Ah. I see. The issue is that you want the sha256 base64 hash, not the hex version, which is what the site you’re using provides. Try this one: https://approsto.com/sha-generator/ and use the SHA256 base64 hash value in your request.
Using your salt and password, I get:
TdLtPD2sUZ6gnRDUkvaQgqZcZttYBhoBqQGSI/pXqnU
I verified that I can log in as the user with Testing123!
Can OKTA migrate users with SHA-1 password?? I have tried the below code. The user gets added to OKTA, but I am unable to login using my password (Test$123!). When I have generated the hash using SHA-256 and used [“algorithm”] = “SHA-256”, I was able to login.
I’ve checked also on my end now and I was unable to authenticate successfully users using SHA-1 passwords. Can you please open a support case with us at support@okta.com in order to have this reviewed internally and sent to the engineering team?
I tried the same approach as Micah , it does work well for SHA-256 . However , if i try and use SHA-512 with the same SHA Generator to grab SHA-512 Encoded value… it does fail and doesnt let me login with Testing123! password.
Keeping the salt value same and Prefixing it. Basically only swap is SHA 512.
const crypto = require('crypto');
// text string to be hashed
const password = 'Test$123!';
// function to generate the SHA-1 hash
function sha1Hash(input) {
const sha1 = crypto.createHash('sha1');
sha1.update(input);
return sha1.digest('hex');
}
// generate the SHA-1 hash of the password
const hashedPassword = sha1Hash(password);
// convert SHA-1 hash to Buffer object
const buffer = Buffer.from(hashedPassword, 'hex');
// convert the Buffer object to a base64 encoded string
const base64Password = buffer.toString('base64');
// print the hashed password in base64 encoded format
console.log(base64Password);
Here is the code that works, in case someone is looking for it.