Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

auth0_connection - Azure AD - Sync user profile attributes at each login Toggle not getting enabled #83

Closed
Viru82 opened this issue Mar 9, 2022 · 2 comments
Closed

auth0_connection - Azure AD - Sync user profile attributes at each login Toggle not getting enabled #83

Viru82 opened this issue Mar 9, 2022 · 2 comments
Labels
🪲 bug Something isn't working

Comments

@Viru82
Copy link

Viru82 commented Mar 9, 2022

Describe the problem

When creating auth0_connection with strategy waad (Azure AD) and passing Sync user profile attributes at each login attribute to option, doesn't enable the Toggle on the Azure AD Settings (Authentication -> Enterprise -> Microsoft Azure AD -> Name of the connection -> Settings -> Advanced -> Sync user profile attributes at each login)
Until we manually set "Sync user profile attributes at each login" toggle ON.

Affected Resource(s)

auth0_connection

What was the expected behavior?

Sync user profile attributes at each login toggle should be enabled (Authentication -> Enterprise -> Microsoft Azure AD -> Name of the connection -> Settings -> Advanced -> Sync user profile attributes at each login)

Reproduction

Trying to configure the Azure AD connection using following block, which create the resource, but Sync user profile attributes at each login toggle not ON

resource "auth0_connection" "azure_ad" {
name = "XYZ"
strategy = "waad"
options {
tenant_domain = "example.com"
domain = "example.com"
client_id = xxxxxx
client_secret = xxxxxxx
set_user_root_attributes = "on_each_login"
should_trust_email_verified_connection = "never_set_emails_as_verified"
}
}
image

Environment

auth0 = {
  source  = "alexkappa/auth0"
  version = "~> 0.25"
}
@Viru82 Viru82 added the 🪲 bug Something isn't working label Mar 9, 2022
@sergiught
Copy link
Contributor

Hey @Viru82, appreciate you opening this issue. This is caused by the weird behavior the API has. In order to enable the sync user profile attributes with the email verification we need to ensure the set_user_root_attributes = "on_each_login" is not set in the terraform config. e.g.

resource "auth0_connection" "azure_ad" {
name = "XYZ"
strategy = "waad"
options {
  tenant_domain = "example.com"
  domain = "example.com"
  client_id = xxxxxx
  client_secret = xxxxxxx
  should_trust_email_verified_connection = "never_set_emails_as_verified"
  }
}

This will activate it automatically.

Closing this down because of this but if you encounter issues with the workaround please feel free to reopen.

@ad8lmondy ad8lmondy mentioned this issue Aug 15, 2022
Closed
5 tasks
@deBFM
Copy link

deBFM commented Mar 22, 2023

The documentation for set_user_root_attributes still states that on_each_login is a valid value for set_user_root_attributes.

@sergiught
I am fine with the workaround, but I suggest that the documentation will be updated, so others don`t fall into the same trap.

@sergiught sergiught mentioned this issue May 25, 2023
Merged
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
🪲 bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Viru82 @deBFM @sergiught