Migrate a User Database to Auth0

Auth0 replaces the existing Identity Provider, and uses the existing external user database. The setting that determines which IdP existing applications should use is simply changed to be Auth0. Existing applications will then access Auth0 using the SAML, OpenID Connect, WS-FED or OAUth2 protocol. For new native, Web and mobile applications, the Auth0 Rest APIs are accessed through convenient, platform-specific SDKs to perform authentication using the code samples and customized step-by-step guidance that developers highly value from Auth0.

Auth0 is an Enterprise-class Identity Provider that federates and extends well

Auth0 utilizes a built-in, enterprise-class, highly scalable and available database that is ideal for keeping track of millions of users. The first time a user or device logs in to Auth0, they will not have a record in the built-in Auth0 database, so Auth0 will use its connection to the existing external user database to get the record, including any user data that is to be migrated into the Auth0 built-in database. As well as completing the authentication request, Auth0 adds the newly acquired user record to its built-in database. Over the course of a few weeks or months, a majority of the users will have been automatically migrated over without noticing anything has changed. The rest of the records can then be bulk imported into Auth0 at any time but they will require password resets. Once the process is complete the existing external database can be retired. For more details see https://auth0.com/docs/connections/database/migrating.

Logic used to migrate users to the Auth0 database

Using this algorithm means that the user will not have to reset their password. Once a user is migrated to the Auth0 user database, the legacy database records will no longer be used for them.

Applications are directed to use Auth0 as their Identity Provider (IDP). Auth0 either uses a direct connection to the original user database (https://auth0.com/docs/connections/database) or calls on a Web service that accesses the existing external database to authenticate the user and collect all of their user information, as depicted in the diagram below.

User identities in an existing external database are migrated on the fly to the built-in database

Auth0 provides the template Node.js code that it will run in a secure sandbox to perform the “Login” and “Get User Data” operations to the existing external user database or to a Web service so the data can be migrated to the Auth0 built-in database. This JavaScript template code is easily customized for the exact user data migration scenario.

Auth0 provides templates for most of the common databases such as: ASP.NET Membership Provider, MongoDB, MySQL, PostgreSQL, SQLServer, Windows Azure SQL Database, and for a Web service that will connect to any kind of database or Web service with a customized Node.js script and migrate its user data into the Auth0 user database easily and non-disruptively.

If desired, it’s easy to gather user information from additional sources and add it to the record for each user as their user data is being migrated over to the Auth0 built-in user database.