Nacho
Auth0 IAM Provider
Auth0 is a customer identity and access management (CIAM) platform that provides authentication, authorization, user management, security, and compliance features.
Features
- 🇺🇸US🇪🇺EU🇦🇺AU🇯🇵JP🇬🇧UK🇨🇦CA
- AWSAzure
- JavaScriptTypeScriptReactAngularVueNext.jsNode.jsPythonJava.NETGoPHPRubySwiftKotlinReact NativeFlutter
If you want to compare IAM features of different providers, please check out the (C)IAM Identity Providers benchmark.
Looking for Auth0’s OpenID Connect protocol compatibility? View Auth0 on the OpenID Connect Providers benchmark.
Frequently Asked Questions
Does Auth0 support Username and Password authentication method?
Auth0 supports Username and Password authentication method. Standard database connection authentication with username/email and password. Auth0's primary built-in connection type. Read more
Does Auth0 support Social Sign-in authentication method?
Auth0 supports Social Sign-in authentication method. 30+ built-in social providers (Google, Facebook, Apple, GitHub, LinkedIn, etc.) plus custom OAuth2/OIDC. Free plan limited to 2 social connections. Dashboard shows only 1 connection per social strategy; additional connections require Management API. Read more
Does Auth0 support Passkey authentication method?
Auth0 supports Passkey authentication method. Passkeys (FIDO2/WebAuthn) supported as a primary factor for database connections. Custom Relying Party ID is in Early Access. Requires Identifier First authentication profile. Account recovery falls back to password reset. Read more
Does Auth0 support Email Passwordless authentication method?
Auth0 supports Email Passwordless authentication method. Email OTP code works with Universal Login. Configurable expiry and code length. Locks out after 3 incorrect attempts. Read more
Does Auth0 support Phone Passwordless authentication method?
Auth0 supports Phone Passwordless authentication method. SMS OTP passwordless login. Requires customer-configured Twilio or custom SMS provider for production. Auth0's built-in SMS provider is test-only. Rate limit of 10 messages/hour/user. Read more
Does Auth0 support Magic Link authentication method?
Auth0 does not support Magic Link authentication method. Magic links are NOT supported with Universal Login (Auth0's recommended and actively developed login experience). Classic Login, which was the only way to use magic links, reached End of Life in July 2025. As of July 2025, magic link authentication is effectively unavailable for new or existing production deployments. Same-browser requirement also created mobile friction. Cannot combine with Passkeys/WebAuthn passwordless connections. Read more
Does Auth0 support Anonymous / Guest authentication method?
Auth0 does not support Anonymous / Guest authentication method. Auth0 does not support anonymous/guest authentication. Users must always authenticate with a registered credential. Workarounds require custom M2M tokens or external logic. Read more
Does Auth0 support Time-based One-Time Password (TOTP) MFA?
Auth0 supports Time-based One-Time Password (TOTP) MFA. Authenticator app TOTP (Google Authenticator, Authy, etc.). Available on Essentials plan and above. Not included in the Free plan. Read more
Does Auth0 support HMAC-based One-Time Password (HOTP) MFA?
Auth0 partially supports HMAC-based One-Time Password (HOTP) MFA. HOTP (counter-based OTP) is not natively supported as a standalone MFA factor. Auth0 focuses on TOTP. Custom implementation possible via Actions. Read more
Does Auth0 support Universal 2nd Factor (U2F) MFA?
Auth0 supports Universal 2nd Factor (U2F) MFA. Roaming authenticators (YubiKey, Titan Key) supported via WebAuthn. U2F is the predecessor spec; Auth0 implements the successor WebAuthn standard. Requires Professional plan or above. Read more
Does Auth0 support WebAuthn MFA?
Auth0 supports WebAuthn MFA. Touch ID, Face ID, Windows Hello as an MFA factor. Requires Professional plan or above (Enterprise MFA tier). Read more
Does Auth0 support Email Code MFA?
