As per my project requirement I have finalized the user schema at Bravo realm (managed object) and now I need to map/promote that schema to different realm or to ForgeRock different cloud instance.
Please suggest how to do it quickly or if ForgeRock provides any mechanism to do that.
Hi Shiva,
For this example I am going to use two different tenant environments:
Tenant1 = https://openam-tenant1-use1-dev.id.forgerock.io/
Tenant1 = https://openam-tenant2-use1-dev.id.forgerock.io/
I want to move the Managed Object (bravo_user) schema to a different realm in this case (alpha_user), I would complete the following:
Prior to making changes I always recommend that you make a copy of your current managed.json:
**I like to put the tenant name, along with the date and time of when I pulled down the managed.json
Run the following command:
curl ‘https://openam-tenant1-use1-dev.id.forgerock.io/openidm/config/managed’
-H ‘authorization: Bearer ’
–compressed |jq >managed_tenant1dev_4242024 _1700 .json
Now that I have the managed.json down I would open managed_tenant1dev_4242024 _1700 .json using a text editor I would copy the entire (bravo_user) schema and properties:
Example:
**"name": "bravo_user",**
"notifications": {},
**"schema": {**
"$schema": "http://json-schema.org/draft-03/schema",
"icon": "fa-user",
"id": "urn:jsonschema:org:forgerock:openidm:managed:api:User",
"mat-icon": "people",
"order": [
"_id",
"userName",
"password",
"givenName",
"cn",
"sn",
If you are using a text editor like Atom, Visual Studio you can collapse the schema:
Copy this info a new file, then update all bravo and Bravo to alpha and Alpha making sure you match case as some as lowercase and some are uppercase.
Once you have updated the schema you would copy the entire section, go back to managed_tenant1dev_4242024 _1700 .json and overwrite the alpha schema with the new alpha schema you just updated:
Once this has been done save the file as a different name:
managed_tenant1dev_4242024_1700_Updated .json
Now all you need to do is push the file back to your tenant:
curl --request PUT ‘https://openam-tenant1-use1-dev.id.forgerock.io/openidm/config/managed’ --header ‘authorization: Bearer ’ --header ‘content-type: application/json’ -X PUT -d “@managed_tenant1dev_4242024_1700_Updated .json”
Note if pushing via terminal a successful PUT will show what looks like a bunch of garbled text but its just the file you are uploading. If blank this means it did not push:
Example, note this shows a provisioner update but more for context.
If successful you will see the changes in your tenant. If you broke your managed.json you can put the original one back using:
curl --request PUT ‘https://openam-tenant1-use1-dev.id.forgerock.io/openidm/config/managed’ --header ‘authorization: Bearer ’ --header ‘content-type: application/json’ -X PUT -d "@managed_tenant1dev_4242024_1700.json
This would be the same premise if you want to move the managed.json to another tenant. To do this as always run the following to get a copy of your other tenant:
curl ‘https://openam-tenant2-use1-dev.id.forgerock.io/openidm/config/managed’
-H ‘authorization: Bearer ’
–compressed |jq >managed_tenant2_4222024 _1800 .json
Once you have pulled down the managed.json and have a back up of your other tenant you can push tenant1’s managed json to tenant2:
curl --request PUT ‘https://openam-tenant2-use1-dev.id.forgerock.io/openidm/config/managed’ --header ‘authorization: Bearer ’ --header ‘content-type: application/json’ -X PUT -d “@managed_tenant1dev_4242024_1700_Updated .json”
This would push Tenant1’s managed.json up to Tenant2 and all of the changes can be observed in both tenants. Many customers do this when they use Sandboxes as well.
Same premise can be used for sync.json, provisioner files, etc.
Please let us know if this answers your questions and hope this helps.
Dan
1 Like