The general end-of-life date for allowing weak TLS 1.2 cipher suites when initiating TLS requests to Auth0 service endpoints, via canonical or custom domains, was June 10, 2026. The removal of discontinued cipher suites applies to public and private cloud environments and other Auth0 services, but the process and timelines vary. The dates and times mentioned below are subject to change.

Public Cloud Environments

In public cloud environments, Auth0 will perform a series of brownout tests in which the service rejects TLS requests using weak ciphers for a defined time window. At the end of that period, the Auth0 service will restore the previous behavior. The multiple rounds of testing aim to reduce the impact on non-compliant systems.

The schedule for public cloud follows:

• June 16, 2026 - 1-hour duration test with the following environment-specific start times
  • 14:00 UTC - JP-1, AU-1, UK-1, EU-1 and EU-2
  • 18:00 UTC - US-3, US-4 and US-5
  • 20:00 UTC - US-1
• June 23, 2026 - 4-hour duration test with the following environment-specific start times
  • 14:00 UTC - JP-1, AU-1, UK-1, EU-1 and EU-2
  • 18:00 UTC - US-1, US-3, US-4 and US-5
• June 30, 2026 - 8-hour duration test starting at 14:00 UTC for all public cloud environments
• July 7, 2026 - permanent removal starting at 14:00 UTC for all public cloud environments and Auth0 CDN endpoints.

Private Cloud Environments

For private cloud environments, Auth0 will perform the change in two separate stages. The first one applies to environments classified as development, specifically those without a guaranteed SLA. The second one will apply to the remaining environments.

The planned start dates to initiate the private cloud rollout stages are the following:

• June 16, 2026 - Private cloud development (non-SLA) environments.
• July 21, 2026 - Remaining private cloud environments.

In both stages, the change is deployed to the private cloud environment according to the respective deployment window and release channel.

Supporting Services and Applications

On June 17, 2026, supporting services, such as the public cloud Dashboard, Team Accounts, and Marketplace, will stop supporting the deprecated TLS ciphers.

• End of Life (EOL)
• Networking
• TLS 1.2 Ciphers

Auth0 stopped supporting specific TLS 1.2 cipher suites that no longer meet security standards as part of a calendar-year 2026 change to align with current industry best practices and ensure a secure, reliable service.

On December 10, 2025, Auth0 announced the deprecation of specific TLS ciphers. The information provided in the original announcement is available in the respective Dashboard and Support Center notification.

Update client systems that make network requests to Auth0 endpoints to use supported TLS configurations.

For use cases that require maintaining compatibility with older systems, set up a self-managed certificate custom domain and configure the reverse proxy to support discontinued TLS cipher suites for inbound connections. Ensure requests from the proxy to Auth0 use supported ciphers.