Migrate to Kinde from Auth0

This guide is designed to help you migrate from Auth0 to Kinde.

Switching between providers for any service can be daunting, and especially where user data is involved. We’ll walk you through the process or migrating, to take some of the pain away.

If you’ve got a lot of users (your export file is over 5MB) or are concerned about file size limits, you can contact us to ensure the import goes smoothly.

Still not sure about moving to Kinde?

Link to this section

If you want to compare Kinde with Auth0, this page has some useful information.

A key point to note is that Kinde is OAuth2/OIDC compatible, issuing similar tokens to Auth0. You only need to update the token claims when you migrate.

Step 1: Prepare your Kinde business for migration

Link to this section

If you haven’t already got a Kinde account, register for free here (no credit card required).

• Set up the authentication methods in Kinde. You can replicate the auth methods you currently use with Auth0, or set up new methods for users, e.g. passwordless.
• If your users sign in with passwords, be sure to enable password authentication.
• Create organizations in Kinde - only if you use this function to support multi-tenancy (for example, in a B2B structure) or if you manage separate user groups this way.
• Add roles and permissions in Kinde, if you intend to import these details with users.
• Review the Migrating other objects topic below.

Step 2: Get the Auth0 extension to export users

Link to this section

Auth0 doesn’t have an export option by default, so you’ll need to install an export extension.

1. Go to Auth0 Dashboard > Extensions, and select User Import / Export.
2. When prompted, select Install.

You’ll now see it in your list of installed extensions. The first time you launch it, you’ll be asked to grant permission for the extension to access your Auth0 account.

Step 3: Export user data from Auth0

Link to this section

File format guidelines:

• User details and passwords must be in NDJSON (Newline Delimited JSON) format
• Import file size limit is 5MB. You may need to split the file if the exported size exceeds this.

Supported auth methods

Link to this section

Kinde supports migrating the following authentication methods from Auth0: Usernames, Email, Phone, Google, Apple, Microsoft, Facebook, Github, Twitch, Bitbucket. If you need to migrate another authentication type from Auth0 please get in touch with support.

Can’t get the passwords from Auth0?

Link to this section

Some Auth0 plans don’t allow password exports, or you might not want to wait 2 weeks for the json file. If this is the case, import the user data you’re able to, and Kinde will ask users to set a new password the next time they sign in.

Export Auth0 data

Link to this section

1. Launch the extension by selecting Import / Export Extension.

2. Export your existing Auth0 users associated with database connections, select Export.

   

3. Select Add default fields and add the identities field to the import list. Identities data distinguishes the type of identity, e.g. username, phone, GitHub, Google, etc.

4. Change the Export Format to .json.

5. When you’re ready, click Export [X] Users. (X is the number of users you’re exporting).

6. Once the export is complete, select Download to get the file containing your user’s information. This is the main file you’ll need to migrate your users; the other file is the password hashes.

Step 4: Import user data into Kinde

Link to this section

1. In Kinde, go to Users, then select Import users.

2. Select Auth0.

   

3. You’ll be presented with 2 options:

   1. Import users only - import users first and passwords after. You can also use this method if you want to allow users to reset their password or sign in another way.
   2. Import passwords only - only choose this if you have already imported users.

4. Follow the on-screen prompts to import the data.

5. If there are any errors with the import, you will be able to view them afterwards.

6. Most import errors can be fixed by editing the json file and then re-importing into Kinde.

Once the password hashes have been imported, your users will be able to sign in to Kinde with their existing password.

How Auth0 user identities are treated on import

Link to this section

Social identities without an email can be imported, and are identified by the identity type. You can import users with multiple identities, these will be listed under the user’s profile.

After the migration

Link to this section

Communication to users after import

Link to this section

Kinde does not send any notifications or invitations to users when they are added to Kinde via import. The idea is that your users have a seamless experience that feels (almost) like it always has in your app.

Similarly, if you add users via API, Kinde does not send an email or notification to the user.

If you’ve made changes to their sign in experience — for example adding multi-factor authentication — then consider contacting your users to let them know their sign in experience will be changed.

Additional consequences of migration

Link to this section

Importing all your existing users and passwords following the above process should mean that your users won’t notice anything when they next sign in. This is the optimal experience. However:

• If a user changes their password after the user export and while the migration is in progress, they will need to reset their password to sign in.
• If you have set up a new authentication method as part of the user migration (for instance, going password-less) your users will be prompted to use the new method on sign in.
• If you add or remove roles or permissions, users may gain/lose access to parts of your system.

During and following the migration, we recommend checking for these issues.

There is no check for weak passwords

Link to this section

When you import passwords, Kinde does not check for password strength. You’ll want to enforce your own password policies for users.

Other objects you may want to bring from Auth0

Link to this section

If you have important objects that need to be migrated, such as organizations or roles outside the basic user information, you can import them, or add them via the Kinde management API.

Before you migrate, however, be aware that the functionality of these objects may differ between Auth0 and Kinde. Here’s some similarities and differences to note:

• Auth0 has the concept of Tenants which group other objects such as users and applications together. Kinde calls these Businesses and is set up to allow you to run multiple businesses with a single Kinde account.
• Both Kinde and Auth0 have Organizations to allow you to build multi-tenant applications. The main difference being that Kinde treats organizations as a first class citizen.
• Each business Kinde allows you to have multiple Environments and these contain organizations, users and applications.
• In Auth0, Applications are what your users can sign in to. They are also called Applications in Kinde and work in essentially the same way.
• In Auth0, Identity Providers are a source of data for users. Kinde calls these connections or authentication providers.
• In Auth0, Roles and Permissions provide information about what your users can do in your applications. Kinde also has Roles and Permissions and they are assigned on a per user, per organization basis, meaning the same user can have different permissions in different organizations. For the Auth0 equivalent of user-level roles/permissions, use the default organization.
• Kinde’s hosted sign-up pages are a very similar concept to Auth0’s Universal Login.

Help is here

Link to this section

We’ve tried to make onboarding to Kinde as easy as possible, because we know it’s a pain to break up with your old provider. We’re here to help and can assist with your migration.

Contact us via: Slack, Discord, Email, Chat

Book a call for:

• General or account questions
• Technical questions (we will make sure we have engineers on the call to help)
• Security and compliance questions