Hello everyone - popping a question in here, just in case someone has experience solving this particular problem I'm facing.

I'm working on a project where I need to migrate user accounts from Drupal to Okta, and am stuck dealing with the salt/hash on the password.

If anyone has done this sort of thing before, I'd love a bit of help if you can spare a few minutes.

After much Googling, Stack-Overflowing, reading Drupal code and the Okta API docs - I'm a bit stuck.  I'm doing this with a JSON file of exported users, and using Node to process.

1. I get the `pass` field from the Drupal user
2. I extract the `salt` and `hash` from the `pass`

Here's how I get the settings, salt and hash from the Drupal `pass`:

const hashType = pass.substring(0,3)
const rounds = pass.substring(3,4)
const salt = pass.substring(4,12)
const hash = pass.substring(12)

I'm then calling Okta's`/api/v1/users?activate=true` with

profile: { email: mail, login: username },
credentials: { password: { hash: { algorithm: 'SHA-512', salt: salt, saltOrder: 'PREFIX', value: hash }}}

which successfully creates the user, but on attempting sign in, gets rejected.

I've tried:

1. switching the saltOrder to POSTFIX
2. base64 decoding the hash 
3. base64 decoding then encoding the hash
4. Every combination of the above

Please help, as I don't know what else to try, and I can't find any examples of Drupal user accounts being imported into Okta.

I believe I'm correctly following: https://developer.okta.com/docs/reference/api/users/#hashed-password-object

And I'm using information from:
https://stackoverflow.com/questions/9876700/migrate-passwords-from-drupa...
and
https://drupal.stackexchange.com/questions/176008/getting-password-hashe...
and

https://www.openwall.com/articles/PHP-Users-Passwords

I'd be grateful for any advice you can offer.