Scrypt hash required for Firebase is not the Scrypt hash Auth0 has implemented

This has been asked in the community previously and erroneously assumed that Auth0 since now supports Scrypt algorithm - Firebase users can be seamlessly imported without requiring password changes.

Support for scrypt hash algorithm when importing users?

However, that is not the case Firebase uses a modified version of Scrypt

So seamless import in this manner is not possible. A possible solution is to use custom database and write your own Scrypt hash matching using now open sourced Firebase Scrypt library.

Did you happen to find a solution to this? I’m running into the same problems and not sure the best way around this.

Yes there is a solution. The solution is to do this:

  1. Export out all the Firebase user password hash and salt from the database.
  2. Then use Firebase Scrypt algorithm in the get_user script to validate (Firebase has open sourced the scrypt algo) firebase-scrypt - npm

And if the user successfully logins using the database connection they will get imported and become Auth0 users (Migration will look seamless)

1 Like

Appreciate the response on this. This would only work for a “Drip” migration as the users login but not for a “Bulk” migration, correct?

That is correct. And that is your best bet as of now. There is no straight forward way unless Auth0 team moved in and creates a bulk mapping of email / salt / hash and then bakes in Firebase Scrypt. This may run afoul regulations also. Who knows?

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.