Migrating Tokens from 4.4.x to 5.5.1
Token Migration Service is provided to enable migration of existing tokens in MySQL database to Apache Cassandra.
Procedure
Migration API
The API for migration is /migrateTokens
curl -v "http://{ml-tm}:8082/migrateTokens?public_key={public_key}&noWrite&before=2022-10-10%2000:00:00"
-XPOST
| Parameter | Description |
|---|---|
| before | The to date of the migration. By default, it is current time. |
| after | The from date of the migration. By default, it is the last token date in database. If the after value is earlier than the before parameter value, then the after value is reset to the before. |
| stop | Stops the current migration. |
| resume | Continue from the from date of the last migration. |
| noWrite | process read operation from SQL and no write to NOSQL |
| public_key | the key set in com.mashery.service.onprem.oauth.authenticator.oauth-service-authenticator |
What to do next
After 4.4.x cluster has the updated configuration and traffic manager is restarted, any new token created is available in 5.5.1 cluster. After completing the token migration, all active tokens are migrated to Apache Cassandra and available in 5.5.1 cluster.
Any new token created in 5.5.1 cluster is available in 4.4.x cluster. To ensure that the tokens are consistant in both 4.4.x cluster and 5.5.1 cluster, any update to the token, for example updating the scope or user context of a token should be done in from 5.5.1 cluster.
The 5.5.1 cluster is ready for accepting traffic after the token migration is done. To allow for a smooth trasition from 4.4.x to 5.5.1, you can use a load balancer to slowly increase the load from 4.4.x to 5.5.1 cluster.