The first public beta of the Auth0 Nuxt SDK is now available for developers building web apps on the Nuxt framework!
Here are the helpful resources to explore the new Nuxt SDK and get started:
This SDK is still in Beta and we need your feedback! Please share any feedback, questions or comments on GitHub.
The first public beta of the Auth0 Nuxt SDK is now available for developers building web apps on the Nuxt framework!
Here are the helpful resources to explore the new Nuxt SDK and get started:
This SDK is still in Beta and we need your feedback! Please share any feedback, questions or comments on GitHub.
The first public beta of the Auth0 Nuxt SDK is now available for developers building web apps on the Nuxt framework!
Here are the helpful resources to explore the new Nuxt SDK and get started:
This SDK is still in Beta and we need your feedback! Please share any feedback, questions or comments on GitHub.
We are excited to announce an improvement that makes it faster and easier for you to keep your firewall configurations up-to-date.
Our IP allow list for Auth0's Public Cloud regions is now available in a standardized, machine-readable format. This new format is designed to help you automate updates and ensure the most accurate configuration for your firewall.
What this means for you:
You can access this information at: https://cdn.auth0.com/ip-ranges.json
For more details, please see our documentation on IP allow list.
When validating JWT assertions used for client application authentication, Auth0 will impose stricter requirements and accept only a tenant's issuer identifier as a single JSON string value in the "aud" (audience) claim.
The possibility of providing an "aud" claim with either one of the approaches listed below is deprecated, and at a future date will cause the service to consider such JWT assertions invalid:
OIDC enterprise connections configured to use Private Key JWT in authenticated requests to the upstream identity provider will also be able to use the applicable issuer identifier represented as a JSON string in the "aud" claim included in JWT assertions.
We have provided additional information and timelines for enforcing this change across tenants through a dashboard and support center notification.
When validating JWT assertions used for client application authentication, Auth0 will impose stricter requirements and accept only a tenant's issuer identifier as a single JSON string value in the "aud" (audience) claim.
The possibility of providing an "aud" claim with either one of the approaches listed below is deprecated, and at a future date will cause the service to consider such JWT assertions invalid:
OIDC enterprise connections configured to use Private Key JWT in authenticated requests to the upstream identity provider will also be able to use the applicable issuer identifier represented as a JSON string in the "aud" claim included in JWT assertions.
We have provided additional information and timelines for enforcing this change across tenants through a dashboard and support center notification.
We are excited to announce an improvement that makes it faster and easier for you to keep your firewall configurations up-to-date.
Our IP allow list for Auth0's Public Cloud regions is now available in a standardized, machine-readable format. This new format is designed to help you automate updates and ensure the most accurate configuration for your firewall.
What this means for you:
You can access this information at: https://cdn.auth0.com/ip-ranges.json
For more details, please see our documentation on IP allow list.
When validating JWT assertions used for client application authentication, Auth0 will impose stricter requirements and accept only a tenant's issuer identifier as a single JSON string value in the "aud" (audience) claim.
The possibility of providing an "aud" claim with either one of the approaches listed below is deprecated, and at a future date will cause the service to consider such JWT assertions invalid:
OIDC enterprise connections configured to use Private Key JWT in authenticated requests to the upstream identity provider will also be able to use the applicable issuer identifier represented as a JSON string in the "aud" claim included in JWT assertions.
We have provided additional information and timelines for enforcing this change across tenants through a dashboard and support center notification.
We are excited to announce an improvement that makes it faster and easier for you to keep your firewall configurations up-to-date.
Our IP allow list for Auth0's Public Cloud regions is now available in a standardized, machine-readable format. This new format is designed to help you automate updates and ensure the most accurate configuration for your firewall.
What this means for you:
You can access this information at: https://cdn.auth0.com/ip-ranges.json
For more details, please see our documentation on IP allow list.
When validating JWT assertions used for client application authentication, Auth0 will impose stricter requirements and accept only a tenant's issuer identifier as a single JSON string value in the "aud" (audience) claim.
