Password encryption scheme data?
-
Is it possible to see what password encryption scheme a user was imported with? Having some issues logging in after a bulk import. (Used this API to import the users: https://fusionauth.io/docs/v1/tech/apis/users#import-users .)
-
Not really. We remove that value from the user on an API response, so there's no way to retrieve it.
-
We could review this decision, perhaps it makes sense to leave this information in the API response.
In the event of a database breach, the attacker would have all of the necessary information, but in the API response we initially thought it better not to leak any information about how this user's password may be hashed and stored.
-
Added a GH issue to track if we want to modify our API.
https://github.com/FusionAuth/fusionauth-issues/issues/955 -
This data is exposed in version 1.20.1.
