Auto-upgrade Solution Instances for breaking auth changes
This is a 'Project' template which means that it contains a group of workflows that work together to achieve a particular aim
For Embedded customers, this template helps you roll out auth changes to End Users without asking them to re-authenticate.
It is specifically for use in the case described in our Change management docs where a hot fix to an auth has been implemented in production, your End Users have re-authenticated and you now need to re-sync your dev and production environments.
In this case, when you go to backdate the fix in dev and subsequently re-sync by exporting and importing to production, you will be notified of a breaking change, as the auth slot ids no longer match (even though the details and scopes of the auth itself may match).
To avoid asking End Users to authenticate once more, after you have imported to prod and been notified of the breaking changes, you can use this template to run the upgrade on behalf of End Users by using the Upgrade Solution Instance mutation and re-using the same authId in the authValues details.
PrerequisitesCopy
In order to use this template you will need to create a custom / generic service which uses your Embedded master token and apply this auth to the relevant HTTP client and GraphQL client steps.
Main workflowCopy
1. Sets the:
projectId
solutionId
target external_auth_slot_id
2. Exports the project using the projectId
3. Extracts the matching auth slot information from the project based on external_auth_slot_id
4. Gets Solution Instances and extracts those with the 'hasNewerVersion' flag
5. Creates a CSV
6. Loops through SIs with a new version and for each:
Extracts those with an auth for the set external_auth_slot_id
Uses AAPI to get the details of the auth
Checks if auth info (SE id and scopes) matches the exported project
If so then calls the upgrade workflow (passing SI id, user id, auth values, config values) and stores the upgrade result in the CSV
If not the SI is stored in the CSV as auth incompatible
7. After the loop completes exports the final CSV and sends to chosen notification email address
Callable workflowCopy
For each SI that is ready for upgrade the callable workflow:
Gets a user token (using master token and user id)
Upgrades the Solution Instance for that user
Sends upgrade details back to the main workflow