The possibility of providing an "aud" claim with either one of the approaches listed below is deprecated, and at a future date will cause the service to consider such JWT assertions invalid:
OIDC enterprise connections configured to use Private Key JWT in authenticated requests to the upstream identity provider will also be able to use the applicable issuer identifier represented as a JSON string in the "aud" claim included in JWT assertions.
We have provided additional information and timelines for enforcing this change across tenants through a dashboard and support center notification.
We are excited to announce an improvement that makes it faster and easier for you to keep your firewall configurations up-to-date.
Our IP allow list for Auth0's Public Cloud regions is now available in a standardized, machine-readable format. This new format is designed to help you automate updates and ensure the most accurate configuration for your firewall.
What this means for you:
You can access this information at: https://cdn.auth0.com/ip-ranges.json
For more details, please see our documentation on IP allow list.
When validating JWT assertions used for client application authentication, Auth0 will impose stricter requirements and accept only a tenant's issuer identifier as a single JSON string value in the "aud" (audience) claim.
The possibility of providing an "aud" claim with either one of the approaches listed below is deprecated, and at a future date will cause the service to consider such JWT assertions invalid:
OIDC enterprise connections configured to use Private Key JWT in authenticated requests to the upstream identity provider will also be able to use the applicable issuer identifier represented as a JSON string in the "aud" claim included in JWT assertions.
We have provided additional information and timelines for enforcing this change across tenants through a dashboard and support center notification.
We are excited to announce an improvement that makes it faster and easier for you to keep your firewall configurations up-to-date.
Our IP allow list for Auth0's Public Cloud regions is now available in a standardized, machine-readable format. This new format is designed to help you automate updates and ensure the most accurate configuration for your firewall.
What this means for you:
You can access this information at: https://cdn.auth0.com/ip-ranges.json
For more details, please see our documentation on IP allow list.
We’re excited to announce the Early Access release of Akamai Supplemental Signals. This feature allows Auth0 Enterprise customers who have Akamai configured as a reverse proxy in front of Auth0 to forward signals from Akamai Bot Manager and Akamai Account Protector into Auth0.
With this integration, you can enrich your authentication flows with supplemental signals from Akamai and make more dynamic security decisions in post-login Actions and gain visibility through tenant logs.
Combined Risk Context: Leverage Akamai’s bot and user risk signals together with Auth0’s risk assessment for a more complete view of login risk.
Adaptive Security Controls: Combine Akamai and Auth0 risk signals to trigger MFA, deny sessions, or revoke access based on risk indicators.
Seamless Integration: Configure Akamai to forward signals and use them immediately in post-login Actions and tenant logs.
Available to all Enterprise customers using Akamai as a reverse proxy in front of Auth0.
Currently in Early Access.
We’re excited to announce the Early Access release of Akamai Supplemental Signals. This feature allows Auth0 Enterprise customers who have Akamai configured as a reverse proxy in front of Auth0 to forward signals from Akamai Bot Manager and Akamai Account Protector into Auth0.
With this integration, you can enrich your authentication flows with supplemental signals from Akamai and make more dynamic security decisions in post-login Actions and gain visibility through tenant logs.
Combined Risk Context: Leverage Akamai’s bot and user risk signals together with Auth0’s risk assessment for a more complete view of login risk.
Adaptive Security Controls: Combine Akamai and Auth0 risk signals to trigger MFA, deny sessions, or revoke access based on risk indicators.
Seamless Integration: Configure Akamai to forward signals and use them immediately in post-login Actions and tenant logs.
Available to all Enterprise customers using Akamai as a reverse proxy in front of Auth0.
Currently in Early Access.
We’re excited to announce the Early Access release of Akamai Supplemental Signals. This feature allows Auth0 Enterprise customers who have Akamai configured as a reverse proxy in front of Auth0 to forward signals from Akamai Bot Manager and Akamai Account Protector into Auth0.
