auth0-migration
por auth0
Úsalo al migrar o cambiar de un proveedor de autenticación existente (Firebase, Cognito, Supabase, Clerk, autenticación personalizada) a Auth0: cubre importación masiva de usuarios, gradual…
npx skills add https://github.com/auth0/agent-skills --skill auth0-migrationAuth0 Migration Guide
Migrate users and authentication flows from existing auth providers to Auth0.
Overview
When to Use This Skill
- Migrating from another auth provider to Auth0
- Bulk importing existing users
- Gradually transitioning active user bases
- Updating JWT validation in APIs
When NOT to Use
- Starting fresh with Auth0 - Use
auth0-quickstartfor new projects without existing users - Already using Auth0 - This is for migrating TO Auth0, not between Auth0 tenants
- Only adding MFA or features - Use feature-specific skills if just adding capabilities
Migration Approaches
- Bulk Migration: One-time user import (recommended for small/inactive bases)
- Gradual Migration: Lazy migration over time (recommended for large active bases)
- Hybrid: Import inactive users, lazy-migrate active users
Step 0: Detect Existing Auth Provider
Check if the project already has authentication:
Search for common auth-related patterns in the codebase:
| Pattern | Indicates |
|---|---|
signInWithEmailAndPassword, onAuthStateChanged | Firebase Auth |
useUser, useSession, isSignedIn | Existing auth hooks |
passport.authenticate, LocalStrategy | Passport.js |
authorize, getAccessToken, oauth | OAuth/OIDC |
JWT, jwt.verify, jsonwebtoken | Token-based auth |
/api/auth/, /login, /callback | Auth routes |
If existing auth detected, ask:
I detected existing authentication in your project. Are you:
- Migrating to Auth0 (replace existing auth)
- Adding Auth0 alongside (keep both temporarily)
- Starting fresh (remove old auth, new Auth0 setup)
Migration Workflow
Step 1: Export Existing Users
Export users from your current provider. See User Import Guide for detailed instructions:
- Exporting from Firebase
- Exporting from AWS Cognito
- Exporting from Supabase
- Exporting from Custom Database
Required data per user:
- Email address
- Email verified status
- Password hash (if available)
- User metadata/profile data
- Creation timestamp
Step 2: Import Users to Auth0
Import users via Dashboard, CLI, or Management API.
Quick start:
# Via Auth0 CLI
auth0 api post "jobs/users-imports" \
--data "connection_id=con_ABC123" \
--data "[email protected]"
For detailed instructions:
- User JSON Format
- Password Hash Algorithms
- Import Methods
- Monitoring Import Progress
- Common Import Errors
Step 3: Migrate Application Code
Update your application code to use Auth0 SDKs.
See Code Migration Patterns for detailed before/after examples:
Frontend:
Backend:
Provider-Specific:
After migrating code, use framework-specific skills:
auth0-reactfor React applicationsauth0-nextjsfor Next.js applicationsauth0-vuefor Vue.js applicationsauth0-angularfor Angular applicationsauth0-expressfor Express.js applicationsauth0-react-nativefor React Native/Expo applications
Step 4: Update API JWT Validation
If your API validates JWTs, update to validate Auth0 tokens.
Key differences:
- Algorithm: HS256 (symmetric) → RS256 (asymmetric)
- Issuer: Custom →
https://YOUR_TENANT.auth0.com/ - JWKS URL:
https://YOUR_TENANT.auth0.com/.well-known/jwks.json
See JWT Validation Examples for:
- Node.js / Express implementation
- Python / Flask implementation
- Key differences and migration checklist
Gradual Migration Strategy
For production applications with active users, use a phased approach:
Phase 1: Parallel Auth
Support both Auth0 and legacy provider simultaneously:
// Support both providers during migration
const getUser = async () => {
// Try Auth0 first
const auth0User = await getAuth0User();
if (auth0User) return auth0User;
// Fall back to legacy provider
return await getLegacyUser();
};
Phase 2: New Users on Auth0
- All new signups go to Auth0
- Existing users continue on legacy provider
- Migrate users on next login (lazy migration)
Phase 3: Forced Migration
- Prompt remaining users to "update account"
- Send password reset emails via Auth0
- Set deadline for legacy system shutdown
Phase 4: Cleanup
- Remove legacy auth code
- Archive user export for compliance
- Update documentation
Common Migration Issues
| Issue | Solution |
|---|---|
| Password hashes incompatible | Use Auth0 custom DB connection with lazy migration |
| Social logins don't link | Configure same social connection, users auto-link by email |
| Custom claims missing | Add claims via Auth0 Actions |
| Token format different | Update API to validate RS256 JWTs with Auth0 issuer |
| Session persistence | Auth0 uses rotating refresh tokens; update token storage |
| Users must re-login | Expected for redirect-based auth; communicate to users |
Reference Documentation
User Import
Complete guide to exporting and importing users:
- Exporting from Common Providers
- User JSON Format
- Password Hash Algorithms
- Import Methods
- Monitoring & Troubleshooting
Code Migration
Before/after examples for all major frameworks:
- React Patterns
- Next.js Patterns
- Express Patterns
- Vue.js Patterns
- Angular Patterns
- React Native Patterns
- API JWT Validation
Related Skills
Core Integration
auth0-quickstart- Initial Auth0 setup after migration
SDK Skills
auth0-react- React SPA integrationauth0-nextjs- Next.js integrationauth0-vue- Vue.js integrationauth0-angular- Angular integrationauth0-express- Express.js integrationauth0-react-native- React Native/Expo integration
References
Más skills de auth0
acul-screen-generator
auth0
Genera implementaciones completas y con marca de pantallas de Auth0 Advanced Custom Universal Login (ACUL) utilizando el SDK de React o Vanilla JS. Úsalo cuando un desarrollador solicite…
official
auth0-android
auth0
Úsalo al agregar autenticación a aplicaciones Android (Kotlin/Java) con Web Auth, credenciales protegidas biométricamente y MFA - integra…
official
auth0-angular
auth0
Úsalo al agregar autenticación a aplicaciones Angular con guardias de ruta e interceptores HTTP - integra el SDK @auth0/auth0-angular para SPAs
official
auth0-aspnetcore-api
auth0
Úsese al asegurar endpoints de API web ASP.NET Core con validación de token JWT Bearer, verificaciones de ámbito/permiso o autenticación sin estado - se integra…
official
auth0-cli
auth0
Referencia para comandos de la CLI de Auth0 — apps, apis, users, roles, organizations, actions, logs, custom domains, universal-login, terraform, modo API raw y --json…
official
auth0-expo
auth0
Úsalo al agregar autenticación a aplicaciones móviles Expo (React Native) — inicio de sesión, cierre de sesión, sesiones de usuario, rutas protegidas, biometría o gestión de tokens. Se integra…
official
auth0-express
auth0
Úsalo al agregar autenticación (inicio de sesión, cierre de sesión, rutas protegidas) a aplicaciones web Express.js: integra express-openid-connect para autenticación basada en sesiones.
official
auth0-fastapi-api
auth0
Úsalo al proteger endpoints de API FastAPI con validación de token JWT Bearer, verificaciones de alcance/permiso o autenticación sin estado: integra auth0-fastapi-api para REST…
official