authorizer icon indicating copy to clipboard operation
authorizer copied to clipboard
verified publisher icon authorizerdev

Control the hashing/encryption algorithm of the password

Open yescine opened this issue 2 years ago • 2 comments

Feature Description When sign-up or import users from external apps/system/DB the password already hashed with some hashing algorithm like bcrypt

Describe the solution you'd like The possibilities to override the default hashing algorithm when adding users, ex: {"encryptionScheme":"bcrypt"} https://fusionauth.io/docs/v1/tech/apis/users#import-users

Describe alternatives you've considered null

Additional context I have existing application which I would use Authorizer as users and identities management microservices

yescine avatar Aug 25 '23 13:08 yescine

Good idea, Right now we are using bcrypt only, but later when we add support for more algos may be this will be more helpful

lakhansamani avatar Aug 26 '23 08:08 lakhansamani

@lakhansamani right now the only way to add user is through graphQL signup mutation this only work if Authorizer is setup in new empty app, My current app also use bcrypt, I didn' t find any other graphQL endpoint to bypass the bcrypt encryption (brute force insert data in DB is not really an option !)

yescine avatar Aug 26 '23 14:08 yescine