Okta API permission issue with terraform

Hi guys, I was trying to follow Okta youtube video https://www.youtube.com/watch?v=5_x0VmvjXmg to connect Terraform with Okta to manage users and groups. But I am getting a small error Error: failed to create group: the API returned an error: You do not have permission to perform the requested action .

Does anyone have any idea on how I can solve this issue ? I tried creating API Token on Okta but I cannot use App Client ID when I include it in the code base.

Code :

terraform {
 required_providers {
 okta = {
 source = "okta/okta"
    }
  }
}

provider "okta" {
 org_name = "xxxxxxxx"
 base_url = "oktapreview.com"
 client_id = "xxxxxxxx"
 scopes = ["okta.groups.manage", "okta.users.manage", "okta.policies.manage"]
 private_key = file("rsa.pem")
}

# Creating a group
resource "okta_group" "demo" {
 name = "Example"
 description = "My Example Group"
}

Hi, can you do the following

  1. Can you test this endpoint in postman and check if this is a permission issue or terraform issue
  2. Run it using “TF_LOG=DEBUG terraform apply” and then provide us the logs that you are receiving, so that we can understand better what is happening behind the scene.

Hi, I used postman to create a group with the same endpoint but I had to create API key from Admin UI to make the request successful.

Here is my log for the error


Are you calling any other resources before creating this group? You might need to use skip_rules if the API Token/Service app doesn’t have super admin level permissions.

1 Like