Private Cloud Operations

Releases

See the latest releases notes for new features and updates in Auth0.

Private Cloud major releases are provided monthly on every second Tuesday, of which the 4 most recent are considered active. Following the release, Auth0 internal systems are updated and final tests were undertaken, prior to update notification.

Updates

Your update will be scheduled in one of the following ways:

  • Update schedule: A regular update cadence pre-agreed between you and the Private cloud team. The Auth0 Private Cloud Service Delivery Team will create a ticket within the Auth0 Support Center and confirm the planned update timing.

  • Ad-Hoc support ticket: You will create a ticket within the Auth0 Support Center and the Private Cloud Service Delivery Team will work with you to coordinate the update at a suitable time.

Private Cloud Basic customer contacts may view the monthly release notes and the environments will be updated regularly to an active release. No customer coordination will take place.

Performance and Performance Plus update prerequisites and communication

Before an update can be scheduled Auth0 requires the following information (either via pre-agreed update schedule or support ticket):

  • Environment to be updated

  • Version updating to

  • Date and maintenance window to perform the update (including timezone)

During the update the Auth0 Managed Service Engineer will be responsible for providing communication updates to you including:

  • Informing you when the upgrade has started

  • Staying in contact with you should there be an issue

  • Informing you when the upgrade is complete and requesting you to perform a smoke test to ensure the functionality of the environment is working as intended

Upon confirmation of the smoke test completing successfully, the Auth0 Managed Service Engineer will confirm that the upgrade is complete.

Testing

Load testing

This policy outlines the necessary requirements for Auth0 to perform load testing for Private Cloud customers who submit a request. You can file a load testing request via the Support Center. Under the Issue field, select Private Cloud Support Incident.

To be considered for approval, the request must:

  • Be filed at least two (2) weeks prior to the desired test date; in many cases, Auth0 encourages one (1) month of advance notice to ensure time for a thorough review and any required modifications.

  • Approval in writing before any testing is conducted.

  • Stay within our published production rate limits.

  • Include all information described in our Load Testing Policy.

If changes to infrastructure are requested, the cost will be determined based on your specific requirements.

Testing capacity considerations

If you perform a test that exceeds 500RPS in a High Availability environment or 1500RPS in a High Capacity environment, then the performance of the environment may be negatively affected, either with requests being slow or potentially the environment seizing. You should start with a low load and slowly increase until the environment has reached its peak. Should you require a load greater than what the environment can handle, then the environment size should be increased if possible, you can work with your Technical Account Manager to discuss details.

High load notifications

For periods of anticipated high load, Private Cloud customers must inform the PSaaS Operations Team not later than 14 days prior to the event. The notification provides the opportunity to adequately test scenarios (if possible) and aligns reactive support to the event.

Penetration testing

To conduct a security test, please notify us in advance via the Auth0 Support Center. Auth0 requires at least 1 week's (7 days') notice prior to your test's planned start date.

If the test is isolated to your infrastructure (that is, there will be no testing of Auth0 services), you do not need to notify Auth0.

For the information that we require, see our Penetration Testing Policy.

Certificate renewal process

Auth0-managed certificates (in the format *.auth0.com) are the responsibility of Auth0 to both obtain and apply. Auth0 will manage the process end-to-end and will prompt you with any action required.

Certificates relating to custom domains (in the format *.auth.<CustomerName>.com) are the customer’s responsibility to manage and obtain. You should create a support ticket via the Support Center to arrange the application of the new certificate to the environment.

Reporting and monitoring

Auth0 provides logs that are accessible via the Dashboard of the Management API Logs endpoint.

You can also choose to send the data logged by Auth0 to an external service. To help with this, there are Auth0 extensions that support automatic log export to services like Sumo Logic or Loggly. The following is a list of Auth0 log export extensions currently available:

Support

You can reach out to the Auth0 Support team with any questions or concerns you might have. To help expedite your request, please provide as much information as possible in the Support ticket you open.