Twingate IdP Migrator
Problem
When an organization migrates to a new identity provider, Twingate syncs the new IdP's groups alongside existing ones, but the new groups start with zero resource access. Reassigning every resource, security policy, and access mode manually across potentially hundreds of groups and resources is tedious, error-prone, and risky.
Approach
Built a cross-platform desktop GUI application (Python + PySide6) that connects to the Twingate admin API, fetches all groups and resources, and uses fuzzy name matching to suggest old-to-new group pairings with confidence scores. The tool generates a mandatory dry-run preview of every access grant before execution, and writes a full JSON changelog enabling one-click rollback at any time. All migrations are additive - old group access is never removed. Includes a built-in demo mode with a complete Okta-to-Entra sample scenario.
Outcome
Transforms a labor-intensive manual migration into a safe, repeatable process. Cross-platform single-file binaries for Windows, macOS (ARM + Intel), and Linux. The mandatory dry run and rollback capability give admins confidence during what is typically a high-risk change window. Published under the Twingate-Solutions organization.