How can I import users via email addresses and password hashes (without users needing to reset their passwords)?

The feature that I am looking for and have been unable to find is the capability to register users via a password hash, as opposed to a password. For example, let’s say that I have a .csv (or .json, … name your data format) with emails and password hashes. I want to be able to pass the password hashes to Auth0 and create users without having them change their passwords. As of right now, I only need a one time import, not a continuous import (as the enterprise migration feature allows for). I’m hoping to be able to either do this myself or provide such a file to Auth0 to have imported into my user data base, and again, I’m more than happy to format in whatever specification is needed.

Let me know if you need any other information or specifications about what I’m trying to do.

1 Like

The functionality you mention is not available; there is no possibility to bulk import users with already hashed passwords. The available feature that would allow users to be created in Auth0 without forcing them to reset their passwords is the one you mentioned; to use a custom database with import mode. However, this implies that users are created as they login and not all at one time.

@jmangelo thanks for the response, that’s what I figured (to my chagrin). I’ve requested this as a feature, but doesn’t look like it’ll happen any time soon as far as I can tell.

what’s the best approach to take given this blocker?
once users are imported, should we just ask users go through the password reset workflow?

@josh1 the password reset flow is the answer that I have seen suggested (and what the Auth0 team suggested when I called them). If you don’t want to pay for migration (via developer or enterprise) (*edited), then I would think that you should do a bulk call to the Auth0 Management API v2 endpoint. There is more description here Bulk User Imports (and it will automatically force a password reset).

@josh1 as @paul mentioned, if you want to migrate users in one go then password reset will be required and the recommended way to go. If it’s acceptable for you to maintain some infrastructure that allows users to be migrated when they login then you can consider a custom database with migration enabled (@paul mentions the need for enterprise, but according to pricing database migration is available also to the developer plans).

It is now possible to import users with the password hashes using the import users management API.

For the importable attributes you may check this link.