put
https://tenants-gateway-api-sbx.sidedrawersbx.com/api/v1/tenants/tenant/tenant-id//users/migrate-openid
Migrates an account from one identity provider to another by updating the OpenID across all relevant services.
This operation performs a transactional migration with rollback capability if any step fails.Tenant Validation:
- Both origin and destination accounts (if exists) must belong to the specified tenant
- Validation follows ENFORCE_TENANT_ACCOUNT_OWNERSHIP environment variable
Migration Process: 1. Validates tenant ownership of origin account 2. Validates tenant ownership of destination account (if exists) 3. Migrates Keycloak user attributes 4. Updates account OpenID and identity provider 5. Updates all references in dependent services (vaults, records, networks, etc.) 6. Performs integrity checks 7. Soft deletes or merges accounts as appropriate
Affected Services:
- user-api: Account management and authentication
- records-api: Document ownership and contributor references
- record-files-api: File ownership
- networks-api: Sharing and collaboration
- comments-api: Comment ownership
- reminders-api: User reminders
Rollback: If any step fails, all changes are reverted to maintain data integrity. .