Skip to content

Security: auth0/lock

Security

.github/SECURITY.md

Security Policy

This document outlines the Responsible Disclosure Program for Auth0 open source software.

Responsible Disclosure Policy

At Auth0 we take security seriously and consider it a top priority. Since a public disclosure of a security vulnerability could put the entire Auth0 community at risk, we require that potential vulnerabilities are kept confidential until they are confirmed and fixed. We appreciate your efforts in keeping Auth0 and its users safe by responsibly disclosing any security vulnerability. Rest assured we will make every effort to acknowledge your contributions.

Reporting a vulnerability

Any security related issue should be reported to Auth0 via the form at the bottom of the Responsible Disclosure Policy page.

If individuals prefer to directly communicate with the Auth0 security team, they are invited to send an email to security@auth0.com. For encrypted communication, you can download our PGP key from here.

Learn more about advisories related to auth0/lock in the GitHub Advisory Database