I’m working on doing automatic migration of our user store to Auth0 and there’s one recommended action on the relevant docs that I don’t quite understand
Use a rule to mark users as migrated. This is not a hard requirement, but it does protect against one scenario in which a user changes their email address, then changes it back to the original email address. A rule should call out to the legacy database to mark the user as being migrated in the original database so that get_user can return false.
Can someone expand on this scenario? From the wording here I don’t understand at what point does this user change their email and how that can cause problems.
@hd1 here is my understanding of the docs - When a user changes their email address and automatic migration is enabled, the get_user script is called to make sure the email address does not exist in the legacy database. If the script returns false (no user found), then the user is able to change their email address in the tenant successfully.
You might run into a scenario where a user changes their email address to something, but then decides to change it back to the original email address at a later date.
At this point, the user will not be able to change their email address back to the original email because of the get_user script → It will find the original email address in the legacy database and return a “user already exists” error.
The Rule that Auth0 recommends would be to update the account in the legacy database as migrated in some way, then you would update the tenant’s get_user script to ignore users who are marked as migrated in the legacy database when you do the lookup. This will allow the user to change back to the original email address.