I have an existing group of members that I need to import into Auth0. The members are stored in a DB that forms part of a Laravel application. Member passwords are stored in our DB using Laravel’s bcrypt option with 10 rounds. An example of a password looks like this:
$2y$10$kvNVd2CgHV2SSh/DrQGVwuLRipPDNM10Fp.f.Qi0BxPvz.iieBVfa
I have run a test import on a single member using the User Import extension and the user is imported successfully. However, when I try to log in via the Auth0 login box I get the following error:
“Wrong Email or Password”
The password and email are definitely correct however. My import JSON looks like this:
[{
“email”: “test@testimport.com”,
“email_verified”: true,
“custom_password_hash”: {
“algorithm”: “bcrypt”,
“hash”: {
“value”: “$2y$10$kvNVd2CgHV2SSh/DrQGVwuLRipPDNM10Fp.f.Qi0BxPvz.iieBVfa”
}
}
}]
The password in the example above was hashed from the plain text testtest
I have also experimented with a more compliant testtest$111
Neither of these values is working after import.
When I visit the member’s section of the Auth0 dashboard I can see the imported member but cannot see any reference to what password value was stored. I assume this is by design.
I have the following questions please :
-
Is there any known issue with Laravel-generated bCrypt passwords being read by Auth0?
-
Is there a setting I need to be aware of in the Auth0 dashboard regarding passwords and how they are read?
-
Is there a way to confirm that the password was saved correctly upon import?
Thanks for any help.