Migration between IdP Vendor

We have a client that’s currently using Ping but looking to migrate to a different IdP Vendor.
We’re concerned that this would result in creating new user instead of keeping the association with existing users.
How likely is this concern and how can we avoid it?

Additional context

• We used Ping specific enterprise connector to create the connection
• We’re using Cognito for User Datastore

Thanks

Hi @rsung

Thank you for reaching out to us!

Please allow me some time to research this issue and I will be back with information as soon as possible.

Best regards,
Gerald

Hi @rsung

Back with an update on the matter, based on the use-case presented, I believe the best course of action would be to take advantage of Auth0’s User Account Linking feature designed to merge two existing profiles that a user has into a single one; at the same time ensuring that new user profiles are created.

The general flow to implement this would be :

• Integrate the new IdP in the Auth0 tenant, under Authentication → Enterprise;
• Enable the new Connection to your application/s without removing or disabling the old Ping Connection;
• Create an Action that handles the linking of the user’s accounts;
• Add the Action to your Login Flow and perform tests with test-users to ensure proper functionality.

Allow me to share some useful documentations on this matter:

• Custom Workaround to Account Linking with Action;
• Account Linking in Actions - How to Keep the User Logged In;
• Client-Initiated Account Linking - Auth0

Hope this helped!
Gerald

Thanks, Gerald. Does that mean that we would need to old IdP entry around indefinitely?