4ks3n (4ks3n) asked a question.
Migrating users from Okta to Keycloak without changing passwords
Hello,
I am currently exploring a possibility of exporting users from Okta Indentity to Keycloak without the need of requiring their passwords to be changed. So far I have found that it is theoretically possible, but I would have to know how to export users in a format which would be accepted by Keycloak. Then if I had a file in such format I would be able to import this file to Keycloak using Keycloak API. Lastly I would have to synchronise passwords between the two platforms which can be done using User Federation.
Can anyone confirm if what I described above would work? Also does anyone know how to export users from Okta in a format acceptable by Keycloak?
Thanks for all the help in advance!
Hi @4ks3n (4ks3n) , Thank you for reaching out to the Okta Community!
There are various ways of exporting the users
https://support.okta.com/help/s/question/0D51Y000088RCO6SAO/export-users?language=en_US
https://developer.okta.com/blog/2021/02/08/use-okta-like-a-rockstar
BUT
... As far as I know there is no out-of-the-box solution for credentials as it's a very sensitive area.
Importing users with password in Okta might be an option as mentioned the following article: https://developer.okta.com/blog/2020/09/18/password-hook-migration
Looking for the reverse scenario, I only found the following which may or may not be of any help depending on your resources and time:
https://developer.okta.com/blog/2021/03/05/ultimate-guide-to-password-hashing-in-okta
If my answer helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you.
Hope my answer helps!
--------------------------------
Community members help others by clicking Like or Select as Best on responses. Try it today.