I have an existing connection with existing users.
I have a need for a new migration of users, but cannot add a script to an existing connection with users.
I have a new connection with migration script working.
I require access to application via organisations for both existing users, and newly migrated users.
Any ideas on how to accomplish this?
If I add both connections to the organisation, the migration script will not run.
If I remove existing users connection, migration script runs on new connection, but existing users then wont have access.
Any help or ideas much appreciated.
Update: Thought: Would bulk export / import work between connections (push all current users to new connection)? would this handle passwords?
Could you make a quick test - mainly, once a user is created in Auth0 as a result of migration from your legacy db, could you assign the user via Auth0 dashboard to the desired organization and test if it will have the needed access?
For already existing users yet not added to any organization, you could call the Management API endpoint to send a maximum of 10 members per organization per request.
For new users I can think of adding a bit of code to your migration script, mainly, once a user is created in Auth0, call the Auth0 Management API to add user to a specific organization.
The users are already correctly in the organisation membership lists.
The problem is if an organisation has two connections (A and B). If connection B has a custom db script, the script will not run. If you remove the connection A, the script will run. (when the user logging in does not belong in connection A or B, but in the custom DB the migration script on connection B is hitting.). So migration works, but only if the organisation has connection B.
Expected behaviour. On authentication, connection A checked for user. Doesnt exist. Connection B checked for user, doesnt exist. Connection B has a custom script, so this is triggered, and user is migrated to connection B.
I researched the topic more and can see that, when there are more than 1 database connections enabled for the organization, there is a need to send the connection id with the /authorization request so that a user logs in with the context of a specific database connection. - Cannot Log In to Organization with Multiple Database Connections
You can give it a shot but AFAIK, when using Auth0 hosted login page, the user will be authenticated against the first enabled database connection (I checked that when I enable two database connections for the app, on the login page they are not reflected as separate connections).
Whenever more than one database connection is enabled for a given login transaction using the New Universal Login page, Auth0 needs the connection querystring parameter to be sent in the /authorize request to tell it which database connection to use to log in the user. Otherwise, it will default to the first enabled database connection.
To sum up, migration between connections you intended for the organization is the solution in this case. The Auth0 Support Team is already proceeding hashed passwords migration from one connection to the final connection for you so users doesn’t have to reset passwords once migrated.
