At Auth0, Inc., we take security of our users’ data very seriously. If you have discovered or believe you have discovered potential security vulnerabilities in an Auth0 Service, we encourage you to disclose your discovery to us as quickly as possible in accordance with this Responsible Disclosure Program.
We will work with you to validate and respond to security vulnerabilities that you report to us. Because public disclosure of a security vulnerability could put the entire Auth0 community at risk, we require that you keep such potential vulnerabilities confidential until we are able to address them. We will not take legal action against you or suspend or terminate your access to any Auth0 Services, provided that you discover and report security vulnerabilities in accordance with this Responsible Disclosure Program. Auth0 reserves all of its legal rights in the event of any noncompliance.