mirrors/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel synced 2024-11-22 08:49:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs: add migrate idp docs (#6181)

Browse Source 
* docs: add migrate idp docs

* docs: apply suggestions from code review

Co-authored-by: Fabi <fabienne@zitadel.com>

* docs: apply suggestions from code review

* Update docs/docs/guides/integrate/identity-providers/migrate.mdx

* Update docs/docs/guides/integrate/identity-providers/migrate.mdx

---------

Co-authored-by: Fabi <fabienne@zitadel.com>
This commit is contained in:
Stefan Benz 2023-07-12 15:57:38 +02:00 committed by GitHub
parent 78eae6f62b
commit 036bb33cb8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 49 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
docs/docs/guides/integrate/identity-providers/migrate.mdx Normal file
View File

@ -0,0 +1,48 @@
---
title: Migrate from Generic Provider to specific Identity Provider
sidebar_label: Migrate IDP
---
## Migrate Generic OIDC Provider
You can migrate from a generic OIDC provider to the following supported templates:
- AzureAD
- Google
To migrate, you either use the [Migrate Generic OIDC Identity Provider (Instance)](/docs/apis/resources/admin/admin-service-migrate-generic-oidc-provider#migrate-generic-oidc-identity-provider) or [Migrate Generic OIDC Identity Provider (Organization)](/docs/apis/resources/mgmt/management-service-migrate-generic-oidc-provider#migrate-generic-oidc-identity-provider) API request.
These calls change the type of the provider and don't delete any linked users.
:::note Linked users will not notice the change and be able to login as usual.
:::
### Google Configuration
The available configuration is described in [Google Configuration](./google).
### AzureAD Configuration
The available configuration is described in [AzureAD Configuration](./azure-ad).
## Migrate with Terraform
Please note that you only have to perform this migration if you already have an existing IDP with linked users, that should not loose the connection to the provider.
If that isn't your case please just add a new provider from scratch.
To migrate to a specific provider, you need to follow a few essential steps:
1. Create a desired IDP as Terraform resource for example [Google](https://registry.terraform.io/providers/zitadel/zitadel/latest/docs/resources/idp_google).
2. Make the corresponding API call to [migrate the IDP](./migrate#google-configuration), save the ID of the IDP for the import
3. Before applying the Terraform resources again, import the new IDP resource.
```bash
#resource "zitadel_idp_google" "google" {
# name = "Google"
# client_id = "182902..."
# client_secret = "GOCSPX-*****"
# scopes = ["openid", "profile", "email"]
# is_linking_allowed = false
# is_creation_allowed = true
# is_auto_creation = false
# is_auto_update = true
#}
# terraform import zitadel_idp_google.*resource_name* *id*:*client_secret*
terraform import zitadel_idp_google.google 222302827723096428:GOCSPX-*****
You have now migrated your provider and you should be able to apply the resource again. There should be no changes and the IDP is maintained by Terraform again.

1
docs/sidebars.js
View File

@ -225,6 +225,7 @@ module.exports = {
"guides/integrate/identity-providers/gitlab",
"guides/integrate/identity-providers/ldap",
"guides/integrate/identity-providers/openldap",
"guides/integrate/identity-providers/migrate",
"guides/integrate/identity-providers/google-oidc",
"guides/integrate/identity-providers/azuread-oidc",
],