Security, Privacy & Compliance
Working with Auth0 means working with a vetted, secure solution & partner who understands that you expect a return on your security investment.
ISO27001Auth0 is ISO27001 certified by a third party, managing information security risk in such a way as to comply with a robust design, implementation and continuous monitoring framework.Read More
SOC 2 Type IIAuth0 has completed a full third-party SOC 2 Type II audit - an independent auditor has evaluated our product, infrastructure, and policies, and certifies that Auth0 complies with their stringent requirements.Read more
ISO27018Auth0 is ISO27018 certified by a third party, complying with security and privacy guidelines for managing PII as a cloud service provider.Read more
HIPAA BAAAuth0 offers HIPAA BAA agreements to companies in the healthcare industry that must comply with HIPAA regulations for safeguarding patient privacy and sensitive health information.Read more
Gold CSA STARAuth0 has achieved a Level 2 audit Gold CSA Star certification for its cloud service security capabilities.Read more
PCI DSS ComplianceAuth0 is compliant with the Payment Card Industry (PCI) Data Security Standard (DSS) that requires strict security controls and processes for transacting customer payment card data.Read more
As a company, Auth0 complies with the General Data Protection Regulation (GDPR). We take customer data privacy seriously, ensuring that:
All new vendors, assets and activities pertaining to processing personal data are subject to a review of privacy, security and compliance.
Personal data is properly collected, stored, and documented.
Relevant processes are followed for transfers of personal data outside the European Union / UK.
For more information, see our privacy policies here.
We also help our customers provide GDPR compliant solutions to their end-users and customers.
Our customers can deploy on our public cloud or private cloud environments to control where data is stored. For more information, refer to our compliance and security certifications.SEE CERTIFICATIONS
Data encryption at-rest and in-transit
Auth0 Security PlatformDownload Whitepaper
"We hadn't expected to be able to find a partner like Auth0 who would be so focused on security, proper authentication, and yet create a platform that's incredibly well-documented, easy to test, and is HIPAA compliant.”
"AMD has seen a 50% time savings in identity-related development and has saved 200+ hours of annual operations time by using Auth0."
Contact Auth0's security team directly at:email@example.com
Download our PGP Key which allows you to send us encrypted emails.DOWNLOAD OUR PGP KEY
Report a Vulnerability
Report in our vulnerability disclosure program.REPORT