Payload Too Large Error from the Management API

Problem statement

While updating a connection with a new secret, the attempts result in a 500 error from the Dashboard and a 413 Payload Too Large error from the Management API.

Due to the payload size, the connection has many enabled applications and can’t be updated further.

Cause

The payload has a size limit of 1 MB for all management APIs. Any API call that sends above this limit will throw this error.

Solution

For patching the connection’s secret, sending the options object as the request body is sufficient with the Update a Connection management API.

The client list is set with enabled_clients, but patching the client secret isn’t necessary and can be removed from the payload.

E.g.

{
    "options": {
      "type": "back_channel",
      "scope": "openid profile email",
      "issuer": "https://redacted/"",
      "jwks_uri": "https://redacted/.well-known/jwks.json"",
      "client_id": "redacted",
      "client_secret": "NEW-CLIENT-SECRET",
      "discovery_url": "https://redacted/.well-known/openid-configuration"",
      "domain_aliases": [
        "acme.com"
      ],
      "token_endpoint": "https://redacted/oauth/token"",
      "userinfo_endpoint": "https://redacted/userinfo"",
      "authorization_endpoint": "https://redacted/authorize""
    }
  }