Okta
Octa
Introduction
One of the challenges when migrating an application's authentication infrastructure to Auth0 is migrating user information from the existing user database to Auth0.
Auth0 provides the following two user import functions, and this time we will introduce the procedure for "batch import".
- Batch import: Migration using a JSON file that defines user information
- Automatic migration: Automatically migrate user information from the existing user database when the user logs in via Auth0
In bulk import, define user information extracted from an existing user database etc. as a JSON file and import it to the user database in Auth0. Even if the existing user database stores a password using a hash algorithm compatible with Auth0, users can be migrated without requiring the user to reset their password.
premise
The operation examples on this page are for Auth0-linked web applications.
In addition, the information regarding functions and settings described on this page is current as of November 2022.
Setting overview
The user migration procedure by batch import is as follows.
Describe the user information to be registered according to the format specified by Auth0
- Importing with the Auth0 User Import/Export Extension
- Import via Auth0 Management API
Limitations
Auth0's bulk import can handle JSON files no larger than 500KB. If it exceeds 500KB, you need to split the JSON file.
https://auth0.com/docs/manage-users/user-migration/bulk-user-imports#create-users-json-file
Setting Example
Write the user information to be registered according to the format specified by Auth0.
Please check the URL below for field names such as email addresses and passwords, hash algorithms supported by Auth0, etc.
Custom password hash / Bulk User Import Database Schema and Examples - Auth0 docs
JSON file creation example (password: hashed by sha256, with salt)
[
{
"email": "test.user2@example.com",
"email_verified": true,
"blocked": false,
"custom_password_hash": {
"algorithm": "sha256",
"hash": {
"value": "fe956a8026cf49df7b507dde94e45408dca812f4fa63bbfd1a099b403110e832",
"encoding": "hex"
},
"salt": {
"value": "abc123",
"position": "prefix"
}
}
}
]
- Importing with the Auth0 User Import/Export Extension
![Install [User Import/Export] from [Extensions] > [All Extensions] on the Auth0 management screen](/business/security/okta/image/okta_auth0_umim_dr02.png)
![Click the installed [User Import / Export] Extension and select the database connection that stores user information in [Please select a database connection]](/business/security/okta/image/okta_auth0_umim_dr03.png)
![Select the JSON file to be imported and click [ START IMPORTING USERS ] to start importing](/business/security/okta/image/okta_auth0_umim_dr04.png)
![Confirm that [Import Status] is displayed as [Completed] and the import is completed](/business/security/okta/image/okta_auth0_umim_dr05.png)
![Click [Report] and check if the import job was successful and if any errors occurred.](/business/security/okta/image/okta_auth0_umim_dr06.png)
![Confirm that the imported user has been added to the specified database connection from [User Management] > [Users] on the Auth0 management screen.](/business/security/okta/image/okta_auth0_umim_dr08.png)
- Import via Auth0 Management API
There are various ways to execute the API, but the procedure described on this page is performed from the Auth0 Management API Explorer. As a preparation, the following two items are required.
- Acquiring an access token for the Auth0 Management API (Scopes: create; enable users)
Refer to the URL below for the procedure.
https://auth0.com/docs/secure/tokens/access-tokens/management-api-access-tokens - Apply access token on Auth0 Management API Explorer
Click [SET API TOKEN] and apply the acquired access token
- users: Specify the JSON file to import
- connection_id: Specify the database connection ID of the import destination
- upsert: Specify "true" to update information for users that exist in the import destination database connection
- send_completion_email: Specify whether to send a completion email after the import job is completed
![Enter each parameter value and click [Try]](/business/security/okta/image/okta_auth0_umim_dr10.png)
![Confirm that the [RESPONSE CODE] is displayed as 202 and the import was successful](/business/security/okta/image/okta_auth0_umim_dr11.png)
![Confirm that the imported user has been added to the specified database connection from [User Management] > [Users] on the Auth0 management screen.](/business/security/okta/image/okta_auth0_umim_dr13.png)
Supplementary matter
User import job submission and import job completion can also be confirmed from the Auth0 log.
- Import job submission log
- Import job completion log
Login confirmation example: Login with user information before migration
in conclusion
When migrating users using bulk import, you can easily import user data using a JSON file that defines user information, and if the hash algorithm is supported, there is no need to reset passwords when migrating users. This feature can also be used in the free Auth0 trial environment, so please try it out.
In addition to the bulk import introduced this time, Auth0 also provides a migration method called automatic migration. If you are interested in user migration achieved with Auth0, please contact us.
reference
Inquiry/Document request
In charge of Macnica Okta Co., Ltd.
- TEL:045-476-2010
- E-mail:okta@macnica.co.jp
Weekdays: 9:00-17:00