OIDC Provider migration for a Validator node
globalSyncForum3 messagesstarted 19-05-2025
- Hi,After bootstrapping a Validator is migration from one OIDC provider to another one possible or there are design blocking issues for this ?For instance migrate from auth0 to keycloaks.If migration of OICD is not supported.Can we ? :- ask for License for a new Validator for migration OIDC purpose.- Deploy the new Validator ( new validatorPartyHint) with the new OIDC provider- Transfer remaining CC funds hosted if any from the old validator to the new one- revoke old Validator licence on the old OIDC provider- stop the old validatorThank you
- Hi, FrancoisMore than one Validator operator has successfully migrated OIDC providers, so there's some experience with this.If it turns out to be impractical for you, you can onboard a new Validator and shut down the old one, as you describe. Just let people know that's your plan.
- We migrated from Auth0 to Authentik just fine. It works out of the box most of time if you didn't have any user beside the validator user. If you had already onboarding user such as `auth0_uuid::<your-validator-uuid>` then you may need to do some work for that user, such as if you use the utility and setup a seperate party id.otherwise the process is seamless.