Vulnerability Disclosure Program (VDP)
VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.
auth0-okta
25
In Scope
11
Out of Scope
In-Scope Assets (25)
| Asset | Category | Bounty | Quick Links | |
|---|---|---|---|---|
| *.cic-bug-bounty.auth0app.com | URL | No | ||
| MFA Integrations | OTHER | No | - | |
| auth0.com | URL | No | ||
| auth0.net | URL | No | ||
| config.cic-bug-bounty.auth0app.com | URL | No | ||
| https://api.us1.fga.dev/ | URL | No | ||
| https://apps.apple.com/us/app/auth0-guardian/id1093447833 | IOS | No | - | |
| https://customers.us1.fga.dev/ | URL | No | ||
| https://dashboard.fga.dev/ | URL | No | ||
| https://github.com/auth0/Auth0.Net | OTHER | No | - | |
| https://github.com/auth0/auth0-java | OTHER | No | - | |
| https://github.com/auth0/auth0-php | OTHER | No | - | |
| https://github.com/auth0/auth0-spa-js | OTHER | No | - | |
| https://github.com/auth0/auth0.js | OTHER | No | - | |
| https://github.com/auth0/lock | OTHER | No | - | |
| https://github.com/auth0/nextjs-auth0 | OTHER | No | - | |
| https://github.com/auth0/react-native-auth0 | OTHER | No | - | |
| https://manage.cic-bug-bounty.auth0app.com/ | URL | No | ||
| https://marketplace.auth0.com | URL | No | ||
| https://play.fga.dev/ | URL | No | ||
| https://play.google.com/store/apps/details?id=com.auth0.guardian&hl=en_US&gl=US | ANDROID | No | ||
| jwt.io | URL | No | ||
| openidconnect.net | URL | No | ||
| samltool.io | URL | No | ||
| webauthn.me | URL | No |
Out-of-Scope Assets (11)
| Asset | Category | Bounty | |
|---|---|---|---|
| Auth0 Docs (including quickstarts) | URL | No | |
| accounts.auth0.com | URL | No | |
| auth0.auth0.com | URL | No | |
| community.auth0.com | URL | No | |
| goextend.io | URL | No | |
| https://support.auth0.com/tickets/new | URL | No | |
| manage.auth0.com | URL | No | |
| phenix.rocks | URL | No | |
| sharelock.io | URL | No | |
| support.auth0.com | URL | No | |
| webtask.io | URL | No |