OIDC Dynamic Clients – Migrating client

Edit online

If a dynamic client needs to be used in a cluster-less architecture it needs to be migrated.

To understand the cluster-less architecture, see Federation Specific Configuration.
Note: This step must be performed only if the appliance is being upgraded from an older version of IBM® Verify Identity Access. Fresh installation works without modifications.

Migrating a Single Dynamic Client

The following example is a request to migrate a specific dynamic client called myClient.

The input required for this is definitionName and the definitionId of the API definition. This can be retrieved from the LMI. 
POST_DATA='{"definitionName":"myDefinition","definitionId": 1}'

curl https://myisam.com/iam/access/v8/dynamic_client_migration/myClient -d "$POST_DATA" -H "Accept: 
application/json" -H "Authorization: Basic lmilogincredentials" -H "Content-type: application/json"

HTTP/1.1 204 OK

Migrating all Dynamic Clients that belong to an API Protection Definition

The following example is a request to migrate all dynamic client that belong to a specific API Protection Definition in this case myDefinition.

The input required for this is definitionName and the definitionId of the API definition. This can be retrieved from the Local Management Interface. 
POST_DATA='{"definitionName":"myDefinition","definitionId": 1}'

curl https://myisam.com/iam/access/v8/dynamic_client_migration -d "$POST_DATA" -H "Accept: 
application/json" -H "Authorization: Basic lmilogincredentials" -H "Content-type: application/json"

HTTP/1.1 200 OK
Content-Type: application/json

{"totalSuccess":100,"totalFailed":0,"totalUpdated":100}