This document is intended to give you a high-level understanding of the steps required to migrate an application from Stormpath to Okta. For more information, see the Stormpath-Okta Customer FAQ.
- Read the changelog for information on breaking changes.
-
Create a test user in your existing system with a known password.
-
Export your Stormpath data.
-
Sign up for a new developer Okta organization, even if you already have an Okta organization. Signing up through this link will provision an Okta organization with features most similar to Stormpath.
- Note: new Okta organizations are assigned URLs in the format
dev-12345.oktapreview.com
. These tenants are production-ready and similar to Stormpath tenants onapi.stormpath.com
. If your infrastructure was on the Stormpath Enterprise tier instead, let us know!
- Note: new Okta organizations are assigned URLs in the format
-
Import your Stormpath data into Okta using the import tool.
-
Upgrade the version of
Stormpath.AspNet
,Stormpath.AspNetCore
, orStormpath.Owin
in your project to 4.0.0 or greater. -
Remove any references to
Stormpath.SDK
or theIClient
interface. The Stormpath .NET SDK has been deprecated. Any code that was using the SDK will need to be refactored to use the Okta .NET SDK or Okta REST API. If you need help, let us know at [email protected]. -
Update your application configuration:
-
You must provide these new configuration properties:
org
(your Okta org URL, likehttps://dev-123456.oktapreview.com
),apiToken
(an Okta API token),application.id
(the Okta application ID, which can be found in the URL of the Admin UI when editing the Application:/admin/app/oidc_client/instance/<appid>
)
-
If you were using
STORMPATH_*
environment variables to set any configuration properties, you'll need to update them toOKTA_*
. -
Most of the remaining configuration can be left untouched. See the configuration breaking changes.
-
A minimal example configuration looks like:
Configuration = new StormpathConfiguration { Org = "https://dev-123456.oktapreview.com/", ApiToken = "my-api-token", Application = new OktaApplicationConfiguration() { Id = "abcd1234" } }
-
-
(Optional) If you used the Password Reset workflow in Stormpath, update the Okta Password Reset email template. You can copy the current template from the Stormpath Admin Console, and paste it into the Okta template found at Settings > Email & SMS > Forgot Password.
You'll want to use the ${recoveryToken}
variable to create a link that points the user to the change password endpoint on your application, for example: http://localhost:3000/change?sptoken=${recoveryToken}
. If the validator complains about ${resetPasswordLink}
being missing, place it in an HTML comment: <!-- ${resetPasswordLink} -->
Also, read the note on password reset in the changelog.
-
(Optional) If you used the Email Verification workflow in Stormpath, you'll need to use the
SendVerificationEmailHandler
in this library, plus an email service like SendGrid, to send your own verification email. -
Run your application with your configuration pointed to the new Okta organization that contains your imported data, and try logging in with the test user you created in step 1.
If you run into problems, please let us know at [email protected]. We'll be continually updating this library (and document) as needed to help make the migration process as smooth as possible.