Auth0 supports Email Code MFA. Email OTP as an MFA factor. Cannot be the sole MFA factor if email is also the primary authentication channel. Requires external SMTP for production. Read more
Does Auth0 support Phone Code MFA?
Auth0 supports Phone Code MFA. SMS OTP as a second factor. Rate limit of 10 messages/hour/user. Requires Twilio or custom provider for production use. Read more
Does Auth0 support Recovery Code MFA?
Auth0 supports Recovery Code MFA. One-time backup codes generated at MFA enrollment for account recovery. Supported alongside all MFA factors. Read more
Does Auth0 support Push Notification MFA?
Auth0 supports Push Notification MFA. Push notifications via Auth0 Guardian app (iOS/Android) or Guardian SDK for custom branded apps. Requires Professional plan or above (Enterprise MFA tier). Read more
Does Auth0 support Adaptive / Risk-Based MFA MFA?
Auth0 partially supports Adaptive / Risk-Based MFA MFA. ML-based confidence score evaluated at login using new device detection, impossible travel, and IP reputation signals. Requires Enterprise plan with Adaptive MFA add-on. Not supported for SAML IdP-initiated flows or ROPG. All users must have an email address. Read more
Does Auth0 support Cisco Duo MFA?
Auth0 partially supports Cisco Duo MFA. Cisco Duo integration supported but can only be used as the sole MFA factor — cannot be combined with other Auth0 MFA factors simultaneously. Requires Professional plan or above. Read more
Does Auth0 support Step-Up Authentication MFA?
Auth0 supports Step-Up Authentication MFA. Supported via Actions post-login triggers using acr_values claims. Not a dashboard toggle — requires developer implementation in JavaScript. Requires Essentials plan or above. Read more
Does Auth0 support OpenID Connect (OIDC) integration protocol?
Auth0 supports OpenID Connect (OIDC) integration protocol. Core protocol — Auth0 is fundamentally built on OIDC/OAuth 2.0. OIDC Discovery supported. OpenID-certified. Read more
Does Auth0 support SAML 2.0 integration protocol?
Auth0 supports SAML 2.0 integration protocol. Full SAML 2.0 support as both Identity Provider and Service Provider. Custom attribute mappings via Actions. Max 100 attributes, 1 KB names, 2 KB values, 10 KB total assertions. Cannot enable both SAML and WS-Fed addons on the same client application. Read more
Does Auth0 support WS-Federation integration protocol?
Auth0 supports WS-Federation integration protocol. Auto-assigned WS-Fed endpoints for every application. Cannot combine with SAML addon on the same client. Not compatible with the Organizations feature. Read more
Does Auth0 support Machine-to-Machine (M2M) Authentication integration protocol?
Auth0 supports Machine-to-Machine (M2M) Authentication integration protocol. OAuth 2.0 Client Credentials grant for M2M. M2M app token requests are counted and billed. Free tier includes 1,000 tokens/month. Read more
Does Auth0 support OpenID Connect (OIDC) Federation identity federation?
Auth0 supports OpenID Connect (OIDC) Federation identity federation. Read more
Does Auth0 support SAML 2.0 Federation identity federation?
Auth0 supports SAML 2.0 Federation identity federation. Read more
Does Auth0 support Active Directory / LDAP identity federation?
Auth0 supports Active Directory / LDAP identity federation. Supported via on-premises AD/LDAP Connector agent. Supports Kerberos SSO for seamless desktop login. Not recommended for customer-side installation in B2B scenarios. Read more
Does Auth0 support Azure Active Directory (Entra ID) identity federation?
Auth0 supports Azure Active Directory (Entra ID) identity federation. Native connection type supporting OIDC and SAML federation with Microsoft Entra ID (formerly Azure AD). Read more
Does Auth0 support Bulk User Import user management?
