Matej Mijoski
Matej Mijoski11mo ago

How to migrate user passwords from Django to Zitadel?

I am trying to migrate my users from my Django app to Zitadel and while I've set everything up, the only problem I'm having now is the passwords. In Django, the passwords are hashed with PBKDF2_SHA256 and they're not in MCF. I've tried to change them to this, and even though Zitadel accepts them in this case, logging in does not work. Is there something I'm missing?
6 Replies
Raccine
Raccine11mo ago
Hey @Matej Mijoski! :gigipixel: Here's a great starting point in our docs for migrating users (and user passwords!): https://zitadel.com/docs/guides/migrate/users#passwords Let me know if this helps or if you'd like me to loop in an engineer to provide more specific support for your Django migration!
ZITADEL Docs
Migrating users from an existing system, while minimizing impact on said users, can be a challenging task.
Matej Mijoski
Matej MijoskiOP11mo ago
Hi @Raccine, I'm using the V2 API to import the users and am setting it like this: 
"hashedPassword": {"hash": "password in MCF here", "changeRequired": False}
"hashedPassword": {"hash": "password in MCF here", "changeRequired": False}
but when I try to log in with the password, it says it's invalid. An example Django password is pbkdf2_sha256$320000$93HpAHYglkBHL0RyBZRLSa$h+dg0XTuC88vXFRplEjAIIgJTs2IM0pjEtKazsOdnpc= and I'm changing it to $pbkdf2-sha256$320000$93HpAHYglkBHL0RyBZRLSa$h+dg0XTuC88vXFRplEjAIIgJTs2IM0pjEtKazsOdnpc= so that it fits the MCF but it still doesn't work.
Raccine
Raccine11mo ago
Hey @Matej Mijoski! It looks like we don't currently support django encrypted passwords - This is actually an issue we currently have open in Github: https://github.com/zitadel/passwap/issues/45
GitHub
Support django pbkdf2 · Issue #45 · zitadel/passwap
Currently passwap does not support Django pbkdf2 hashes. Example: pbkdf2_sha256$100000$eWZncb8EO0lM$HddIrL/Yuvg91JrroQWqLk4kIJRzD25olN2+0UM8MoQ= Issue: zitadel/passwap does not support the Django f...
Matej Mijoski
Matej MijoskiOP11mo ago
I left a comment on the issue but since I'm a bit in a hurry, I'll ask here as well - I've adjusted the password to fit to MCF and also replaced all + with . but it still doesn't work. Can you please let me know what else needs to be done so that I can do the password changes before migrating?
Raccine
Raccine11mo ago
Hey there! It looks like you received a response on Github, were you able to check that out? :gigipixel:
Matej Mijoski
Matej MijoskiOP11mo ago
Yes, thanks!

Did you find this page helpful?