| backup | Back up one or more Identity Broker backends |
| base64 | Encode raw data using the base64 algorithm or decode base64-encoded data back to its raw representation |
| broker-admin | Invoke administrative operations over the Identity Broker REST API |
| collect-support-data | Collect and package system information useful in troubleshooting problems. The information is packaged as a zip archive that can be sent to a technical support representative |
| config-diff | Compares Identity Broker configurations and produces a dsconfig batch file needed to bring the source inline with the target |
| consent-admin | Manage resource owner consent |
| create-initial-broker-config | Create an initial Identity Broker configuration |
| create-rc-script | Create an RC script that may be used to start, stop, and restart the Identity Broker on UNIX-based systems |
| dsconfig | View and edit the Identity Broker configuration |
| dsframework | Manage administrative server groups or the global administrative user accounts that are used to configure servers within server groups |
| dsjavaproperties | Configure the JVM options used to run the Identity Broker and associated tools |
| encryption-settings | Manage the server encryption settings database |
| ldapmodify | Perform LDAP modify, add, delete, and modify DN operations in the Identity Broker |
| ldappasswordmodify | Perform LDAP password modify operations in the Identity Broker |
| ldapsearch | Perform LDAP search operations in the Identity Broker |
| ldif-diff | Compare the contents of two LDIF files, the output being an LDIF file needed to bring the source file in sync with the target |
| ldifmodify | Apply a set of modify, add, and delete operations to data in an LDIF file |
| list-backends | List the backends and base DNs configured in the Identity Broker |
| make-ldif | Generate LDIF data based on a definition in a template file |
| manage-extension | Install or update UnboundID Identity Broker extension bundles |
| oauth2-request | Perform OAuth2 requests on the Identity Broker |
| prepare-external-store | Prepare an Identity Broker and an external server for for communication |
| remove-defunct-server | Remove a server from this server's topology |
| restore | Restore a backup of an Identity Broker backend |
| revert-update | This tool returns a server to the version before the last update was performed. Unlike the 'update' tool, this tool operates on the local instance from which it is invoked. This tool relies on files from the 'history' directory that are created during an update to restore the server to a prior state. It should be noted that this tool does not revert database files to prior states. Therefore, any changes made to the directory data between the time of the update and time of reversion will be lost. |
| review-license | Review and/or indicate your acceptance of the product license |
| sample-data-loader | Install sample data for Identity Broker testing and demonstration. Data installed includes example applications, OAuth2 scopes, resources, user consents, and XACML authorization requests. As a prerequisite the tool requires that two users exist in Identity Broker User Store who can be used as consent owners. After installation, the provided sample authorization requests can be sent to Identity Broker PDP endpoint to demonstrate and test policy evaluations |
| sanitize-log | Sanitize the contents of a server log file in order to remove potentially sensitive information while still attempting to retain enough information to make it useful for diagnosing problems or understanding load patterns. The sanitization process operates on fields that consist of name-value pairs. The field name will always be preserved, but field values may be tokenized or redacted if they may include sensitive information. Supported log file types include the file-based access, error, sync, and resync logs, as well as the operation timing access log and the detailed HTTP operation log. The audit log can be sanitized using the scramble-ldif tool |
| server-state | View information about the current state of the Identity Broker process |
| start-broker | Start the Identity Broker |
| status | Display basic server information |
| stop-broker | Stop or restart the server |
| sum-file-sizes | Calculate the sum of the sizes for a set of files |
| summarize-config | View a summary of the Identity Broker configuration |
| uninstall | Uninstall the Identity Broker. |
| validate-file-signature | For best results, file signatures should be validated by the same instance used to generate the file. However, it may be possible to validate signatures generated on other instances in a replicated topology |