Migration to Descope

Migrating to Descope from another authentication provider or custom setup is a structured process, designed to allow you to retain security, functionality, and ease of use. This guide covers migration options, supported third-party services, and password migration methods. Follow these steps to ensure a seamless transition to Descope.

Migration Approaches

There are two primary ways to migrate users and data to Descope, depending on your current setup and requirements:

• Full Migration: Transition entirely from your current provider to Descope, moving all user data and roles without needing to sync back.
• Hybrid Migration: Keep your current provider but integrate Descope as your primary authentication service, maintaining sync between both systems. This approach can provide a smooth transition while gradually introducing Descope to your setup.

Each of these migration options is discussed in detail within our individual guides.

Supported Protocols

Descope supports various hashing protocols to ensure smooth migration of passwords and minimal disruption for users. These protocols include:

1. Bcrypt
2. Django
3. Firebase
4. PBKDF2
5. PHPass
6. MD5 (for legacy compatibility)

For custom password hashes, explore how Descope’s User Management API can handle additional data types and protocols.

Migration Steps

1. Prepare User Data

• Export data, ensuring you have all necessary fields such as unique identifiers (Login IDs), emails, names, and passwords.
• Verify data accessibility to ensure smooth import using Descope's User Management API.

2. Create Users in Descope

• Use Descope’s Create User API or Batch Create User API to import your user data. This will create user records in Descope, including role assignments, attributes, and organization mappings as needed.

3. Import Passwords

• Descope supports various hashing algorithms, so users can log in with their existing passwords without needing a reset. For unsupported formats, consider a password reset flow or handle it via API updates.

4. Handle Social Logins and External Identity Providers

• For accounts with social logins (e.g., Google, Facebook), the migration will handle login IDs. Descope will link these IDs without needing further imports.

Schedule Your Migration

Plan the migration during off-peak hours to minimize disruptions. For active user bases, you may consider disabling new signups temporarily or implementing real-time syncing for any new signups that occur during the migration.