Skip to main content

Choose your migration strategy

When migrating user data, there are two main steps in the migration process; the first is a backfill, in which existing data is transferred from the old system to the new system, and the second is a cutover or "go-live event", in which users authenticate with the new system for the first time. There are three main migration strategies that consider these steps as well as when you turn-off your old system.

The three main migration strategies are:

  • Big bang - Migrate all users at once.
  • Stepped - Migrate your applications or user segments individually. This is the most common choice.
  • Graceful - Migrate when a user authenticates, running both solutions in parallel.

Each migration strategy has its strengths and challenges. Which migration strategy you choose depends on factors such as the complexity of your system, the number of users, and your organization's tolerance for risk and downtime.

info

While your choice of migration strategy is mostly influenced by user data, if you have a complex system or are risk adverse, you might choose your migration strategy based on its ability to breakdown the migration into a series of migrations. This lets you test your processes in production by migrating less critical, sets of users or applications first and learning lessons to improve the migration process.

Big bang migration

In a big bang migration, also known as "offline migration", all user data is transferred at once, and a single "go-live" event is scheduled, where all users start using the new system simultaneously.

Recommendation

A big bang migration is often not the best choice due to the risk and downtime, but it is recommended when:

  • The number of users is low / app is simple
  • Downtime isn't a problem
  • You need to retire the current solution yesterday

Advantages of big bang migration

  • Simplicity: Since there is only one "go-live", the migration process is easier to manage and plan.
  • Time efficiency: The migration process happens in one go, reducing the time needed for the transition.
  • Less complexity: There is no need to run two systems in parallel and you can retire the previous solution immediately.

Drawbacks of big bang migration

  • High risk: If any issues occur during the cutover, the impact can be significant, affecting all users.
  • Downtime: This approach may require planned system downtime to ensure data consistency, which can disrupt users.
  • Increased preparation: Requires extensive planning and testing to mitigate risks, making it more resource-intensive during that phase.

Stepwise migration

Stepwise migration, also called "application-based migration", involves transferring user data in phases, focusing on specific applications, services, or user segments at a time. This approach results in multiple "go-lives", each affecting a defined group of users.

Recommendation

A stepwise migration is the best choice in most cases, especially when:

  • You manage multiple apps/segments of users with different underlying auth systems
  • You need to keep active sessions live during the migration
  • Downtime should be mostly avoided
  • You have some time to migrate

Advantages of stepwise migration

  • Reduced risk: By migrating in phases, issues are isolated to specific apps or user segments.
  • Flexibility: Allows for adjustments and optimizations between phases based on lessons learned.
  • Minimized/no downtime: Since the migration occurs in stages, downtime can be limited to smaller user groups or avoided completely.

Drawbacks of stepwise migration

  • Complex management: Multiple "go-lives" require more coordination and detailed planning, increasing operational complexity.
  • Extended timeline: The migration process takes longer as it is broken down into phases.
  • Resource demands: Running both systems in parallel during the transition can strain resources.

Graceful migration

Graceful migration - also called "slow migration", "rolling migration", or "online migration" - involves running both the old and new systems in parallel, gradually migrating users as they authenticate. This approach features two "go-lives": the initial application "go-live" and subsequent user-specific cutovers during login.

Recommendation

A graceful migration is a good choice when:

  • You don't have access to hashed credentials or they are hashed with a proprietary algorithm
  • Absolutely no downtime is acceptable
  • Running the current solution until the end of migration isn't a problem

Advantages of graceful migration

  • Low risk: The gradual transition reduces the risk of widespread issues, as only a few users are affected at any given time.
  • No hashed credentials needed: Users are migrated during their "normal" authentication process, so you don't need to import credentials. Great if you don't have access to the hashed credentials.
  • No downtime: Both systems operate simultaneously until the migration is completed.

Drawbacks of graceful migration

  • Extended migration period: The process takes longer as users are migrated individually over time.
  • Increased complexity: Maintaining synchronization between two systems adds complexity to the migration process.
  • Potential for data inconsistencies: If not carefully managed, there may be discrepancies between the two systems during the transition period.