Auth0 supports Bulk User Import user management. JSON format import via Management API. Max 500 KB file size per job and 2 concurrent jobs (429 error if exceeded). Recommended batch size is ~1,000 users. Import job data auto-deleted after 24 hours. Read more
Does Auth0 support Password Hash Import (Multiple Formats) user management?
Auth0 supports Password Hash Import (Multiple Formats) user management. Supported hash formats: bcrypt ($2a$/$2b$/$2y$, NOT $2$ or $2x$), argon2, PBKDF2, scrypt, SHA1/256/512, MD4/MD5, HMAC, LDAP, custom PHC format. bcrypt processes max 72 bytes. The crypt scheme is NOT supported. Read more
Does Auth0 support Bulk User Export user management?
Auth0 supports Bulk User Export user management. JSON (NDJSON) and CSV export via Management API. Must convert NDJSON to JSON for re-import compatibility. Field selection supported. Export format sometimes incompatible with import schema (community-reported). Read more
Does Auth0 support Bulk User Update / Delete user management?
Auth0 does not support Bulk User Update / Delete user management. No native bulk update or delete operations. All user modifications require individual per-user Management API calls subject to rate limits (2–50 RPS depending on plan). Read more
Does Auth0 support Upsert on Import user management?
Auth0 partially supports Upsert on Import user management. Available but slower than insert-only mode. Does NOT merge metadata on upsert — existing metadata is completely overwritten. Read more
Does Auth0 support Legacy Username Import (Non-Allowed Characters) user management?
Auth0 partially supports Legacy Username Import (Non-Allowed Characters) user management. Usernames are restricted to alphanumeric characters plus @._+- (max 128 characters). Usernames with accents or special symbols require cleaning or mapping. A specific knowledge base article covers the workaround. Read more
Does Auth0 support MFA Enrollment Import user management?
Auth0 supports MFA Enrollment Import user management. Phone SMS/voice and email OTP MFA enrollments can be included during bulk user import. Read more
Does Auth0 support Inbound SCIM Provisioning user management?
Auth0 supports Inbound SCIM Provisioning user management. SCIM 2.0 inbound provisioning from enterprise IdPs (Azure AD, Okta, etc.) into Auth0. Now available on all plans including Free. Read more
Does Auth0 support Outbound SCIM Provisioning user management?
Auth0 does not support Outbound SCIM Provisioning user management. No native outbound SCIM provisioning from Auth0 to third-party applications. Requires custom implementation via Actions or external tooling. Read more
Does Auth0 support SCIM Groups Provisioning user management?
Auth0 partially supports SCIM Groups Provisioning user management. SCIM Group sync is currently in Limited Early Access — not generally available. Critical for enterprise B2B access control use cases. Read more
Does Auth0 support Just-In-Time (JIT) User Provisioning user management?
Auth0 supports Just-In-Time (JIT) User Provisioning user management. Automatic user creation in Auth0 on first enterprise SSO login. Configurable via connection settings. Read more
Does Auth0 support Lazy / Trickle Migration from Legacy Database user management?
Auth0 supports Lazy / Trickle Migration from Legacy Database user management. Users migrated on first login from a custom database connection without forcing password resets. Legacy database must remain accessible online. One-at-a-time migration pace. Cannot easily combine with Organizations feature. No automatic completion notification. Read more
Does Auth0 support Self-Service Profile Management Portal user management?
Auth0 partially supports Self-Service Profile Management Portal user management. No built-in profile management portal. Developers must build a custom UI. The My Account API (/me endpoints) is in Limited Early Access. Management API can be used server-side. Read more
Does Auth0 support User Account Linking user management?
Auth0 supports User Account Linking user management. Supported via Management API. Metadata from the secondary account is discarded upon linking — must manually merge before calling the link endpoint. No automatic profile merging. Both accounts must be authenticated first. setPrimaryUser can only be called once per transaction in Actions. Read more
Does Auth0 support User Blocking / Banning user management?
