TrustBuilder supports automatic migration of users from an Other User Directory, such as an Active Directory, another IAM platform, a CRM system, a web server.. This practice is sometimes known as just-in-time migration, trickle migration or lazy migration. By activating this feature, your users are:
Moved to TrustBuilder the first time they log in after you set up the integration.
Not asked to reset their password as a result of the migration.
The following processes takes place. Note that password-based authenticated is used as the example. However, any authentication factor supported by TrustBuilder may be used instead or in addition.
Already migrated users
Already migrated users are authenticated against TrustBuilder. Note that users should no longer update their credentials in the custom database, but in TrustBuilder instead.
If the user has not yet been migrated, TrustBuilder executes your custom Workflow that connects to the Other User Directory to get the password validated. Upon successfully log in, adds the user to the TrustBuilder database. Password validation can be a dedicated API or can happen through the Resource Owner Credentials grant and basically logs in the user in the Other User Directory.
Subsequent logins result in the user's credentials retrieved from TrustBuilder, and no longer from your custom database.
New users are automatically added to the TrustBuilder database (and may be replicated to the custom database if needed).