FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login

    Importing users and password validation constraints?

    Scheduled Pinned Locked Moved
    Q&A
    1
    2
    333
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • danD
      dan
      last edited by

      If a user's password doesn't meet the validation constraints set in a particular tenant, what happens if they are imported via the bulk import api and try to login?

      --
      FusionAuth - Auth for devs, built by devs.
      https://fusionauth.io

      1 Reply Last reply Reply Quote 0
      • danD
        dan
        last edited by

        In an ideal import scenario, we only have the password hash. This means we can’t validate it during import because we don’t know what the plain text version of the password is.

        At login time, you have an option to re-validate the password to see if it meets the current validation rules. If you enable this rule, then the user will be forced to change their password.

        If you don’t enable this rule, nothing will happen and they can continue to use this password. The next time they attempt to change their password, it will be validated against the current validation rules.

        In Tenants > Edit > Password > Password settings you’ll see "Re-validate on login". This toggle will force user’s to change their password during login if it does not meet the validation settings.

        --
        FusionAuth - Auth for devs, built by devs.
        https://fusionauth.io

        1 Reply Last reply Reply Quote 0
        • First post
          Last post