"Yes, I think the problem you are having stems from the fact that you are using the same thing (tokens) for two different purposes: authentication/identification and users. With your schema, a token maps to a single user. Check back Yuval article. See how he splits Users and Identifications. With that split you can have multiple tokens, a username/password, a OpenID URL, all of those identifiers map to the same user. If you split those, you can evolve your authentication mechanisms without rewriting the model, because from the model point of view, he only deals with Users. For migrations and direct access to the Model, what I do is to create a user just to do the migration. And then my script authenticates to the model with that user. This allows my auditing log to record who created those migration users and when. Best regards," - Pedro Melo