Auth0 Home Blog Docs

Porting users from one Auth0 tenant to another

My team is currently working on cleaning up an existing Auth0 tenant so that we can cleanly deploy tenant changes using auth0-deploy-cli. However, we’re unsure on how to deal with porting over users.

In an ideal world, we would be able to create a new production tenant and easily port all users from the connections in our old production tenant over to the new one. Unfortunately, it seems that even with the recent support for importing password hashes that use bcrypt, it is still impossible to port users from one connection to another without a password reset.

It seems like we’re left with the following options:

  1. Export users from the old tenant into the new one and accept that all users will need to go through a password reset flow.
  2. Expand our config.json files for auth0-deploy-cli to support all the wonky naming and oddities in our existing production tenant so we can automate deployments across all environments.
  3. Invent time travel so we can go back and help our past selves avoid the mistakes that led us to this point.

At this point I think we’re stuck with option 2, but I’m open to ideas or things we may have missed.