Best practice for initializing users as administrators | Okta client configuration
Hi everyone, I’m currently facing an issue where we can’t initialize the users that will be administrators of our application. Problem: The application that I’m working on uses Okta OIDC authentication and the issue that I’m facing is that can’t login into the application on the cloud environments because the client configuration doesn’t exist yet on the database. And to start setting that configuration up I need to be an administrator, but I can’t assign that User Role to my current user because I need to first go through the user provisioning logic that I have set up for that specific Client Configuration. Temporal Solution: I came up with a temporal solution where I created a module for setting up a temporal Administrator role to the anonymous user that requested it. For security measures I set the module to ask for a security key (password) and if the password matches the constant defined, the anonymous user is temporally granted the administrator role so that they can set up the initial Okta configuration. Question: So my question is, is there better practice to follow while having this issue, where you can’t set the initial administrators of an application by having a lack of permissions? (I don’t have access to the environments database by the way, as that is part of the private cloud that we are using)
There always is a superuser of the application, by default the MxAdmin user (name should be changed in a production environment of course). With this user you should be able to access the app and setup the intial config.