← 返回 Skills 市场
auth0

Auth0 Migration

作者 Auth0 · GitHub ↗ · v1.0.0 · MIT-0
darwinlinux ⚠ suspicious
68
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install auth0-migration
功能描述
Use when migrating or switching from an existing auth provider (Firebase, Cognito, Supabase, Clerk, custom auth) to Auth0 - covers bulk user import, gradual...
使用说明 (SKILL.md)

Auth0 Migration Guide

Migrate users and authentication flows from existing auth providers to Auth0.

Overview

When to Use This Skill

  • Migrating from another auth provider to Auth0
  • Bulk importing existing users
  • Gradually transitioning active user bases
  • Updating JWT validation in APIs

When NOT to Use

  • Starting fresh with Auth0 - Use auth0-quickstart for new projects without existing users
  • Already using Auth0 - This is for migrating TO Auth0, not between Auth0 tenants
  • Only adding MFA or features - Use feature-specific skills if just adding capabilities

Migration Approaches

  • Bulk Migration: One-time user import (recommended for small/inactive bases)
  • Gradual Migration: Lazy migration over time (recommended for large active bases)
  • Hybrid: Import inactive users, lazy-migrate active users

Step 0: Detect Existing Auth Provider

Check if the project already has authentication:

Search for common auth-related patterns in the codebase:

Pattern Indicates
signInWithEmailAndPassword, onAuthStateChanged Firebase Auth
useUser, useSession, isSignedIn Existing auth hooks
passport.authenticate, LocalStrategy Passport.js
authorize, getAccessToken, oauth OAuth/OIDC
JWT, jwt.verify, jsonwebtoken Token-based auth
/api/auth/, /login, /callback Auth routes

If existing auth detected, ask:

I detected existing authentication in your project. Are you:

  1. Migrating to Auth0 (replace existing auth)
  2. Adding Auth0 alongside (keep both temporarily)
  3. Starting fresh (remove old auth, new Auth0 setup)

Migration Workflow

Step 1: Export Existing Users

Export users from your current provider. See User Import Guide for detailed instructions:

Required data per user:

  • Email address
  • Email verified status
  • Password hash (if available)
  • User metadata/profile data
  • Creation timestamp

Step 2: Import Users to Auth0

Import users via Dashboard, CLI, or Management API.

Quick start:

# Via Auth0 CLI
auth0 api post "jobs/users-imports" \
  --data "connection_id=con_ABC123" \
  --data "[email protected]"

For detailed instructions:

Step 3: Migrate Application Code

Update your application code to use Auth0 SDKs.

See Code Migration Patterns for detailed before/after examples:

Frontend:

Backend:

Provider-Specific:

After migrating code, use framework-specific skills:

  • auth0-react for React applications
  • auth0-nextjs for Next.js applications
  • auth0-vue for Vue.js applications
  • auth0-angular for Angular applications
  • auth0-express for Express.js applications
  • auth0-react-native for React Native/Expo applications

Step 4: Update API JWT Validation

If your API validates JWTs, update to validate Auth0 tokens.

Key differences:

  • Algorithm: HS256 (symmetric) → RS256 (asymmetric)
  • Issuer: Custom → https://YOUR_TENANT.auth0.com/
  • JWKS URL: https://YOUR_TENANT.auth0.com/.well-known/jwks.json

See JWT Validation Examples for:

  • Node.js / Express implementation
  • Python / Flask implementation
  • Key differences and migration checklist

Gradual Migration Strategy

For production applications with active users, use a phased approach:

Phase 1: Parallel Auth

Support both Auth0 and legacy provider simultaneously:

// Support both providers during migration
const getUser = async () => {
  // Try Auth0 first
  const auth0User = await getAuth0User();
  if (auth0User) return auth0User;

  // Fall back to legacy provider
  return await getLegacyUser();
};

Phase 2: New Users on Auth0

  • All new signups go to Auth0
  • Existing users continue on legacy provider
  • Migrate users on next login (lazy migration)

Phase 3: Forced Migration

  • Prompt remaining users to "update account"
  • Send password reset emails via Auth0
  • Set deadline for legacy system shutdown

Phase 4: Cleanup

  • Remove legacy auth code
  • Archive user export for compliance
  • Update documentation

Common Migration Issues

Issue Solution
Password hashes incompatible Use Auth0 custom DB connection with lazy migration
Social logins don't link Configure same social connection, users auto-link by email
Custom claims missing Add claims via Auth0 Actions
Token format different Update API to validate RS256 JWTs with Auth0 issuer
Session persistence Auth0 uses rotating refresh tokens; update token storage
Users must re-login Expected for redirect-based auth; communicate to users

Reference Documentation

User Import

Complete guide to exporting and importing users:

Code Migration

Before/after examples for all major frameworks:

