I have several 100 users in my Tennant that are using passwordless (email connection type) connectivity. I am switching them over to Lock and it requires a Database connection type. I would like to do the following:
Convert them to database connection type, is there a script I can run to do this? or do I need to delete all of them and recreate them with new connection type?
I dont want to trigger welcome email when I do this. Want to set a default password for everyone and force them to change at first login. Can do this via script.?
Sorry, I have not been using the API a lot so any help pointing me to the API script would be helpful.
Thanks
A few things to have in mind first before tackling the actual questions; this Lock for web applications does not currently have built-in support for passwordless conenctions, however, there’s also Lock Passwordless so it is strange if the only reason to switch authentication methods is the library.
Q1 Identities across connections are independent although you can link multiple identities into a single end-user, however, if you want a group of users to stop using passwordless to authenticate and instead use a database connection then linking is not of much use. You should create the respective users in the database connection through the Management API (see these reference docs); if the existing passwordless users have metadata that you want to transfer then you would have to get that first.
Q2 You can disable email templates in the dashboard in order to prevent any emails. With regards to settings default password I would instead consider not sending any password to end-users and just have them complete a reset password flow in order to set their first password.
Thank you very much. On your answer to #2, are you suggesting they click the “Forgot your password” link on the lock dialog and reset their password?.
Thank you very much. On your answer to #2, are you suggesting they click the “Forgot your password” link on the lock dialog and reset their password?.
Yes, that would ensure they would have to change their password and also mean there would be no actual sharing of default passwords through other (potentially less secure) methods.