"ONE_OF_MISSING" with Custom Password Hash


I am currently trying to import users via the Auth0 /users-import API.

I get the following error:
“code”: “ONE_OF_MISSING”,
“message”: “”,
“path”: "custom_password_hash

I have a user that I want to import with a custom password hash to Auth0. The imported hash is created as follows:
Hash = hex(md5(password + salt))

I specify the following import configuration:

“email”: “<>”,
“custom_password_hash”: {
“algorithm”: “md5”,
“hash”: {
“value”: “<>”,
“encoding”: “hex”
“salt”: {
“value”: “<>”,
“position”: "suffix

Can you help me?

Thanks for your help.

Best regards, Patrick

One possibility for you to receive that type of error would be if there’s a mismatch between the provided hash value and the specified encoding.

For example, the following import would fail with that error:

        "email": "user@example.org",
        "custom_password_hash": {
            "algorithm": "md4",
            "hash": {
                "value": "AbuUujgF0pPPkJPSFRTpmA==",
                "encoding": "hex"

because the hash value is not really encoded in hex as specified in the import.

Can you calculate the hash for a fake password through the same method Hash = hex(md5(password + salt)) you use for the real passwords and share that value with us?

1 Like

Hi @jmangelo

Thanks for your answer.

Yeah I calculated a fake password with this method:


What do you think?

Best regards.

Thanks for that, the issue seems to be that the expectations on our side for the hex encoding would be a value that would have 2 hexadecimal digits per byte of encoded data so this would imply having an even number of characters in the hash value.

The value you share has 31 characters in total so it fails that requirement; can you try prefixing values with an odd number of characters with a 0 character and try to import again?


Thanks a lot!! With this hint it works!! :rocket:

Best regards

1 Like

Glad you have it working now!

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.