Auth0 supports User Blocking / Banning user management. Users can be blocked via Dashboard or API. Blocked users can still trigger password reset emails (no native prevention without custom logic). No auto-inactivity blocking. Brute force protection blocks by IP, not per individual account. Read more
Does Auth0 support User Metadata user management?
Auth0 supports User Metadata user management. User-editable custom attributes. Signup API limit: 10 string fields, max 500 characters each. Field names cannot contain . or $. 16 MB total combined metadata limit. 1 MB searchable limit — profiles exceeding 1 MB have attributes over 256 chars excluded from search index. Read more
Does Auth0 support Application Metadata user management?
Auth0 supports Application Metadata user management. Admin-only custom attributes not editable by end users. Cannot contain reserved properties (blocked, email, identities, password_hash, etc.). Subject to combined 16 MB total metadata limit. Read more
Does Auth0 support Metadata Size Limits user management?
Auth0 partially supports Metadata Size Limits user management. Combined metadata hard limits: 16 MB total, 1 MB searchable, 32 KB per Actions session. Recommended to keep individual fields under 2 KB for search performance. These overlapping limits are a common source of production surprises. Read more
Does Auth0 support User Search user management?
Auth0 partially supports User Search user management. Lucene query syntax. Max 1,000 results returned (10 pages × 100). 2-second query timeout (returns 503 on exceed). No wildcards or ranges on metadata fields. ~72 OR terms maximum before errors. Not suitable for login flows or event-driven polling. Read more
Does Auth0 support Role-Based Access Control (RBAC) user management?
Auth0 supports Role-Based Access Control (RBAC) user management. Supported with hard limits: 1,000 roles per tenant, 50 roles per user, 1,000 permissions per user. No built-in fine-grained ABAC. Large permission sets can cause access tokens to exceed HTTP header size limits. RBAC per organization excluded from B2B Free plan. Read more
Does Auth0 support Organizations (Multi-Tenancy B2B) user management?
Auth0 supports Organizations (Multi-Tenancy B2B) user management. 100,000 orgs per tenant (expandable to 2M on Enterprise). 10 connections per org, 50 role assignments per org member. Universal Login only — not compatible with ROPG, Device Flow, or WS-Federation. No per-org custom domains. Read more
Does Auth0 support Password Strength Policies user management?
Auth0 supports Password Strength Policies user management. 5 preset OWASP-aligned password strength levels. Cannot enforce 4-of-4 character type requirements (max 3-of-4). Cannot fully customize beyond preset levels without custom code. Existing passwords are not retroactively re-evaluated on policy changes. Effective max length limited by bcrypt's 72-byte processing cap. Read more
Does Auth0 support Username Restrictions user management?
Auth0 partially supports Username Restrictions user management. Usernames restricted to alphanumeric plus @._+- characters, auto-converted to lowercase, max 128 characters. No accent marks or other special characters. Legacy usernames with disallowed characters require workarounds during import. Read more
Does Auth0 support Progressive Profiling / Forms user management?
Auth0 supports Progressive Profiling / Forms user management. Visual no-code Forms builder for collecting data during authentication flows. 500 Forms and 500 Flows per tenant. Supports conditional logic and external API calls. Read more
Does Auth0 support Attribute-Based Access Control (ABAC) access control?
Auth0 partially supports Attribute-Based Access Control (ABAC) access control. Attribute-based policies can be implemented via Actions rules and token claims, but there is no native ABAC policy engine. Available via OpenFGA on Enterprise. Read more
Does Auth0 support Fine-Grained Authorization (FGA / ReBAC) access control?
Auth0 supports Fine-Grained Authorization (FGA / ReBAC) access control. Auth0 FGA is powered by OpenFGA (open-source Zanzibar implementation). Available as an Enterprise add-on. Read more
Does Auth0 support API Authorization (Scopes / Permissions) access control?
Auth0 supports API Authorization (Scopes / Permissions) access control. Define API resource servers with scopes and permissions. Integrate with RBAC and token claims for authorization. Read more
Does Auth0 support Audit Log Retention security feature?
