Defaults during creation cause provider to clear out values on subsequent updates

[reify-tanner-stirrat]

Checklist

• I have looked into the README and have not found a suitable solution or answer.
• I have looked into the documentation and have not found a suitable solution or answer.
• I have searched the issues and have not found a suitable solution or answer.
• I have upgraded to the latest version of this provider and the issue still persists.
• I have searched the Auth0 Community forums and have not found a suitable solution or answer.
• I agree to the terms within the Auth0 Code of Conduct.

Description

Here's a TF block:

resource "auth0_connection" "mycompany-sso-connection" {
  name     = "mycompany sso"
  strategy = "oidc"

  options {
    type = "back_channel"
    discovery_url  = "https://sso.mycompany.com/.well-known/openid-configuration"
    client_id      = "stuff"
    client_secret  = "other stuff"
    scopes         = ["openid", "profile", "email"]
    domain_aliases = ["mycompany.com"]
  }
}

And here's an associated diff:

  # auth0_connection.mycompany-sso-connection will be updated in-place
!   resource "auth0_connection" "mycompany-sso-connection" {
-       display_name         = "mycompany sso" -> null
        id                   = "con_jEVPxGQiKhZD33pu"
        name                 = "mycompany sso"
        # (6 unchanged attributes hidden)

!       options {
-           authorization_endpoint                 = "https://sso.mycompany.com/oauth2/v1/authorize" -> null
-           issuer                                 = "https://sso.mycompany.com" -> null
-           jwks_uri                               = "https://sso.mycompany.com/oauth2/v1/keys" -> null
            name                                   = ""
-           token_endpoint                         = "https://sso.mycompany.com/oauth2/v1/token" -> null
-           userinfo_endpoint                      = "https://sso.mycompany.com/oauth2/v1/userinfo" -> null
            # (66 unchanged attributes hidden)
        }
    }

My understanding of what happened here is this:

1. We created the resource in the previous application to the one above. The API backend used the value of the name field as the default for the display_name field, and then read the openid-configuration endpoint to populate the provided endpoints. Note that our terraform block doesn't specify any of these fields.
2. On a subsequent (unrelated) apply, terraform noted that all of those fields were undefined in our connection declaration, and used that to conclude that all of the fields should be null.

Expectation

I'd expect that the provider wouldn't override fields that are defaults set by the management API. I'd expect that it somehow understands and accounts for the fact that some fields default off of others and doesn't undo work that was previously done.

I don't want to need to overspecify my terraform because of defaulting behavior.

Reproduction

A TF block like the one above should be sufficient provided that it's configured to point at a valid .well-known endpoint.

You'll need to run one apply to create the object, then run another plan to see the diff.

Auth0 Terraform Provider version

0.39.0

Terraform version

1.2.9

[sergiught]

Hey @reify-tanner-stirrat 👋🏻 Thanks for bringing this to our attention. A fix is available within #443 and it will ship in the upcoming release next week.

[sergiught]

Hey @reify-tanner-stirrat 👋🏻 this is now available in the latest release https://github.com/auth0/terraform-provider-auth0/releases/tag/v0.43.0. Please check it out and let us know if you encounter any issues.