MySQL User Migration with bcrypt hashing

Hi All,

There are around 50K users in MySQL db with bcrypt password in my existing application, We are validating Keycloak to use as a centralize Identity Management platform?

I followed leroyguillaume/keycloak-bcrypt: Add BCrypt password provider in Keycloak ( to add bcrypt support in Keycloak, but It doesn’t support existing bcrypt password to authenticate the user.

Kindly, Suggest what’s the best practice to use existing users email/password(bcrypt) to authenticate though Keycloak?


The link you mentioned is just a hashing provider for Keycloak, so that Keycloak is basically able to do bcrypt hashing.
For your existing user datasource, you‘ll have to implement a user storage SPI to lookup/handle the users accordingly. In this SPI you can also implement the password verification with the bcrypt hashing provider and how to create the hash. Therefore, you need some metadata additionally (iteration count, etc. i think it is named differently at bcrypt, but similar to this).

Thanks dasniko your your prompt response.

As suggested, will go with user storage SPI implementation.