connection property set_user_root_attributes 'on_each_login' doesn't reflect in tenant

[PrestonR]

Checklist

• I have looked into the README and have not found a suitable solution or answer.
• I have looked into the documentation and have not found a suitable solution or answer.
• I have searched the issues and have not found a suitable solution or answer.
• I have upgraded to the latest version of this provider and the issue still persists.
• I have searched the Auth0 Community forums and have not found a suitable solution or answer.
• I agree to the terms within the Auth0 Code of Conduct.

Description

When I set set_user_root_attributes to on_each_login I do not see the setting toggled in the Auth0 connection.

Expectation

I would expect to see the setting toggled in the tenant.

Reproduction

1. Given the following resource block (filling in the appropriate variables and references as necessary):

resource "auth0_connection" "azure_ad" {
  name           = substr(replace(replace(var.display_name, " ", ""), "_", "-"), 0, min(length(var.display_name), 128))
  display_name   = ""
  strategy       = "waad"
  show_as_button = true

  options {
    identity_api             = "microsoft-identity-platform-v2.0"
    client_id                = azuread_application.app.application_id
    client_secret            = azuread_application_password.app_pw.value
    tenant_domain            = var.aad_domain
    domain                   = var.aad_domain
    use_wsfed                = false
    waad_protocol            = "openid-connect"
    waad_common_endpoint     = false
    max_groups_to_retrieve   = 250
    api_enable_users         = true
    set_user_root_attributes = "on_each_login"
    non_persistent_attrs     = ["ethnicity", "gender"]

    should_trust_email_verified_connection = "always_set_emails_as_verified"

    domain_aliases = [
      "example.com",
      "example2.com",
    ]

    scopes = [
      "basic_profile",
      "ext_groups",
      "ext_profile",
    ]

    upstream_params = jsonencode({
      "screen_name" : {
        "alias" : "login_hint"
      }
    })
  }
}

2. When I deploy the resource block, all settings should look as defined for the connection.
3. Then I check the connection in the Auth0 portal, "Sync user profile attributes at each login" is untoggled

Auth0 Terraform Provider version

0.47.0

Terraform version

1.45

Additional notes

For what it's worth, I also tried not specifying the property so that it would set the default to on_each_login but it looks like it just sets the value to an empty string.

[sergiught]

Hey folks, we just released https://github.com/auth0/terraform-provider-auth0/releases/tag/v0.48.0 with a fix for this. Please check it out and let us know if you encounter any issues!

[spawluk-zartis]

Hey @sergiught. After that fix, Microsoft AD tenant works ok, but Google Workspace tenant switches set_user_root_attributes off on UI, even if set_user_root_attributes = "on_each_login" is set

[sergiught]

Hey @spawluk-zartis 👋🏻 , thanks for raising this with us. Just so I'm understanding correctly, before the fix for Microsoft AD Connections you were able to manage the set_user_root_attributes property for Google Workspace Connections and after you're not any longer?

[spawluk-zartis]

@sergiught yes. This is the behavior I observed after updating from 0.47.0 to 0.48.0

[sergiught]

Alright we'll look into it 👍🏻

[sergiught]

Hey folks, we fixed this across various other enterprise connections in https://github.com/auth0/terraform-provider-auth0/releases/tag/v0.49.0. Try it out and let us know if you encounter any other issues.