Migrating account providers

This page describes how to enable users to use more than one provider to log into the same Arvados account. This can be used to migrate account providers, for example, from LDAP to Google. In order to do this, users must be able to log into both the “old” and “new” providers.

Configure multiple providers in SSO

In application.yml for the SSO server, enable both google_oauth2 and ldap providers:

production:
  google_oauth2_client_id: abcd
  google_oauth2_client_secret: abcd

  use_ldap:
    title: Example LDAP
    host: ldap.example.com
    port: 636
    method: ssl
    base: "ou=Users, dc=example, dc=com"
    uid: uid
    username: uid

Restart the SSO server after changing the configuration.

Link accounts

Instruct users to go through the process of linking accounts

After linking accounts, users can use the new provider to access their existing Arvados account.

Once all users have migrated, the old account provider can be removed from the SSO configuration.


Previous: Migrating users to federated accounts Next: Synchronizing external groups

The content of this documentation is licensed under the Creative Commons Attribution-Share Alike 3.0 United States licence.
Code samples in this documentation are licensed under the Apache License, Version 2.0.