Tenant Model of Auth0 Public Cloud

Overview

This article presents the tenant model of the Auth0 public cloud.

Applies To

  • Auth0 Public Cloud

Solution

Okta CIC’s public cloud is a multi-tenant service. Separation of customers in the multi-tenant environment is done logically at the application layer. Tenants are identified in the database by their Tenant ID and have their individual secrets, signing keys, connections, rules, and credentials further encrypted using unique per-tenant encryption keys stored in a KMS. Okta implements policies and procedures to store inputs, items in processing, and outputs completely, accurately, and timely in accordance with system specifications. This has been audited and verified in our most recent SOC2, which attests to all 5 trust principles, including Processing Integrity. Furthermore, Okta CIC submits to independent third-party source code reviews to further ensure data is handled properly and as intended by the application. A private cloud allows for a dedicated instance and database.