Once is deployed in both a prod and staging stack we should update the migration client so that instead of the API key the new basic auth based service for migration is used instead from the configured credentials. The required migration auth filter is already implemented, but is currently backward compatible with other auth mechanisms.
This can be validated at the next migration (after merging the migration client PR)
Merged change, added 'org.sagebionetworks.service.secret.source' and 'org.sagebionetworks.service.secret.destination' to secretsMgr, replaced username by 'org.sagebionetworks.service.key' in Jenkins job. Running migration.
Migration succeeded. Verified fixed 323->324.