We are currently using md5 authentication for user login via sessions in one of our services and we would like to switch to using ory for authentication. It is posible to migrate existing users and passwords without the need to change user credentials and preserve the md5 hashed passwords?

Hello Thomas, yes we have recently added this feature: https://www.ory.sh/docs/guides/manage-identities/import-identity#importing-credentials You can even import social sign in connections This works in the managed Ory Cloud or when selfhosting Ory Kratos.

I think md5 is currently not implemented, but it would be good as a read-only option to allow importing

Hi @User Is there an open ticket where we can track the progress for adding md5 import support? Thanks!

The only mention of md5 I could find is in https://github.com/ory/kratos/issues/605 There, @User suggests we should not add legacy hashing algorithms However as the issue is already a bit older, we might want to reconsider this statement. An alternative solution I see is to allow external custom hashers implemented as an (HTTP) RPC So please open a new issue and we can discuss this there

Thank you @User I have created a new issue fyi https://github.com/ory/kratos/issues/2422

I really like the auth0 approach. But I would rather if the login script lived in an external API instead of an external database (it would be more abstract/generic)

When a user authenticates via a custom database connection marked for import to Auth0, the following process takes place:

Auth0 authenticates migrated users against the Auth0 database.
If the user has not been migrated, Auth0 executes your custom login script and, upon successfully log in, adds the user to the Auth0 database.
Subsequent logins result in the user's credentials retrieved from Auth0, NOT your custom database.
New users are automatically added to the Auth0 database.