Auth0 Home Blog Docs

Bulk Import tool with hashed password

Hello,
I am trying to import users using webtask - auth0-user-import-export/import which accepts json file.
below is json i am uploading:

[
	{
	"email":"ap53@test.com",
	"password_hash":"$2y$10$sD5PHl4o5.UcTRT2X11kUuV3GIKrgdaY7nQ8n0uf3GgR8MdBe/PYa",
	"email_verified":true,
	"user_metadata":
		{"first_name":"fname53","last_name":"lname53"},
	"upsert":true
	}
]

but it gives error like

Unable to import user "ap53@test.com":
            	Error in passwordHash property - String does not match pattern ^\$2[ab].........

when i generated hash using below script it says “Password is valid” using bcrypt algo.

$options = [
    'cost' => 10,
];

$hash=password_hash("ABC123", PASSWORD_BCRYPT, $options);
echo $hash;

Without “password_hash” script works fine.

please guide in this how can i make it work.
Thank you in advance!

Your hashes have a $2y prefix which suggest they originate from the crypt_blowfish (PHP) implementation which is the one I believe that uses those prefixes in order to distinguish between hashes generated by a previous version of the same implementation which had a bug. (see https://stackoverflow.com/questions/15733196/where-2x-prefix-are-used-in-bcrypt)

It should be doable for you to just replace $2y with $2a and try again; this should meet the format requirement and still allow to verify the passwords correctly.

Thank you sou much :slight_smile:
this prefix update works fine.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.