Security is our utmost priority. For starters, we follow security best practices for storing user credentials: they are never stored in plain text, and all passwords are hashed and salted using the bcrypt algorithm, a state-of-the-art algorithm designed to prevent brute-force attacks even in case of a breach. Furthermore, our implementation of TLS has received an “A+” score in Qualsys’ SSL Labs SSL Server test.

We also implement proactive security measures for your projects such as password breach detection, using a huge database of leaked passwords, and brute-force attack detection. Automated rate-limiting checks and denial of service mitigation procedures are also in place.

You can learn more about security at Auth0 at our security page.

Your data is safe as long as it’s stored in our servers. If you choose to stop using Auth0, exporting your data is a simple matter. Head over to the Auth0 Dashboard and go to the extensions page. Select “User Import/Export” and proceed to enable the extension. If you need help using the extension, check our docs.

If you feel the export extension does not fill your needs, the Auth0 management API lets you fully inspect all the data from your account. With it, you can export all data to any format.

Users are differentiated according to what type of connection is required for them. Regular users are connected through a standard database connection (username + password), a passwordless scheme (SMS, E-mail, TouchID) or a social connection (of which there are more than 30 providers). Enterprise users, on the other hand, are connected through an enterprise connection such as Active Directory, WS-Federation or LDAP. You can find all about the different types of connections in the docs.

Both the regular users and the enterprise users are counted as active if they logged in at least once in the last 30 days. Employee users are always counted, regardless of their activity.

Yes, if you pass the 7,000 users mark, you need to select the Developer Plan (or any of the other plans that fit your needs) and select the right amount of users for your use case. Paid plans let you pick a custom number of users, from 1,000 up to 100,000 or more. Up to 7,000 users, a special, lower, per-user price is computed, to recoup for the users of the free plan. Regardless of the number of users you pick, you always get all the added benefits of the paid plans, such as 2 days log retention and unlimited social providers.

Auth0 can run as a third-party service on the Auth0 cloud, or it can be installed to your own internal systems or cloud. In particular, Auth0 supports four different types of deployment modes:

• Auth0 cloud, multi-tenant
• Auth0 cloud, single-tenant (dedicated)
• Customer’s cloud (private cloud)
• Customer’s data centre (appliance)

Auth0 systems have over 99.9% monthly uptime figures. You can check the current and past status and uptime figures at the status and uptime pages.

Enterprise users can optionally request a Service Level Agreement (SLA) with 99.95% availability for an added cost.

The trial period lasts 22 days. After that, the free plan gets activated automatically. If you wish to continue using some of the features from our Developer, Developer Pro or Enterprise plans, please choose one from above.