FIPS 140-2 validated crypto

Hi, I found this old thread:

But I am hoping there is more up-to-date information. Does Auth-0 use FIPS 140-2 validated (ie has a certificate #) crypto for all its signature and encryption operations. If so the certificate #s would be appreciated!

Thanks in advance!

Hey there!

Not sure about this but let me reach out to appropriate team and find more information about it!

Hey there!

Sorry for a huge delay but I got caught in the huge influx of questions. Anyway I got you the answer from our product team:

No, we currently don’t use FIP 140-2 encryption. We’ve identified this as part of the fedramp analysis, but there is no ETA for that.