Super api keys do not work unless they are resaved in the ui

[lingwooc]

I'm not sure if this is an issue with this project or just fusionauth itself. This is with provider 0.1.67 and fusionauth 1.36.0.

If you create an api key like this:

resource "fusionauth_api_key" "key_name" {
  description = "some description"
  key         = xxxxxxxxxx
}

You will get an api key that does not work and always gives a 401. The fusionauth documentation suggests "An Empty permissions object mean that this is a super key that authorizes this key for all the endpoints." https://fusionauth.io/docs/v1/tech/apis/api-keys#create-an-api-key

If you request the api key using the api:

{
    "apiKey": {
        "id": "xxxxxxxxxxxxxxxx
        "insertInstant": 1000000000,
        "key": "xxxxxxxxxxxx",
        "keyManager": false,
        "lastUpdateInstant": 1000000000,
        "metaData": {
            "attributes": {
                "description": "xxxxxxxxxx"
            }
        },
        "permissions": {}
    }
}

The problem is the existance of the "permissions": {} key. If you edit the api key in the front end and resave (no changes) the "permissions": {} part disappears and the api key starts working.

Also the documentation is a bit mangled after about here permissions_endpoints
https://registry.terraform.io/providers/gpsinsight/fusionauth/latest/docs/resources/api_key

[lingwooc]

I think this is an issue from the fusion go client. I've added a bit more detail in the fusion-issues issue. In any case the documentation needs fettling, the notes in the source are closer to reality.

[Aaron-Ritter]

This issue is still valid with 0.1.103 in combination with fusionauth 1.49.2. I experience the exact same problem every time applying.