diff --git a/okta/data_source_okta_authenticator.go b/okta/data_source_okta_authenticator.go index 13abcb8c1..4062fd8a5 100644 --- a/okta/data_source_okta_authenticator.go +++ b/okta/data_source_okta_authenticator.go @@ -150,11 +150,19 @@ func findAuthenticator(ctx context.Context, m interface{}, name, key string) (*s return nil, err } for _, authenticator := range authenticators { - if authenticator.Name == name { - return authenticator, nil - } - if authenticator.Key == key { - return authenticator, nil + if key != "custom_otp" { + if authenticator.Name == name { + return authenticator, nil + } + if authenticator.Key == key { + return authenticator, nil + } + } else { + if authenticator.Name == name && authenticator.Key == key { + return authenticator, nil + } else { + return nil, fmt.Errorf("authenticator with name '%s' and/or key '%s' does not exist", name, key) + } } } if key != "" { diff --git a/okta/resource_okta_authenticator.go b/okta/resource_okta_authenticator.go index 71864f103..2d09a00b6 100644 --- a/okta/resource_okta_authenticator.go +++ b/okta/resource_okta_authenticator.go @@ -157,7 +157,7 @@ func resourceAuthenticatorCreate(ctx context.Context, d *schema.ResourceData, m var err error // soft create if the authenticator already exists - authenticator, _ := findAuthenticator(ctx, m, "", d.Get("key").(string)) + authenticator, _ := findAuthenticator(ctx, m, d.Get("name").(string), d.Get("key").(string)) if authenticator == nil { // otherwise hard create authenticator, err = buildAuthenticator(d) diff --git a/okta/resource_okta_authenticator_test.go b/okta/resource_okta_authenticator_test.go index 39e052f19..96d6b7840 100644 --- a/okta/resource_okta_authenticator_test.go +++ b/okta/resource_okta_authenticator_test.go @@ -21,8 +21,7 @@ func TestAccResourceOktaAuthenticatorOTP(t *testing.T) { "algorithm" : "HMacSHA256", "passCodeLength" : 6 }) - } -` + }` resourceName := fmt.Sprintf("%s.otp", authenticator) oktaResourceTest(t, resource.TestCase{