I’m working for a customer that wants to use Auth0 as an IdP. A previous developer had set up everything via Wordpress, which uses the PHPass library to generate password hashes, which is not supported by Auth0.
Here are the constraints of the project:
Existing users need to be pre-imported into Auth0’s default password database.
It has to use Auth0 developer/basic tier. Anything locked behind pro or enterprise is off the table. There are only 200 users anyway.
We can’t ask the customers to reset their passwords right off the bat. That’s horrible UX, and no one’s going to pay attention to a notice like that. (And they shouldn’t follow instructions like that anyway – it sounds like a phishing scam)
Similar to 3, we can’t ask customers to re-register.
The Wordpress site is a mess and already uses a non-standard login mechanism, so using the WP Auth0 Plugin is not possible.
I’ve spent about 2 weeks looking for a solution in forum posts, google results, medium stories (ugh), etc. All I’ve found are situations that don’t apply, APIs that are deprecated, and general sales-speak about how great Auth0 is.
Is what I’m tasked with even possible, or is the only way paying for enterprise features?
Thanks in advance,