How do I get the Organization Model in my Identity Cloud environment?
The purpose of this article is to provide assistance to ForgeRock Identity Cloud customers who have older tenant environments that were created before the organization model was available, and so are missing the default configuration in their customized model. This article only applies to customers who were onboarded on or before 26th March 2021.
Background information
Some Identity Cloud customers pre-date the default configuration required in order to use the new Organizations feature.
We are providing a tool for customers to be able to add in the configuration as part of their development lifecycle.
Prerequisites
In order to use the tool, you will need to:
- Install python3 (if not already installed)
- If you are using macOS, you will need to install SSL certificates by running: Applications > Python <version> > Install Certificates.command
- Download the add_org_model.pex (417 kB) bundle.
- Pause any continuous integration tooling you have in place that would otherwise update the managed object definitions.
Once the prerequisites have been completed, follow the appropriate set of steps.
Adding the organization model to a development environment
Note
You cannot use this tool to add the organization model configuration to Staging or Production environments. To add them to those environments, first add them to your Development environment and then promote your configuration. See Introduction to self-service promotions for further information.
- Work out the environment name for the development environment:
- If the environment is at https://openam-example-ew2-dev.id.forgerock.io, the environment name would be example-ew2-dev
- Run the tool in a terminal, substituting with your environment name:python3 add_org_model.pex example-ew2-dev
- You will be prompted to authenticate using a URL that is displayed in the terminal:
- Copy the URL to your browser (or if your terminal supports it, ctrl-click to open it).
- Sign in using your ID Cloud platform admin credentials.
- Approve consent for the IDC.CLI client (the suffix will be unique to your tenant name):
- Once authentication has completed, the browser will direct you back to the terminal:
- The terminal should show the outcome of the process. If you had a continuous integration process that you disabled previously, you should now update your external copy of the managed object configuration before then resuming the CI process by fetching the full content from the managed objects configuration REST API endpoint:
https://<domain>/openidm/config/managed
Adding the organization model to a demo or sandbox environment
- Work out the environment name for the environment:
- If the environment is at https://openam-example-ew2-sandbox.id.forgerock.io, the environment name would be example-ew2-sandbox
- Run the tool in a terminal, substituting with your environment name:DOMAIN=forgerock.io python3 add_org_model.pex example-ew2-sandbox
- Continue from step 3 in the instructions above.