Problem statement
There may be situations in which it is desirable to ‘clone’ a tenant. For example, a business organization may decide on a rebranding strategy. In those circumstances, it may be a requirement that tenant names should be better-aligned with the new brand name. However, it is not possible to simply rename a tenant. As a consequence, the recommended approach in these circumstances would be to create a new tenant and then ‘clone’ the tenant configuration and environment settings from an existing tenant.
It is important to know that each tenant has a set of feature flags that influence its operational behaviour. This gives rise to the concern that when a tenant’s settings are ‘cloned’, these vital feature flags might not be copied across to the new tenant. If that were to happen then there could be differences between the ‘old’ and ‘new’ tenant environments, with the result that applications might not run as expected in the new tenant.
Is it possible to ‘clone’ an existing tenant? Is there a way to ensure that the set of feature flags from the ‘old’ tenant are carried across to the ‘new’ tenant?
Solution
Use of deploy-cli
The Auth0 Deploy-CLI is a tool that helps you manage your Auth0 tenant configuration. It integrates into your development workflows as a standalone CLI or as a Node module.
One of it’s possible uses is to ‘clone’ the configuration settings (including the feature flags) of an existing tenant and restore them to a new tenant.
When configuring the Deploy-CLI tool, ensure that the ‘tenant settings’ supported resource type is selected. This will ensure that the necessary feature flags are carried across from the current tenant to the new tenant.
How this works
Tenant flags express a complex mix of external and internal-only functionality. Depending on when and in which environment a tenant was created, two tenants may not have the same set of feature flags.
There are two types of tenant flags:
- Internal flags are used for tasks like facilitating migrations or toggling deprecated functionalities; none of which are suitable for customers to configure.
- Customer-configurable flags: these are enabled by the customer when configuring their tenant environment
The Deploy-CLI tool will only operate on flags that are configurable by users and will ignore all others. This maintains interoperability between different tenants across different environments.
So technically, not all flags may be copied over. However, this behaviour is intentional, as not all existing flags may be required in the new tenant environment.
In the majority of cases, there should be no difference in terms of how applications perform in the current tenant and the new tenant. However, there may be occasional instances in which legacy flags might need to be manually enabled by Auth0 personnel following the migration. In such cases, there might be some short-term difference in application behaviour between old and new tenants. If such problems arise, please create a support case in the Support Center, describing the application’s expected behavior and its current behavior following migration.
Related resources