Skip to content

Security: auth0/go-auth0

Security

.github/SECURITY.md

Security Policy

This document outlines the Responsible Disclosure Program for Auth0 open source software.

Responsible Disclosure Policy

At Auth0 we take security seriously and consider it a top priority. Since a public disclosure of a security vulnerability could put the entire Auth0 community at risk, we require that potential vulnerabilities are kept confidential until they are confirmed and fixed. We appreciate your efforts in keeping Auth0 and its users safe by responsibly disclosing any security vulnerability. Rest assured we will make every effort to acknowledge your contributions.

Reporting a vulnerability

Any security related issue should be reported to Auth0 via the form at the bottom of the Responsible Disclosure Policy page.

If individuals prefer to directly communicate with the Auth0 security team, they are invited to send an email to [email protected]. For encrypted communication, you can download our PGP key from here.

There aren’t any published security advisories