May 2026
All articlesIs It Possible to Retrieve Bubble User Passwords via the Editor or Data API?
Bubble does not expose user passwords through the Data API or the Editor. That means a migration can move user records, but not their original passwords.
Quick answer: no. Even for the app administrator, it is impossible to retrieve user passwords, whether in the Editor or via the Data API.
Bubble stores user passwords using industry-standard one-way hashing and salting, and these passwords are never saved in plain text and cannot be retrieved.
For example, a response from the Data API when reading the User table can look like this:
JSON
{
"_id": "1703263107769x434791901267492860",
"Created Date": "2025-12-01T23:17:00.148Z",
"Modified Date": "2026-04-17T13:35:30.901Z",
"authentication": {
"email": {
"email": "account_x@gmail.com",
"email_confirmed": true
}
},
...
}Or, if you are using OAuth, for example Google:
JSON
{
"_id": "1701472620148x756485907867572500",
"Created Date": "2025-12-01T23:17:00.148Z",
"Modified Date": "2026-04-17T13:35:30.901Z",
"authentication": {
"email": {
"email": "account_y@gmail.com",
"email_confirmed": true
},
"Google": {
"id": "114548959344295036064",
"email": "account_y@gmail.com"
}
},
...
}As you can see, Bubble includes some authentication-specific data in the payload, such as the email, its confirmation status, and even OAuth data. However, no data regarding passwords is provided.
That means you can migrate the user records and create auth accounts in a different system, but you cannot directly carry the original passwords over as plain migration data.
So in practice, users usually need to access the new system through a password recovery flow, invitation flow, magic link flow, or some other controlled reset path.
Ready to migrate off Bubble?
Self-serve tools or a done-for-you service. Your app stays live while we move everything.