JasonA.30559 (Customer) asked a question.
We are considering ways of migrating users from several applications into Okta. The hashing scheme used by those applications is not compatible with Okta for direct import, so the password-import inline hook came up as a good alternative. When I started to actually implement things though I quickly realized that there can currently be only one such hook in the entire system. That means we are only able to migrate one application by that method ever (or at least until we're certain enough users went through the process that we could switch it.) Are there any plans to address this limitation, perhaps by linking created users to specific password-import hooks? Or any other suggestions to work around the problem?
Hello Jason,
Based on my research the limit of one is intentional and is very unlikely to ever change. The type of issue you are having has had discussion: In a CIAM consolidation effort what if there are multiple different password repositories? A possible solution has been discussed but based on what I can find has not been implemented at this time. Essentially, "if" the application context were part of the payload it could be utilized to determine which repository needs to be accessed.