Hi, I found this old thread:
But I am hoping there is more up-to-date information. Does Auth-0 use FIPS 140-2 validated (ie has a certificate #) crypto for all its signature and encryption operations. If so the certificate #s would be appreciated!
Thanks in advance!
Hey there!
Not sure about this but let me reach out to appropriate team and find more information about it!
Sorry for a huge delay but I got caught in the huge influx of questions. Anyway I got you the answer from our product team:
No, we currently don’t use FIP 140-2 encryption. We’ve identified this as part of the fedramp analysis, but there is no ETA for that.