Migrating Password Hash - UTF-16

I would like to create users with an imported password hash. Currently I have password hashes which were created from the UTF-16 (little endian) encoding of the password:

SHA-1(salt + [UTF-16 encoding of password])

From what I understand, Okta’s APIs use UTF-8 character sets, so it’s likely the hash Okta creates from the user-provided password would not match the database hash.

Is it possible to migrate these passwords to Okta using the password hash import?

I attempted to provide UTF-16-‘like’ data in the JSON for /api/v1/authn, but Okta rejects this (example below)

{
“username”: “sha1-2”,
“password”: “\u0074\u0000\u0065\u0000\u0073\u0000\u0074\u0000”
}

According to this doc,
Okta accepts base64-encoded hash of the password (and salt, if used).

Hi there,

Yes, that is the API I want to use to create the user. However, the challenge is that the hash of the password is dependent on the byte-wise representation of the password, which changes depending on the encoding:

The bytes of the password ‘test’ in UTF-16LE: 74 00 65 00 73 00 74 00
SHA-1 hash: qUqP5cyxm6YcTAhz05Hph5gvu9M=

The bytes of the password ‘test’ in UTF-8: 74 65 73 74
SHA-1 hash: h/jtkVcSX/xNqeBqe4ARrYClP+E=

So the encoding with which Okta interprets a user supplied password impacts whether the password will be accepted. If I import the hash qUqP5cyxm6YcTAhz05Hph5gvu9M= from my legacy system, but Okta generates h/jtkVcSX/xNqeBqe4ARrYClP+E= when the user tries to log in, they won’t be able to sign in.