Auth0 partially supports Audit Log Retention security feature. Log retention is critically short: Free = 1 day, Essentials = 5 days, Professional = 10 days, Enterprise = 30 days. No option to extend retention within Auth0 on lower tiers. Log streaming to external SIEM is required for any compliance use case. Read more
Does Auth0 support Audit Log Streaming security feature?
Auth0 supports Audit Log Streaming security feature. Stream logs to Splunk, Datadog, Amazon EventBridge, Azure Event Grid, Sumo Logic, and custom webhooks. At-least-once delivery guarantee. PII masking/hashing supported. Not available on the Free plan. Read more
Does Auth0 support Security Center (Threat Monitoring Dashboard) security feature?
Auth0 partially supports Security Center (Threat Monitoring Dashboard) security feature. Near real-time threat monitoring dashboard with custom alert configuration. Available on B2B Professional plan and above for B2B; Enterprise only for B2C. Read more
Does Auth0 support Encryption at Rest security feature?
Auth0 supports Encryption at Rest security feature. AES-256 GCM envelope encryption for all stored data and backups. Read more
Does Auth0 support Encryption in Transit security feature?
Auth0 supports Encryption in Transit security feature. TLS 1.2 or higher required for all connections to Auth0 endpoints. Cipher suites include ECDHE/AES-GCM variants. TLS 1.2 weak cipher suites reach end-of-support June 2026. mTLS (mutual TLS) also supported for client authentication. Read more
Does Auth0 support Customer Managed Keys (BYOK) security feature?
Auth0 partially supports Customer Managed Keys (BYOK) security feature. FIPS 140-2 Level 3 HSM-backed key management. Key rotation via Management API. Requires Enterprise plan with Highly Regulated Identity add-on. Read more
Does Auth0 support Bot Detection security feature?
Auth0 supports Bot Detection security feature. ML-based detection with Auth Challenge (CAPTCHA-free), reCAPTCHA, hCaptcha, and Friendly Captcha. Enhanced bot detection requires Professional plan or above. IP allowlist supports up to 100 entries. Read more
Does Auth0 support Brute Force Protection security feature?
Auth0 supports Brute Force Protection security feature. Blocks a single IP address after a configurable number of failed login attempts. Enabled by default on all plans. Blocks by IP only — no per-account lockout mechanism. Read more
Does Auth0 support Suspicious IP Throttling security feature?
Auth0 supports Suspicious IP Throttling security feature. Detects and throttles rapid login or signup attempts from a single IP address. Available on all paid plans. Read more
Does Auth0 support Breached Password Detection security feature?
Auth0 supports Breached Password Detection security feature. Checks user credentials against publicly known breach databases. Configurable to block signups, block logins, or notify users. Not available on Free plan. Standard detection uses public breach data only (not real-time dark web monitoring). Read more
Does Auth0 support Credential Guard (Dark Web Monitoring) security feature?
Auth0 partially supports Credential Guard (Dark Web Monitoring) security feature. Proactive continuous dark web monitoring for compromised credentials. Enterprise add-on with separate pricing beyond standard breached password detection. Read more
Does Auth0 support Tenant Access Control List (IP ACL) security feature?
Auth0 partially supports Tenant Access Control List (IP ACL) security feature. Up to 10 ACL rules supporting IPv4/IPv6, geographic filtering, and JA3/JA4 TLS fingerprints. Currently in Early Access. Requires Enterprise plan with Attack Protection add-on. Read more
Does Auth0 support Device Fingerprinting security feature?
Auth0 partially supports Device Fingerprinting security feature. Device tracking is available via the Security Center and Adaptive MFA on Enterprise plans. Adaptive MFA uses new device detection and impossible travel signals. No dedicated device fingerprinting API; third-party integrations (e.g., Fingerprint.com) can add device fingerprints to user profiles via Actions. Read more
Does Auth0 support Per-Organization Branding multi-tenancy?
Auth0 supports Per-Organization Branding multi-tenancy. Per-organization logo, primary color, and background color via the Organizations API. Custom domain per org requires a workaround. Read more
Does Auth0 support Per-Organization MFA Policy multi-tenancy?
Auth0 supports Per-Organization MFA Policy multi-tenancy. MFA policies can be enforced per organization via Actions and organization-level configuration. Enterprise plan required. Read more
Does Auth0 support Hosted / Universal Login Page branding feature?
Auth0 supports Hosted / Universal Login Page branding feature. Universal Login is Auth0's centrally hosted login page. Customizable via themes, templates, or ACUL. Read more
Does Auth0 support Embedded / Native Login Components branding feature?
Auth0 supports Embedded / Native Login Components branding feature. Auth0's Advanced Custom UI Layer (ACUL) allows embedding the auth flow via a client-rendered React SDK. Classic embedded login was deprecated. Read more
Does Auth0 support White-Label / Full Brand Removal branding feature?
Auth0 supports White-Label / Full Brand Removal branding feature. Full white-labeling with custom domain, custom branding, and removal of Auth0 branding is possible on paid plans. Read more
Does Auth0 support Localization / i18n branding feature?
Auth0 supports Localization / i18n branding feature. Universal Login supports 40+ languages via text dictionaries. Custom locale overrides supported. Read more
Does Auth0 support Prebuilt UI Components (SDK) branding feature?
Auth0 supports Prebuilt UI Components (SDK) branding feature. Auth0 provides the Lock embeddable widget and SDK-driven Universal Login. Auth0 recommends Universal Login over Lock for new implementations. React components also available via the Advanced Custom UI Layer (ACUL) for embedded flows. Lock Passwordless is separately deprecated. Read more
Does Auth0 support Login / Auth Analytics Dashboard analytics?
Auth0 supports Login / Auth Analytics Dashboard analytics. Dashboard with login success/failure rates, active users, and sign-up trends. Available on Professional plan and above. Read more
Does Auth0 support SOC 2 Type II Certification compliance?
Auth0 supports SOC 2 Type II Certification compliance. Annually audited, covering all 5 Trust Services Criteria. Read more
Does Auth0 support ISO 27001 / 27017 / 27018 Certification compliance?
Auth0 supports ISO 27001 / 27017 / 27018 Certification compliance. Cloud information security and privacy controls. Annually audited. Read more
Does Auth0 support HIPAA Business Associate Agreement (BAA) compliance?
Auth0 partially supports HIPAA Business Associate Agreement (BAA) compliance. HIPAA BAA is available upon request for Enterprise plans. Auth0 acts as a Business Associate under HIPAA/HITECH. BAA is not available for Azure-hosted deployments. Contact account team via the Support Center to request the agreement. Read more
Does Auth0 support PCI DSS Compliance compliance?
Auth0 partially supports PCI DSS Compliance compliance. PCI DSS compliance available as an add-on for Auth0 Private Cloud deployment. Annual independent audit. Attestation of Compliance (AOC) and SAQ-D available upon request via the Support Center. Enterprise plan only. Read more
Does Auth0 support CSA STAR Certification compliance?
Auth0 supports CSA STAR Certification compliance. Cloud Security Alliance STAR Gold certification for cloud security practices. Read more
Does Auth0 support FedRAMP Authorization compliance?
Auth0 does not support FedRAMP Authorization compliance. Auth0 (developer CIAM product) does not hold FedRAMP authorization. FedRAMP High is held by Okta for Government, a separate government-specific product.
Does Auth0 support GDPR: Data Export (Portability) compliance?
Auth0 supports GDPR: Data Export (Portability) compliance. User data export (Article 20) available via Dashboard or Management API in JSON format. Read more
Does Auth0 support GDPR: Right to be Forgotten (User Deletion) compliance?
Auth0 supports GDPR: Right to be Forgotten (User Deletion) compliance. User deletion supported via Dashboard or Management API. Customer is responsible for removing user data stored in external systems, logs, or backups. Read more
Does Auth0 support Consent Management compliance?
Auth0 partially supports Consent Management compliance. OAuth consent dialog supported for third-party application scopes. No dedicated consent management module for custom consent purposes (marketing opt-in, ToS acceptance). Custom consent must be stored in user_metadata or an external system. Auth0 Forms can handle Terms of Service acceptance flows. Read more
Does Auth0 support Region Deployment compliance?
Auth0 supports Region Deployment compliance. Public cloud tenants available in US, EU, Australia, Japan, UK, and Canada. Tenant region is selected at creation and cannot be changed. Each region uses region-specific subdomains (e.g., [au|ca|eu|jp|uk].auth0.com). Read more
Does Auth0 support Private Cloud Deployment compliance?
Auth0 partially supports Private Cloud Deployment compliance. Single-tenant Private Cloud deployment on AWS (13+ regions) or Azure (60+ regions). Enterprise add-on with separate pricing. Read more
Does Auth0 support SDK Coverage developer integration?
Auth0 supports SDK Coverage developer integration. 45+ official SDKs across 12+ languages and frameworks: JavaScript, React, Angular, Vue, Next.js, Node.js, Python (Django, FastAPI), Java (Spring Boot), .NET (ASP.NET), Go, PHP (Laravel), Ruby (Rails), Swift (iOS), Kotlin/Android, React Native, Flutter (community). Separate Management API SDKs for server-side use. Read more
Does Auth0 support Management API developer integration?
Auth0 supports Management API developer integration. Full CRUD REST API for all tenant resources. Rate limits: 2 RPS (Free), 15 RPS (Paid), 50 RPS (Enterprise). 24-hour access token expiry. No TypeScript SDK for Management API. Read more
Does Auth0 support Authentication API Rate Limits developer integration?
Auth0 partially supports Authentication API Rate Limits developer integration. 300 req/min on Free, 100 RPS on paid plans. 20 login attempts/min per IP before throttling to 10. Burst multiplier add-ons (2x–4x) available for Enterprise. Read more
Does Auth0 support Actions / Extensibility Pipeline developer integration?
Auth0 supports Actions / Extensibility Pipeline developer integration. Event-driven extensibility with 8+ triggers (Post-Login, Pre/Post-Registration, M2M, Post-Change Password, Send Phone Message, Custom Token Exchange, Custom Email Provider). Node.js only — no TypeScript support. 20-second execution limit per Action. Max 100 KB per Action code. Cache: 20 entries, 4 KB values, 24-hour persistence. Secrets: 128-char keys, 4,096-char values. Full npm registry access. Concurrency: 5 (Free), 25 (Self-Service), 500 (Enterprise). Read more
Does Auth0 support TypeScript Support in Extensibility developer integration?
Auth0 does not support TypeScript Support in Extensibility developer integration. Actions runtime is Node.js only. TypeScript is not supported — code must be written in plain JavaScript. This is increasingly out of step with modern JavaScript ecosystem norms. Read more
Does Auth0 support Custom Domain developer integration?
Auth0 supports Custom Domain developer integration. Custom domains supported on all plans (Free requires credit card on file). Only 1 custom domain per tenant — per-organization custom domains are not supported. Auth0-managed TLS certificates on paid plans; self-managed certificates require Enterprise. Social provider dev keys do not work with custom domains. Read more
Does Auth0 support Deploy CLI (Infrastructure as Code) developer integration?
Auth0 supports Deploy CLI (Infrastructure as Code) developer integration. Official auth0-deploy-cli npm package for full tenant configuration export and import as YAML or JSON. Supports multi-environment workflows and CI/CD pipeline integration. Can be destructive — testing on dev tenants is strongly recommended. Read more
Does Auth0 support Terraform Provider developer integration?
Auth0 supports Terraform Provider developer integration. Official auth0/auth0 Terraform provider with 28+ resource types covering all major tenant entities. Supports Terraform 1.5+. Auto-generation via auth0 tf generate CLI command. Read more
Does Auth0 support Custom Database Connections developer integration?
Auth0 supports Custom Database Connections developer integration. Connect Auth0 to any legacy user store via 5 configurable scripts (Login, Create, Verify, Change Password, Get User). 20-second script execution limit, recommended max 100 KB. Built-in templates for MySQL, PostgreSQL, SQL Server, and MongoDB. Auth0 IP ranges must be allowlisted. Requires Professional plan or above. Read more
Does Auth0 support Native Webhook Support developer integration?
Auth0 partially supports Native Webhook Support developer integration. No native event webhook system. Webhooks are implemented either via Custom Log Streams (async, post-event) or Actions (sync, in-flow). Log stream webhooks have retry logic but are not traditional push webhooks. Read more
Does Auth0 support Universal Login / Hosted Login Page Customization developer integration?
Auth0 supports Universal Login / Hosted Login Page Customization developer integration. Three tiers of customization: no-code theme editor (all plans), page templates with Liquid syntax (requires custom domain), and Advanced Custom UI Layer (ACUL) full client-rendered SDK (Early Access). Classic Login is deprecated and reached EOL in July 2025. Universal Login always defaults to the sign-in screen — cannot default to sign-up. Read more
Does Auth0 support Custom Email Provider (SMTP) developer integration?
Auth0 supports Custom Email Provider (SMTP) developer integration. External SMTP or custom email provider required for production email sending (verification, password reset, MFA). Auth0's built-in email sending is limited and not suitable for production. Read more
Does Auth0 support Email Templates developer integration?
Auth0 supports Email Templates developer integration. 10+ template types with HTML and Liquid syntax. Only 1 template per type — per-application branding requires Liquid conditionals. ~64 KB practical template size limit. Read more
Does Auth0 support Custom OIDC Claims / Token Enrichment developer integration?
Auth0 supports Custom OIDC Claims / Token Enrichment developer integration. Custom claims added to access and ID tokens via Actions using api.accessToken.setCustomClaim(). Both namespaced and non-namespaced claims now supported. Up to 1,000 custom scopes per API resource server. Read more
Does Auth0 support No-Code Auth Flow Builder / Orchestration feature?
Auth0 partially supports No-Code Auth Flow Builder / Orchestration feature. Auth0 Forms (Progressive Profiling) and Actions provide event-driven extensibility, but no visual drag-and-drop flow orchestration engine. Read more
Does Auth0 support Identity Verification / Document Proofing feature?
Auth0 does not support Identity Verification / Document Proofing feature. Auth0 does not offer built-in identity document verification or biometric liveness proofing.
Does Auth0 support Decentralized / Verifiable Credentials feature?
Auth0 does not support Decentralized / Verifiable Credentials feature. Auth0 does not support W3C Verifiable Credentials, DIDs, or wallet-based authentication.
Does Auth0 support Built-in Billing / Subscription Management feature?
Auth0 does not support Built-in Billing / Subscription Management feature. Auth0 does not offer native billing or subscription management integration. Organizations requiring billing must integrate third-party solutions (e.g., Stripe, Stigg) alongside Auth0. Read more
Does Auth0 support Agentic AI / MCP Server Authentication feature?
Auth0 supports Agentic AI / MCP Server Authentication feature. Auth0 Auth for MCP is generally available (May 2026). Enables OAuth 2.1-based authentication and authorization for MCP servers and AI agents. Supports On-Behalf-Of (OBO) token exchange, Client ID Metadata Document (CIMD) registration, resource identifier support per MCP spec, and Token Vault for managing third-party API credentials (Google, Microsoft, Jira). Users authenticate via existing IdPs and delegate scoped permissions to agents. Read more
Note: The current data is based on provider documentation/experience and may not be 100% accurate. Please open an issue if you have spotted any inconsistencies.