Dear gaurav_nagarro ,
I ever wrote a KB article for similar situation, it's not published yet.
Introduction:
Sometimes, when you try to delete a policy, it could popup a message as below.
If you know what policy is using this policy, then you can delete it first, and then delete this policy successfully.
This article will introduce a way to find out what policy is using the current policy.
Instructions:
- For fragments
Here is an example of how to find the policies/services using "OTK Authenticate OAuth 1.0 Parameter"
On policy manager, right click on "OTK Authenticate OAuth 1.0 Parameter" -> Policy Properties -> copy the Policy GUID(not Policy ID), for example: 71815bbd-f527-4806-b60d-c66128961c84
run the SQL on ssg database (search by GUID),
mysql> select name from policy where xml like '%71815bbd-f527-4806-b60d-c66128961c84%';
+-----------------------------------------------------------------------------+
| name |
+-----------------------------------------------------------------------------+
| OTK Require OAuth 1.0 Token |
| Policy for service #799948386a78439e71fdaa554a1b3c0f, auth/oauth/v1/token |
| Policy for service #799948386a78439e71fdaa554a1b3d17, auth/oauth/v1/request |
+-----------------------------------------------------------------------------+
3 rows in set (0.10 sec)
- you would need to delete/modify those 3 policies/services using "OTK Authenticate OAuth 1.0 Parameter" before you can delete it.
- For encapsulated assertions
For example, to find the policies/services using "OTK Client Delete"
run the SQL on ssg database(search by name),
mysql> select name from policy where xml like '%OTK Client Delete%';
+-----------------------------------------------------------------------------+
| name |
+-----------------------------------------------------------------------------+
| Policy for service #799948386a78439e71fdaa554a1b408e, oauth/manager/clients |
+-----------------------------------------------------------------------------+
1 row in set (0.09 sec)
Remove the service/policy which using this encapsulated assertion first, and then goto Task -> Manage Encapsulated Assertions, remove the encapsulated assertion, then it should become fragment, then you can delete the fragment.
NOTE1: before delete those dependent policies/services, verify if they won't be access in the future, and eligible to be retired.
NOTE2: backup the database before any changes.
Hope this can help.
Regards,
Mark