Security, Privacy & Compliance

Working with Auth0 means working with a vetted, secure solution & partner who understands that you expect a return on your security investment.

Security, Privacy & Compliance


“Auth0’s adherence to best-in-class compliance frameworks demonstrates our dedication to information security best practices across the board."

Joan PepinAuth0 CSO


As a company, Auth0 complies with the General Data Protection Regulation (GDPR). We take customer data privacy seriously, ensuring that:

  • checkAny usage of personal data is communicated with the proper consent.
  • checkAll new vendors, assets and activities pertaining to processing personal data are subject to a review of privacy, security and compliance.
  • checkPersonal data is properly collected, stored, and documented.
  • checkRelevant processes are followed for transfers of personal data outside the European Union.
  • checkFor more information, see our privacy policies here.

We also help our customers provide GDPR compliant solutions to their end-users and customers.

Data Sovereignty

Our customers can deploy on our public cloud, private cloud, or in their AWS environment to control where data is stored. For more information, refer to our compliance and security certifications.



  • Product Security

  • Access Management

  • Security Monitoring

  • Endpoint protection

  • Incident Response

  • Vuln. Mgmt

  • Data encryption at-rest and in-transit

  • DDoS protection


Auth0 Security Platform

Download Whitepaper

"We hadn't expected to be able to find a partner like Auth0 who would be so focused on security, proper authentication, and yet create a platform that's incredibly well-documented, easy to test, and is HIPAA compliant.”

"AMD has seen a 50% time savings in identity-related development and has saved 200+ hours of annual operations time by using Auth0."

Narath CarlileChief Medical Information Officer, Activate Care
Read case study


Meet our patent-holding CISO, Joan Pepin, who brings 20 years of experience to the role, as she shares her thoughts on:

Joan Pepin

Joan Pepin


Joan is responsible for the holistic security, compliance and availability of Auth0's platform, products, and corporate environment. She brings 20 years of experience to the role, with a career that has spanned a wide variety of industries.

Contact Auth0's security team directly at:


Download our PGP Key which allows you to send us encrypted emails.


Report a Vulnerability

Report in our vulnerability disclosure program.


Secure access for everyone. But not just anyone.