[Custom administrator roles] Permission error from APIs where as HMI works fine

Hi !

Thanks to “Custom administrator roles” in early access, it allows me to work towards least privileges for some service accounts.
Working around that I found a bug :
With the “Role assignment” :

the “Group assignment” :

And the “Ressources” :

I can add or delete a user from a group thanks to the HMI, which is the wanted behavior.
But, from the API calls, it doesn’t work as i get the error : “You do not have permission to perform the requested action”
(for requests : PUT /api/v1/groups/ ${groupId}/users/${userId} and DELETE /api/v1/groups/ ${groupId}/users/${userId})

For sure, other API calls such as GET/api/v1/groups/ ${groupId} /users does work

Could you please enlighten me about this behavior ?

Thanks !

Hi there,

Could someone tell me more about this behavior please ?
Do you have the same problem ? Have I miss something ?

Please open a support case for assistance: How to Create a Support Case | Okta Help Center

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.