Migrate from other authentication providers to Clerk.
Use when migrating from Auth0, Firebase, Supabase Auth, NextAuth,
or custom authentication solutions.
Trigger with phrases like "migrate to clerk", "clerk migration",
"switch to clerk", "auth0 to clerk", "firebase auth to clerk".
Comprehensive guide to migrating from Auth0, Firebase Auth, Supabase Auth, or NextAuth to Clerk. Covers user data export, bulk import, parallel running, and phased migration.
Prerequisites
Current auth provider access with admin/export permissions
// lib/auth-bridge.ts — run both auth systems during transition
import { auth as clerkAuth } from '@clerk/nextjs/server'
export async function getAuthUser() {
// Try Clerk first (new system)
const { userId: clerkUserId } = await clerkAuth()
if (clerkUserId) {
return { provider: 'clerk', userId: clerkUserId }
}
// Fall back to legacy system during migration window
// const legacySession = await getLegacySession()
// if (legacySession) return { provider: 'legacy', userId: legacySession.userId }
return null
}
Step 6: Cleanup After Migration
# After migration is verified (2+ weeks in production):
npm uninstall next-auth @auth0/nextjs-auth0 # Remove old auth packages
# Delete old auth files: pages/api/auth/[...nextauth].ts, lib/auth.ts
# Remove legacy database columns after confirming all users migrated
Output
User export from current auth provider (Auth0, NextAuth, Firebase)
Bulk import script with rate limiting and error handling
Database reference mapping (old auth IDs to Clerk IDs)
Code migration examples (NextAuth to Clerk)
Parallel running bridge for safe transition
Cleanup checklist for removing old auth code
Error Handling
Error
Cause
Solution
Duplicate email on import
User already exists in Clerk
Skip (status: 'exists') or merge
Invalid email format
Dirty data from export
Clean/validate before import
Rate limited during import
Too many API calls
Add 100ms delay between creates
Password can't be migrated
Passwords are hashed
Use skipPasswordRequirement, user sets new password
OAuth accounts
Social login tokens non-transferable
Users re-link OAuth accounts on first Clerk sign-in