I’m working on a solution to allow users to assign roles created in AWS to groups in Okta using Terraform. The solution is fully functional for my needs with one rather thorny inconvenience: Okta will reject profiles containing unknown roles. This means that if someone adds a role to AWS, and then tries to assign this role to a group in Okta, they will not be able to do so until Okta is made aware of said role. This seems to happen in the admin console by sending a POST request to either of these two end-points:
/admin/org/app/download
/admin/app/amazon_aws/instance/<app_id>/settings/user-mgmt
I cannot seem to find an API to manage user-mgmt settings, or a way to invoke the Refresh Application Data function programatically. Is this functionality available outside of the console?