Auth0 Home Blog Docs

Porting users from one Auth0 tenant to another

My team is currently working on cleaning up an existing Auth0 tenant so that we can cleanly deploy tenant changes using auth0-deploy-cli. However, we’re unsure on how to deal with porting over users.

In an ideal world, we would be able to create a new production tenant and easily port all users from the connections in our old production tenant over to the new one. Unfortunately, it seems that even with the recent support for importing password hashes that use bcrypt, it is still impossible to port users from one connection to another without a password reset.

It seems like we’re left with the following options:

  1. Export users from the old tenant into the new one and accept that all users will need to go through a password reset flow.
  2. Expand our config.json files for auth0-deploy-cli to support all the wonky naming and oddities in our existing production tenant so we can automate deployments across all environments.
  3. Invent time travel so we can go back and help our past selves avoid the mistakes that led us to this point.

At this point I think we’re stuck with option 2, but I’m open to ideas or things we may have missed.

Hey there @brian.meeker and welcome to the Auth0 Community!

I will check with our team and see what they believe is the best course of action going forward and get back to you. Thanks!

We have a path forward now with option 2. It’s annoying that connections can’t be renamed, but it works.

We understand the security reasons for not allowing users to export password hashes, but it does feel very limiting to not have a clean way to port users from one connection to another within Auth0. Given that the imports support password hashes now it feels like a decision was made to make it easier for new customers to port data over, but existing customers (at least for now) are just out of luck.

I apologize @brian.meeker. If you don’t mind, please visit Auth0.com/feedback and share your use case. The submissions at /feedback are a direct pipeline to our product team and have an impact as we look forward what feature to make priority next. These are read and discussed individually and isn’t an automated process. Thank you.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.