Related Skills

Core Integration

  • auth0-quickstart - Initial Auth0 setup after migration

SDK Skills

  • auth0-react - React SPA integration
  • auth0-nextjs - Next.js integration
  • auth0-vue - Vue.js integration
  • auth0-angular - Angular integration
  • auth0-express - Express.js integration
  • auth0-react-native - React Native/Expo integration

References

安全使用建议
This looks like a legitimate Auth0 migration guide, but it omits explicit declaration of the credentials and environment variables it expects. Before installing or running it: 1) Confirm you will provide Auth0 management credentials (or a Management API token) and source-provider credentials (database connection string, AWS/Firebase credentials) — give the minimum-scoped, short-lived tokens possible. 2) Test on a non-production/test Auth0 tenant and with a small user batch first. 3) Review the reference files locally to ensure commands target only your intended providers and that no unexpected endpoints are used. 4) Verify the brew auth0 package comes from the official tap and that you trust the skill's source (homepage points to an Auth0 repo; confirm authenticity). 5) Back up user data before any bulk imports and follow privacy/legal requirements for exporting/importing user data. If you want a safer install, ask the skill author to declare required environment variables and recommended scopes for tokens, and to explicitly document which credentials are needed for each export/import step.
功能分析
Type: OpenClaw Skill Name: auth0-migration Version: 1.0.0 The auth0-migration skill bundle is a legitimate tool designed to assist in migrating authentication providers to Auth0. It contains comprehensive documentation, code patterns for various frameworks (React, Next.js, Express), and detailed guides for exporting/importing user data from providers like Firebase, Cognito, and Supabase (found in SKILL.md and references/). While the skill handles sensitive operations such as processing password hashes and using the Auth0 CLI, all instructions and scripts are strictly aligned with the stated purpose and utilize official Auth0 endpoints and tools. No evidence of malicious intent, data exfiltration to third parties, or prompt injection was found.
能力标签
requires-oauth-tokenrequires-sensitive-credentials
能力评估
Purpose & Capability
The name, description, and instructions align: this is a migration guide that uses the Auth0 CLI to import users and update code. Requiring the auth0 CLI (brew package) is appropriate. However, the SKILL.md and reference files include examples that require Auth0 management credentials and source-provider credentials (e.g., AUTH0_DOMAIN, AUTH0_CLIENT_ID, AUTH0_CLIENT_SECRET, DATABASE_URL, AWS credentials, Firebase CLI auth), yet the skill's metadata declares no required environment variables or primary credential — an inconsistency.
Instruction Scope
The runtime instructions and reference docs instruct running auth0 CLI commands, provider export commands (firebase auth:export, aws cognito list-users, psql with $DATABASE_URL), and Management API calls. Those actions legitimately need local files and credentials, but the SKILL.md does not enumerate or require those credentials. The instructions do not attempt to exfiltrate data to any unexpected external endpoint — they target provider CLIs and Auth0 endpoints — but they implicitly rely on sensitive secrets and local data access that are not declared.
Install Mechanism
Install spec uses a Homebrew formula (auth0/auth0-cli/auth0) to provide the auth0 binary. This is a typical, low-risk installation method pointing to an identifiable tap/package rather than an arbitrary download.
Credentials
The skill declares no required environment variables or primary credential, yet example code explicitly references AUTH0_DOMAIN, AUTH0_CLIENT_ID, AUTH0_CLIENT_SECRET, process.env.DATABASE_URL, and provider-specific auth (AWS CLI, Firebase CLI). Migration legitimately requires those secrets, so omission is disproportionate and confusing — the skill should declare them (and suggest least-privilege scopes).
Persistence & Privilege
The skill is not forced-always (always: false) and is user-invocable. disable-model-invocation is false (agent can invoke it autonomously), which is normal for skills. No skill-level persistence or modifications to other skills or system-wide configs are requested.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install auth0-migration
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /auth0-migration 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of the auth0-migration skill. - Provides step-by-step guidance for migrating from various auth providers (Firebase, Cognito, Supabase, Clerk, custom) to Auth0. - Covers both bulk and gradual (lazy) migration strategies, including hybrid approaches. - Includes instructions on exporting users, importing to Auth0, and updating application code. - Details JWT validation updates needed for APIs switching to Auth0. - Lists common migration issues and solutions. - Offers references and code migration patterns for major frontend and backend frameworks.
元数据
Slug auth0-migration
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Auth0 Migration 是什么?

Use when migrating or switching from an existing auth provider (Firebase, Cognito, Supabase, Clerk, custom auth) to Auth0 - covers bulk user import, gradual... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 68 次。

如何安装 Auth0 Migration?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install auth0-migration」即可一键安装,无需额外配置。

Auth0 Migration 是免费的吗?

是的,Auth0 Migration 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Auth0 Migration 支持哪些平台?

Auth0 Migration 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(darwin, linux)。

谁开发了 Auth0 Migration?

由 Auth0(@auth0)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论