I’m trying to setup Auth0 to migrate all my existing users from a custom database into Auth0. I have a user id in my custom DB for every user regardless of whether they logged in via email or facebook. With the custom DB migration, the login and getUser scripts accurately retrieve the user but when using a social login like facebook, my custom DB is never inquired for the user id. That user id is used through out my custom db to reference that user. What’s the best way to go about adding my custom db user id to facebook auth and other social login responses?
The custom database approach, although including database in the name should be interpreted more as custom username/email and password authentication. It’s meant to answer the scenario where you already have a store containing custom user credentials and you do not want to force users to reset their passwords when you move to Auth0. This explains why your custom database scripts won’t get called for users that authenticate through other means that are not your custom username/email and password.
In conclusion, your existing database is serving as a user credentials store (the password based users) and also as a user profile/account store (all the users that can access your application no matter how they authenticated). With the custom database connection you integrate the user credentials store aspect of your database, but not the user profile/account aspect of it.
If you want the users at Auth0 to maintain that link (through the notion of your own user identifier) to an existing account/profile at your database then you need to handle this a bit differently depending on how they authenticate. For password based users you can maintain the link by returning your identifier when your custom database connections scripts execute. For social authentication and any other authentication type you can implement a rule that at first login and depending on connection type augments the user metadata with your own identifier.
2 Likes
Thanks @jmangelo,
This makes sense. One other thing I’m wondering is what are best practices moving forward? Should I maintain user profiles including user identifier in my database to keep all existing associations. Then every time a new user comes into my application it adds a profile entry to my database with a linked auth0 id? Or should I somehow offload all of this to auth0 and change all my other data tables to associate to the auth0 id?
In general, I would tend to maintain the structure you already had and just add a new data structure that maps from Auth0 identifiers to your own identifiers. This adds one more level of lookups, but lets things stay decoupled.