Auth0 Home Blog Docs

"Update a Connection" Management API results in 409 error

management-api
update-a-connection

#1

I’m trying to use the Management API to update the “Client Secret” on my Azure AD connections as part of a key rollover automation process, however it throws a 409 error as if I am trying to Create a new connection of the same name??? As the API documentation suggests, I submit the JSON request with the full set of Options since they will all be overwritten.

Invoke-RestMethod : {“statusCode”:409,“error”:“Conflict”,“message”:“A connection with the same name already exists”,“errorCode”:“connection_conflict”}

JSON Request Example:

https://mydomain.auth0.com/api/v2/connections?id=myconnectionid
{
“name”: “my-connectionname-com”,
“strategy”: “waad”,
“options”: {
“domain_aliases”: “my.domain.com”,
“tenant_domain”: “my.domain.com”,
“strategy”: “waad”,
“basic_profile”: true,
“ext_profile”: true,
“ext_groups”: true,
“api_enable_users”: true,
“global”: true,
“app_id”: “https://my.domain.com”,
“useCommonEndpoint”: false,
“use_wsfed”: false,
“app_domain”: “mydomain.auth0.com”,
“granted”: true,
“tenantid”: “",
“client_id”: "
",
“client_secret”: "
",
“thumbprints”:
"
******************”,
"********"
]
},
“enabled_clients”:
"
"
],
“is_domain_connection”: false
}


#2

To update the client_secret on your Azure AD connection, you can use the [PATCH /api/v2/connections/{id}] (https://auth0.com/docs/api/management/v2#!/Connections/patch_connections_by_id) enpoint and specify only the options(since the client_secret will be inside) and leaving out all the other attributes (like the name and strategy root attributes in your example).

The cURL command for this request would be something like:

curl -H "Authorization: Bearer {YOUR_MANAGMENT_API_TOKEN}" -X PATCH  -H "Content-Type: application/json" -d '{"options":{"strategy":"waad","client_id":"{YOUR_AZURE_CLIENT_ID}","client_secret":"{YOUR_NEW_AZURE_CLIENT_SECRET}", {THE REMAINING OPTIONS FOR THE CONNECTION} }' "https://{YOUR_AUTH0_DOMAIN}/api/v2/connections/{YOUR_CONNECTION_ID}"

#3

Since I’m using Powershell rather than CURL, do you happen to know how to instruct it to use the PATCH endpoint ?

Invoke-RestMethod -Method Post -Uri $uri -Headers $authHeader -Body $jsonbody


#4

I see now that I should be able to just change the -Method to “PATCH” … I’ve done that but still working thru a 404 error now with that method in place

Invoke-RestMethod -Method PATCH …


#5

I got this to work with the PATCH method. Thank you for the tip