Bulk Import w/o Password, Reset Password for Users without Passwords

For my current situation, we would like to do a bulk import of users without the need of a DB connection; We are unable to import users with our current password encryption schema.

The goal is to do a smooth transition for the users without the need to support a gradual migration.

What we would like to do is bulk import users with a verified email, and no password. Then the desired flow is, on a log in attempt where a user lacks a password, they are sent through the reset password flow rather than just failing authentication?

Any suggestions that can help support the goal, confirmations that the goal is impossible or direct answers to my question are welcome.

I appreciate you taking the time to read my issue and thanks in advance for any answers you may have.

Hi @ascendsauce,

Welcome to the Auth0 Community!

Bulk import is specifically related to Auth0 database users only, and a password is mandatory. Maybe you could do something with passwordless but I don’t know enough about that to comment.

If you cannot import your existing passwords b/c they are in a format not supported by Auth0 bulk import, one option is to assign each user a random throwaway password and then send them all password reset emails. Not a great user experience but you can communicate it in terms of “improved security” or some such. We’ve done this with some of our user communities importing from a legacy system where the password storage scheme was not supported.

Mark

1 Like

Thanks for helping on this one Mark!