As with most things in Stormpath, you’ll use the API to import pre-existing users. There are four approaches depending on how you store passwords today:
- If you stored passwords in plaintext, you can use the Stormpath API to import them directly. Stormpath will create the Accounts and secure their passwords automatically (within our system). Make sure that your Stormpath Directory is configured to *not* send Account Verification emails before beginning import.
- If your password hashing algorithm follows a format Stormpath supports, you can use the API to import Accounts directly. Available formats and instructions are available here.
- If you hashed passwords in a format Stormpath does not support, you can still use the API to create the Accounts, but you will need to issue a password reset afterwards. Otherwise, your users won’t be able to use their passwords to login.
- If your users are currently on an Active Directory or LDAP Directory server, we have a pre-built integration. In this case, your user base is mirrored into Stormpath. More information on this integration is available here.
In all cases, we have scripts and samples available to make this process straightforward and quick. We can also import unsupported hash formats as part of professional services - just let us know you’re interested at firstname.lastname@example.org.