search cancel

Best practice for refreshing environments with SSO and token based authentication for REST API


Article ID: 253414


Updated On:


Clarity PPM SaaS


We have 2 environments on both SSO- Namely DEV and PROD. With the new integration via REST API, API key and and token based authentication for external clients has been developed for the environments and API keys configured for 3rd party tool. Integrations for DEV and PROD work correctly independently with their respective API keys. But when we need to refresh the PROD to DEV env. Then are the API keys are the same on both environments?




The OLD keys will no longer work on the target environment and would need to be recreated. The following excerpt from Documentation reference: REST API AUTHENTICATION

"When you upgrade or refresh a Clarity SaaS hosted instance (for example, from staging to production), the key metadata moves from the source environment to your new target environment; however, the keys from the previous environment no longer work. A new salt value takes the place of any older value and only new keys will work. As part of your post-refresh cleanup activities, administrators must manually delete the old keys for users. Another option is to deactivate the client for those old keys. Then, create new clients and keys."