Update Password Rule API

alexgodfrey · June 26, 2020, 9:55pm

When I use the web interface to update the list of users that are excluded from requiring to use MFA when logging into their accounts I am able to to a GET on this end point: {{url}}/api/v1/policies/{{policyid}}/rules and I can see in the request JSON response the IDs of the users that were added to the rule that we have set up requiring MFA on login. Their data looks like this:
“conditions”: {
“people”: {
“users”: {
“exclude”: [
“userid1”,
“userid2”
]
}

Now I want to be able to use this end point:PUT {{url}}/api/v1/policies/{{policyid}}/rules/{{ruleid}}. According to documentation I shoudl be able to pass in similar parameters as listed above to modify the users that are to be excluded from the rule. I pass in:

“conditions”: {
“people”: {
“users”: {
“exclude”: []
}
}

This should in theory clear the list of those excluded from the MFA rule. When I execute the PUT I get a 200 OK response but noting updates on the rule.

Is there something that i am missing?

dragos · June 29, 2020, 5:14am

Hi @alexgodfrey

Can you please provide the full body of the request sent to Okta?

alexgodfrey · June 29, 2020, 4:16pm

@dragos I went today to put the full body of the request into the thread but noticed that when I do the PUT I don’t get a 200 response code any more. Maybe I wasn’t ever… I am getting a 302 redirect and then it does a GET instead. The GET then returns the same JSON object as the GET on the {{url}}/api/v1/policies/{{policyid}}/rules endpoint. Not sure if the JSON body of the requests would help as much at this point?..