Users Migration with Custom Database

dime_f · June 30, 2020, 2:38pm

Hi all,
We want to use our persistent Data Storage for the Username-Password-Authentication.

We have enabled the Use Custom DB toggle and created the Login, GetUser, Create scripts. Additionally we have a legacy database and we want to migrate all user accounts that will sign-in within 3 months period and for this connection we have created Login and GetUser scripts and enabled the Migrate UserAccounts toggle.

The Create script for the Username-Password-Authentication connection is using MongoDB template which store Profiles in our MongoDB. The script works just fine when we TRY IT and Register.

When we use Lazy migration from our legacy DB, on the first login we see the UserAccount persist in Auth0 Users collection but not in our DB.

Any idea how to create a copy of the Useraccounts in our DB ? and is it possible to detach Auth0 managed DB and works with our DB only ?

Thanks

sgo · July 13, 2020, 1:10pm

Hi @dime_f!

When in import mode and sign ups are still allowed, new users will not be created in your legacy database, they will only be created within Auth0’s database. The create script will never be called when the import mode is toggled on, this is for a legacy authentication Custom DB flow where Auth0 does not migrate the users.

To “detach” the MongoDB, you need to use the legacy authentication scenario by turning off “Import Users to Auth0” (i.e. all users are created and authenticated against your MongoDB and not migrated across) Authenticate with Your Own User Store

If you still wanted to migrate the users, and allow sign ups via Auth0 to show in your legacy database until you were ready to shut the legacy DB down, you would need to implement this via a rule.
This rule would need to first check if the user was logging in for the first time (for example by using the context.stats.loginsCount object), call your legacy DB to check if the user already existed there, and if not, create the user.
Care should be taken when calling any external services in rules that it handles failures gracefully, to avoid the whole authentication flow from failing. Please see here for some more help on writing rules: