Identity Broker Documentation Index

Available Tools

Documentation is available for the following command-line tools:

backup Back up one or more Identity Broker backends
base64 Encode raw data using the base64 algorithm or decode base64-encoded data back to its raw representation
broker-admin Invoke administrative operations over the Identity Broker REST API
collect-support-data Collect and package system information useful in troubleshooting problems. The information is packaged as a zip archive that can be sent to a technical support representative
config-diff Compares Identity Broker configurations and produces a dsconfig batch file needed to bring the source inline with the target
consent-admin Manage resource owner consent
create-initial-broker-config Create an initial Identity Broker configuration
create-rc-script Create an RC script that may be used to start, stop, and restart the Identity Broker on UNIX-based systems
dsconfig View and edit the Identity Broker configuration
dsframework Manage administrative server groups or the global administrative user accounts that are used to configure servers within server groups
dsjavaproperties Configure the JVM options used to run the Identity Broker and associated tools
encryption-settings Manage the server encryption settings database
ldapmodify Perform LDAP modify, add, delete, and modify DN operations in the Identity Broker
ldappasswordmodify Perform LDAP password modify operations in the Identity Broker
ldapsearch Perform LDAP search operations in the Identity Broker
ldif-diff Compare the contents of two LDIF files, the output being an LDIF file needed to bring the source file in sync with the target
ldifmodify Apply a set of modify, add, and delete operations to data in an LDIF file
list-backends List the backends and base DNs configured in the Identity Broker
make-ldif Generate LDIF data based on a definition in a template file
manage-extension Install or update UnboundID Identity Broker extension bundles
oauth2-request Perform OAuth2 requests on the Identity Broker
prepare-external-store Prepare an Identity Broker and an external server for for communication
remove-defunct-server Remove a server from this server's topology
restore Restore a backup of an Identity Broker backend
revert-update This tool returns a server to the version before the last update was performed. Unlike the 'update' tool, this tool operates on the local instance from which it is invoked. This tool relies on files from the 'history' directory that are created during an update to restore the server to a prior state. It should be noted that this tool does not revert database files to prior states. Therefore, any changes made to the directory data between the time of the update and time of reversion will be lost.
review-license Review and/or indicate your acceptance of the product license
sample-data-loader Install sample data for Identity Broker testing and demonstration. Data installed includes example applications, OAuth2 scopes, resources, user consents, and XACML authorization requests. As a prerequisite the tool requires that two users exist in Identity Broker User Store who can be used as consent owners. After installation, the provided sample authorization requests can be sent to Identity Broker PDP endpoint to demonstrate and test policy evaluations
sanitize-log Sanitize the contents of a server log file in order to remove potentially sensitive information while still attempting to retain enough information to make it useful for diagnosing problems or understanding load patterns. The sanitization process operates on fields that consist of name-value pairs. The field name will always be preserved, but field values may be tokenized or redacted if they may include sensitive information. Supported log file types include the file-based access, error, sync, and resync logs, as well as the operation timing access log and the detailed HTTP operation log. The audit log can be sanitized using the scramble-ldif tool
server-state View information about the current state of the Identity Broker process
start-broker Start the Identity Broker
status Display basic server information
stop-broker Stop or restart the server
sum-file-sizes Calculate the sum of the sizes for a set of files
summarize-config View a summary of the Identity Broker configuration
uninstall Uninstall the Identity Broker.
validate-file-signature For best results, file signatures should be validated by the same instance used to generate the file. However, it may be possible to validate signatures generated on other instances in a replicated topology