User15836716360434512978 (Customer) asked a question.
I'm using the "Update a Network Zone" API method (i.e.: PUT/api/v1/zones/${zoneId} as described here https://developer.okta.com/docs/reference/api/zones/*update-a-network-zone) to add and remove Gateways from the BlockedIpZone in my Okta tenant successfully... I can add an remove CIDRs and RANGES without an issue...
EXCEPT if the update operation involves removing the last Gateway (such as an /32 CIDR IP address).
I'm trying to do so buy setting
"gateway": null
in the request body of the PUT request to /api/v1/zones/${zoneId} (mimicking what I have seen as the value for the "gateway" key when I get the details of the BlockedIpZone through Zones API after manually deleting all the contents of the BlockedIpZone using the admin console,
but doing so returns the following API error:
{
"api_object": {
"errorCauses": [],
"errorCode": "E0000001",
"errorId": "oaejsGeHmYQRRKNqD2wNiT7XA",
"errorLink": "E0000001",
"errorSummary": "Api validation failed: Both gateways and proxies cannot be missing for the IP Zone."
},
....
"status_code": 400,
....
I have checked the documentation for this API method multiple times but I have not been able to find a way to empty the BlockedIpZone through the API without triggering this error.
Am I missing something here, please?
Thanks in advance for any advice
Hello @User15836716360434512978 (Customer) Thank you for reaching out to our community.
The error you are seeing is expected behavior, as the zone needs to have at least one IP. What you can do to get around that is to Delete the network zone it's self.
You need to use List zones first to get the Network zone ID then use that link and change from Get to DELETE.
Example: url <url>/api/v1/zones/nzoo6s03dLsg2I7HK0g3
Hope this helps!