Migrate from Auth0 to Faable Auth
Short answer: Migrating from Auth0 to Faable Auth is mostly a mapping exercise, because both are standards-based OAuth 2.0 / OpenID Connect identity servers. You recreate your Auth0 tenant as a Faable Account, your Applications as Clients, and your Connections (social, database, enterprise) one-to-one, then export your users from Auth0 and import them into Faable. Your app code changes only the issuer URL, client ID, and endpoints β the OAuth flows stay the same. The main reasons teams move are European data sovereignty (full GDPR), predictable MAU-based pricing, and bundling auth with Faable Deploy hosting in one subscription.
Concept mapping
| Auth0 | Faable Auth | Notes |
|---|---|---|
| Tenant | Account | Your isolated identity boundary, at https://<account>.auth.faable.link |
| Application | Client | SPA, native, regular web, or M2M |
| Connection (social/DB/enterprise) | Connection | database, social, passwordless, oidc categories |
| Organizations | Teams within an account | Multi-tenant by design |
| Actions / Rules / Hooks | Actions + Webhooks | Custom code in the login flow and async events |
| Management API | Management API | Called from your backend with client credentials |
| Universal Login | Universal Login | Hosted login screen, same concept |
| M2M Application | M2M Client (Client Credentials) | Service-to-service tokens |
Migration steps
- Create your Account. Sign up in the Faable DashboardΒ and note your issuer URL (
https://<account>.auth.faable.link, or a custom domain). - Recreate Connections. For each Auth0 connection, create the equivalent Faable Connection β reuse the same upstream OAuth client IDs/secrets for social providers so users keep the same accounts.
- Recreate Clients. For each Auth0 Application, create a Client of the matching type and copy over your Allowed Callback URLs, Logout URLs, and Web Origins.
- Port your custom logic. Translate Auth0 Actions/Rules into Faable Actions (in-flow) and Webhooks (async, e.g. sync to your CRM).
- Export and import users. Export your users from Auth0 (Management API or a bulk export job). Password hashes can be imported so users donβt need to reset; social-only users re-link automatically on first login through the same provider.
- Update your app. Point your SDK or OIDC client at the new issuer, client ID, and endpoints. With
@faable/auth-jsor a framework quickstart this is a few config values. - Cut over. Run both in parallel behind a feature flag if you want zero downtime, then flip traffic to Faable and decommission the Auth0 tenant.
Things that change (and things that donβt)
- No change: the OAuth 2.0 Authorization Code (+ PKCE) and Client Credentials flows, ID/Access token semantics, and your overall login UX.
- Changes: the issuer/domain, client IDs/secrets, and the Management API base URL and payloads (similar shape, not identical).
Related
- Faable Auth vs Auth0, Clerk & Keycloak
- Get Started with Faable Auth Β· Clients Β· Connections
- Authorization Code Flow
Last updated on
Last updated on