.wpb_animate_when_almost_visible { opacity: 1; }

How to migrate to multi-subscription applications

Published: July 19, 2024

Why is this migration necessary ?

To improve the security on our APIs, all applications that used only one set of credentials for API subscription will from now on have to handle several sets of credentials, each application requiring unique client ID credentials and client secrets for each Authorization Server (AS) to ensure secure and distinct access.

Using an example application called Test multi cred, this article describes how to convert an multi-subscription application with identical client ID credentials/secret clients pointing to different AS into a multi-subscription application with different client ID credentials/secret clients (one set of credentials per AS). Below are detailed the steps to follow:

1 - Identify multi-credential applications

In our example Test multi cred application, a warning message appears:

Pop-up Warning for Multicreds, tab summary

2 - Create a new application

2.1 – Start by creating a new application, for example, “Test Multi Cred 2”.

2.2 – Subscribe to the required APIs, as in your previous application.

2.3 – Retrieve the new Credential client IDs and client secrets for each AS, as they will be necessary for the following steps.

In the new app Test Multi Cred 2, the Credential client IDs differ for each subscription.

New App with Multicreds, tab summary

3 - Integrate new credentials into your application

3.1 – Update your application code to replace the old credentials with the new ones.

3.2 – Test the application thoroughly to confirm that it connects to each AS using the new credentials without error.

There is no impact on other parameters (endpoints for instance).

4 - Delete the previous application

4.1 – Delete the subscriptions of the previous application:

  • Navigate to the API subscription page.
  • Use the Remove button to delete each former subscription.
Remove API illustration

4.2 – Delete the previous application:

  • Go to the application management section.
  • Select “Test Multi Cred” and use the Delete app option to remove it.
Delete app image

5 - Post-migration steps

The Test MultiCreds 2 application has now 2 set of credentials, as displayed in the screen shot to the right:

The migration operation is now over. We still recommend that you carry out the following:

5.1 – Confirm that all services are operational with the new credentials.

5.2 – Monitor the application’s performance and functionality post-migration.

5.3 – Provide a channel for users to report any issues or feedback.

Migrated App and APIs