migrate-users-to-identity-provider¶

Description¶

Allow existing users to be associated with a different identity provider connector. It is required that the identity provider user ID for each user be the same in both identity providers. This is expected to be used for migration from LDAP authentication to SAML authentication for the same physical IdP. A new SAML connector would be created in CDP, integrated with the same IdP as the original LDAP connector. First the LDAP mapping would be set to use the planned SAML name id mapping. Then this method can switch users created via LDAP login to be associated with the SAML connector and enable SAML authentication instead of LDAP authentication.

Synopsis¶

  migrate-users-to-identity-provider
--original-provider-name <value>
--new-provider-name <value>
[--cli-input-json <value>]
[--generate-cli-skeleton]

Options¶

--original-provider-name (string)

The name or CRN of the original IdP provider to migrate from.

--new-provider-name (string)

The name or CRN of the new IdP provider to migrate to.

--cli-input-json (string)

Performs service operation based on the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, the CLI values will override the JSON-provided values.

--generate-cli-skeleton (boolean)

Prints a sample input JSON to standard output. Note the specified operation is not run if this argument is specified. The sample input can be used as an argument for --cli-input-json.

Output¶

numberOfUpdatedUsers -> (integer)

The number of users that were migrated from the old IdP to the new one.

Form Factors¶

private