IAM Migration

Overview

Your organization is being migrated to our new Identity and Access Management (IAM) system. This migration will modernize how permissions and roles work in your organization, providing better security and more granular control over user access.

What's Changing

The migration will:

• Convert your existing legacy IAM roles to new managed IAM roles

• Preserve user permissions and access levels

• Maintain your current organization structure and workspaces

• Enable new workspace-level access controls

Important Information Before Migration

Timeline

The migration will be performed by our team and typically takes under an hour to complete. During the migration:

• Users will continue to have access to the platform, however they may experience intermittent issues with access only during the migration

• No data will be lost

• Existing access will be preserved

⚠️ Action Required Before Migration

SCIM Integration

If you are currently using SCIM for user provisioning, you MUST take action:

• BEFORE migration: Disable your current SCIM integration at the organization level

• AFTER migration: Re-configure SCIM separately for each workspace where you need it

• CRITICAL: If you keep your existing organization-level SCIM enabled after migration, newly provisioned users will NOT receive the correct permissions

What Will Continue to Work

Organization Settings

All of your current organization settings will continue to work exactly as before:

• Single Sign-On (SSO) configurations will remain active

• Multi-Factor Authentication (MFA) enforcement policies will continue to apply

• Organization-level security settings are preserved

Existing Access Keys

Your current API access keys will continue to function:

• All existing access keys will remain valid and operational

• No need to rotate or update keys immediately after migration

What Will Change

Custom Roles

Custom roles are not currently supported in the new IAM system:

• Only standard managed roles will be migrated

• If you have custom roles, users with those roles will need to be assigned equivalent managed roles after migration

• Contact our Support team if you have questions about which managed role best matches your custom role

Group-Based Role Assignments

Role assignment groups will be converted to direct assignments:

• Any roles currently assigned through groups will be converted to direct user assignments

• The groups themselves will no longer be used for role management

• All users will retain their current permissions through these direct assignments

Access Key Management

After migration, access key management will change:

• Organization-level access keys (created before migration):

  • Will continue to work with their existing permissions

  • Cannot be modified or have their roles changed

  • Cannot be used to create new keys at the organization level

  • Can only be deleted

• Workspace-level access keys (new capability):

  • Each workspace can now create its own access keys

  • These keys can be managed (created, modified, deleted) within each workspace

  • Use these for new integrations and API access going forward

Post-Migration

Immediate Next Steps

1. Verify user access: Confirm that your team members can still access their workspaces

2. Re-configure SCIM (if applicable): Set up SCIM separately for each workspace that needs it

3. Update access keys (over time): Gradually migrate from organization-level access keys to workspace-level access keys for better security and management

Getting Help

If you have questions or encounter any issues during or after the migration:

• Contact our support team at [email protected]

• Reference your organization ID when reaching out

• Our team is here to help ensure a smooth transition

Summary of Key Points

✅ Will Continue Working:

• User access and permissions

• SSO and MFA settings

• Existing API access keys

• All workspaces and data

⚠️ Requires Action:

• Disable SCIM before migration (if in use)

• Re-configure SCIM per workspace after migration

🔄 Will Change:

• Custom roles → Managed roles

• Group assignments → Direct assignments

• Organization access keys → Workspace access keys (for new keys)

This migration is designed to enhance your security and provide more flexible access control. While there are some changes to be aware of, the vast majority of your current setup will continue to work seamlessly.