With this integration, you can enrich your authentication flows with supplemental signals from Akamai and make more dynamic security decisions in post-login Actions and gain visibility through tenant logs.
Combined Risk Context: Leverage Akamai’s bot and user risk signals together with Auth0’s risk assessment for a more complete view of login risk.
Adaptive Security Controls: Combine Akamai and Auth0 risk signals to trigger MFA, deny sessions, or revoke access based on risk indicators.
Seamless Integration: Configure Akamai to forward signals and use them immediately in post-login Actions and tenant logs.
Available to all Enterprise customers using Akamai as a reverse proxy in front of Auth0.
Currently in Early Access.
We’re excited to announce the Early Access release of Akamai Supplemental Signals. This feature allows Auth0 Enterprise customers who have Akamai configured as a reverse proxy in front of Auth0 to forward signals from Akamai Bot Manager and Akamai Account Protector into Auth0.
With this integration, you can enrich your authentication flows with supplemental signals from Akamai and make more dynamic security decisions in post-login Actions and gain visibility through tenant logs.
Combined Risk Context: Leverage Akamai’s bot and user risk signals together with Auth0’s risk assessment for a more complete view of login risk.
Adaptive Security Controls: Combine Akamai and Auth0 risk signals to trigger MFA, deny sessions, or revoke access based on risk indicators.
Seamless Integration: Configure Akamai to forward signals and use them immediately in post-login Actions and tenant logs.
Available to all Enterprise customers using Akamai as a reverse proxy in front of Auth0.
Currently in Early Access.
We’re excited to announce the Early Access release of Akamai Supplemental Signals. This feature allows Auth0 Enterprise customers who have Akamai configured as a reverse proxy in front of Auth0 to forward signals from Akamai Bot Manager and Akamai Account Protector into Auth0.
With this integration, you can enrich your authentication flows with supplemental signals from Akamai and make more dynamic security decisions in post-login Actions and gain visibility through tenant logs.
Combined Risk Context: Leverage Akamai’s bot and user risk signals together with Auth0’s risk assessment for a more complete view of login risk.
Adaptive Security Controls: Combine Akamai and Auth0 risk signals to trigger MFA, deny sessions, or revoke access based on risk indicators.
Seamless Integration: Configure Akamai to forward signals and use them immediately in post-login Actions and tenant logs.
Available to all Enterprise customers using Akamai as a reverse proxy in front of Auth0.
Currently in Early Access.
We’re thrilled to introduce the Limited Early Access release of Additional Signing Algorithm for Okta and OIDC enterprise connections! This release expands flexibility for both Private Key JWT client authentication and ID token verification by adding support for stronger signing algorithms beyond RS256, including:
For Private Key JWT, Auth0 now lets you choose which algorithm is used to sign client assertion JWTs when authenticating requests to an upstream IdP. For ID token verification, Auth0 can validate tokens signed with a wider set of algorithms, ensuring compatibility across OIDC flows. Together, these enhancements give customers more control over cryptographic choices, making it easier to align with security policies and adapt as standards evolve
This release is currently rolling out to all environments. To enable the Additional Signing Algorithms Limited Early Access release in your Auth0 tenant once available in your environment, please contact your Technical Account Manager to request access.
We’re thrilled to introduce the Limited Early Access release of Additional Signing Algorithm for Okta and OIDC enterprise connections! This release expands flexibility for both Private Key JWT client authentication and ID token verification by adding support for stronger signing algorithms beyond RS256, including:
For Private Key JWT, Auth0 now lets you choose which algorithm is used to sign client assertion JWTs when authenticating requests to an upstream IdP. For ID token verification, Auth0 can validate tokens signed with a wider set of algorithms, ensuring compatibility across OIDC flows. Together, these enhancements give customers more control over cryptographic choices, making it easier to align with security policies and adapt as standards evolve
This release is currently rolling out to all environments. To enable the Additional Signing Algorithms Limited Early Access release in your Auth0 tenant once available in your environment, please contact your Technical Account Manager to request access.