Replicating an Identity Domain to Multiple Regions

You can replicate an identity domain to multiple regions if the tenancy is subscribed to multiple regions.

Before you begin: Ensure that the tenancy is subscribed to the regions to which you want to replicate the identity domain. For more information about the home regions and the basics of managing your region subscriptions, see Managing Regions.

You can’t change to which regions the Default identity domain replicates. The Default identity domain always replicates to all regions to which the tenant is subscribed. When an administrator subscribes to another region, then only the Default identity domain replicates to that region. The Default identity domain's home region is the tenancy's home region. This cannot be changed.

Additional identity domains can have their own home region, but only within the set of regions the tenancy is subscribed to. When creating additional domains, the selected region in the Console becomes the additional identity domain's home region. For example, if the selected region in the Console is Germany Central (Frankfurt) and you create an additional domain, the additional domain is created in the Frankfurt region as the home region.

To take advantage of the Disaster Recovery (DR) feature that establishes a DR region outside of the primary region, you might need to update your firewall policies to enable communication with the additional (DR) regions. Refer to OCI documentation for details.

    1. Open the navigation menu and click Identity & Security. Under Identity, click Domains. Select the identity domain you want to work in.
    2. Click More Actions, and then Manage regions.
      The Manage regions window displays with a list of regions to which your tenancy is subscribed.
    3. For the region to which you want to replicate, click Enable replication.
    4. Confirm the replication.
  • Use the oci iam domain enable-replication-to-region command and required parameters to replicate an identity domain to multiple regions:

    oci iam domain enable-replication-to-region --domain-id domain_ocid [OPTIONS]

    For a complete list of flags and variable options for CLI commands, see the Command Line Reference.

  • Run the EnableReplicationToRegion operation to replicate an identity domain to multiple regions.