I’ve been going through the auth0 docs and not had much luck in figuring out how auth0 handles a change password request for a user that has not been migrated over to auth0.
Based on what I’ve read so far, “Auth0 can only assist users in the Auth0 database with password reset.”
Does this mean the user needs to be migrated first? If that is the case how would the below explanation work?
“If an un-migrated user confirms a password change, their user profile will be created in Auth0 with the new password.This user profile will contain all the information returned in the Get User script. All subsequent logins of this user will be performed in Auth0 directly.”
How does this work exactly? What do I have to setup to get this working?
Sorry for the multiple questions, the doc aren’t too clear on the above
With on-demand migration, users are migrated (user profiles are created) when
- They login in with their existing credentials, or
- They reset their password.
In the case of a password reset, the Get User script will pull the user’s profile information, the profile is created, but there is no password until the user completes the password reset process.
@markd Thanks Mark for helping out. So basically I have to have logic in my Get User script that connects to my legacy database to get customer profile information.
In terms of the sequence of events,
- We invoke the Authentication API for change password.
- Auth0 checks if the user is in the auth0 store. If the user is not in auth0. The Get User Script is called which fetch’s the user profile information? or Is the Get User Script called when the user resets their password ?
Just trying to work out when exactly the Get User Script is called
Thanks again for the help
Going on memory but I believe the get user script is called and the profile is created at the moment the user completes the first step of the password reset (enter username or email address). So the profile is already in place when they complete the second step (click link, enter new password).
You’ll find that your login and get user scripts will look very much alike. They will both need whatever code you are including to pull the entire user profile from your legacy DB and map it to Auth0.