0000001", | |
| "errorId": "oaeAkk07uFiRTWUlzAquH5W2g", | |
| "errorCauses": [ | |
| { | |
| "errorSummary": "''leeway'' is required." | |
| } | |
| ] | |
| } | |
| -----------------------------------------------------: timestamp=2023-06-07T23:02:47.519-0700 | |
| 2023-06-07T23:02:47.520-0700 [ERROR] provider.terraform-provider-okta_v4.0.0: Response contains error diagnostic: @caller=github.com/hashicorp/[email protected]/tfprotov5/internal/diag/diagnostics.go:55 @module=sdk.proto tf_provider_addr=provider diagnostic_detail= diagnostic_severity=ERROR diagnostic_summary="failed to create OAuth application: the API returned an error: Api validation failed: App Instance. Causes: errorSummary: ''leeway'' is required." tf_proto_version=5.3 tf_req_id=de4968c9-4564-0f1f-1792-a4d09d889bd6 tf_resource_type=okta_app_oauth tf_rpc=ApplyResourceChange timestamp=2023-06-07T23:02:47.520-0700 | |
| 2023-06-07T23:02:47.543-0700 [ERROR] vertex "okta_app_oauth.my_applicationName" error: failed to create OAuth application: the API returned an error: Api validation failed: App Instance. Causes: errorSummary: ''leeway'' is required. | |
| ╷ | |
| │ Error: failed to create OAuth application: the API returned an error: Api validation failed: App Instance. Causes: errorSummary: ''leeway'' is required. | |
| │ | |
| │ with okta_app_oauth.my_applicationName, | |
| │ on main.tf line 111, in resource "okta_app_oauth" "my_applicationName": | |
| │ 111: resource "okta_app_oauth" "my_applicationName" { | |
| │ | |
| ╵ | |
| 2023-06-07T23:02:47.570-0700 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF" | |
| 2023-06-07T23:02:47.571-0700 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/okta/okta/4.0.0/darwin_amd64/terraform-provider-okta_v4.0.0 pid=6266 | |
| 2023-06-07T23:02:47.572-0700 [DEBUG] provider: plugin exited |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment