The configuration export/import options create and restore a full PingAccess configuration.
You can back up and restore your configuration for disaster recovery or for testing purposes. You can restore your configuration on the same system or a new system, as long as the version used on the restore system is not older than the version used on the backup system, and as long as the backup and restore systems both use API v3 (PingAccess 5.0 or later).
Because the exported JSON file contains much of your PingAccess configuration, make sure that the file is safely stored somewhere with appropriate security controls in place.
Sensitive data, such as secrets and passwords, are encrypted in the backup file. If you have configured a master key encryptor using the Add-on SDK for Java, the host key file (JWK set) is encrypted and included in the exported data. When running in Amazon Web Services (AWS), the AWS Key Management Services (KMS) master key encryptor bundled with PingAccess can be configured for master key encryption. See Configuring PingAccess to use Amazon Key Management Services for more information.
You can modify the backup file directly. If you plan to do so, make an unmodified copy of the backup file before you begin.