Okta API permission issue with terraform

Hi guys, I was trying to follow Okta youtube video https://www.youtube.com/watch?v=5_x0VmvjXmg to connect Terraform with Okta to manage users and groups. But I am getting a small error Error: failed to create group: the API returned an error: You do not have permission to perform the requested action .

Does anyone have any idea on how I can solve this issue ? I tried creating API Token on Okta but I cannot use App Client ID when I include it in the code base.

Code :

terraform {
 required_providers {
 okta = {
 source = "okta/okta"
    }
  }
}

provider "okta" {
 org_name = "xxxxxxxx"
 base_url = "oktapreview.com"
 client_id = "xxxxxxxx"
 scopes = ["okta.groups.manage", "okta.users.manage", "okta.policies.manage"]
 private_key = file("rsa.pem")
}

# Creating a group
resource "okta_group" "demo" {
 name = "Example"
 description = "My Example Group"
}

Screenshot 2024-01-29 at 11.05.02 am1044×270 23.4 KB

Hi, can you do the following

1. Can you test this endpoint in postman and check if this is a permission issue or terraform issue
2. Run it using “TF_LOG=DEBUG terraform apply” and then provide us the logs that you are receiving, so that we can understand better what is happening behind the scene.

Hi, I used postman to create a group with the same endpoint but I had to create API key from Admin UI to make the request successful.

Here is my log for the error

Screenshot 2024-01-30 at 9.25.51 am1920×745 186 KB

Screenshot 2024-01-30 at 9.27.36 am1920×745 171 KB

Are you calling any other resources before creating this group? You might need to use skip_rules if the API Token/Service app doesn’t have super admin level permissions.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.