Auth0 statusManual checkVerified May 24, 2026Source: status.auth0.com
Is Auth0 down?
Live status check · No widespread incident reported.
Most recent manual verification mirrored from status.auth0.com. Below: the components that can break, what to do during an incident, and how to keep your scheduled jobs running independently.
About Auth0 status
Auth0 (owned by Okta) is the long-standing enterprise identity platform powering sign-in, SSO, MFA, and RBAC for thousands of B2B apps. Incidents are usually scoped to a single tenant region (us, us-2, eu, au, jp) or to one product surface (authentication API, Management API, MFA delivery, dashboard), so the first question during an outage is which region and which product.
Components and surfaces that can break
- Surface 01
Authentication API (Universal Login, /authorize, /token).
- Surface 02
Management API (user provisioning, RBAC, tenant config).
- Surface 03
MFA delivery (SMS, push, email codes) and the Auth0 dashboard.
Recent Auth0 incidents
Auth0 maintains a public incident history. Read the latest entries to see whether you're hitting a known issue, and look at the post-mortems for context on how long similar incidents typically take to clear.
What to do if Auth0 is actually down
Existing sessions usually keep working
Auth0 sessions are JWT-based. Users who are already signed in with a valid access token keep working until the next refresh (around 1 hour by default). Fresh sign-ins, sign-ups, and token refreshes are the ones that fail during an incident.
Confirm your tenant's region
Auth0 tenants are pinned to a region: us, us-2, eu, au, or jp. The status page lists components per region. If you're on eu but the live incident is scoped to us, the problem is somewhere else in your stack, not Auth0.
Separate Auth0 from the MFA delivery provider
MFA SMS is delivered through Twilio under the hood; push and email use other providers. A Twilio incident can look like an Auth0 outage to your users. Check which leg is actually degraded before paging the identity team.
Keep firing through the incident
Schedule your own Auth0 health check with Crontap
Scheduled user exports via the Management API, stale-session cleanup, weekly MFA enrollment audits, and monthly active-user digests are all HTTP cron when wrapped in your backend. Crontap fires the endpoint that hits Auth0's Management API on the cadence you set, retries on 5xx, and stores the response body in the alert email so you can see exactly what Auth0 returned.
External HTTP cron hits your endpoint on the cadence you pick, stores every response, and emails you the moment a run fails. Pro schedules down to 1 minute; $3.25/mo annual flat for unlimited jobs.
Go deeper
Auth0 status: FAQ
- Where can I see the official Auth0 status?
- status.auth0.com publishes component status per region (us, us-2, eu, au, jp) for the authentication API, Management API, dashboard, and MFA delivery. The incidents page at status.auth0.com/incidents lists past events with timestamps and summaries.
- Why can existing users keep working but new sign-ins fail?
- Auth0 issues JWT access tokens with a default lifetime around 1 hour. Once a user is signed in, your app validates the JWT locally without calling Auth0 on every request. New sign-ins, sign-ups, and silent token renewals do hit Auth0 live, so those break first during an outage.
- How do I confirm my Auth0 tenant's region?
- Your tenant domain encodes it: example.us.auth0.com is us, example.eu.auth0.com is eu, example.au.auth0.com is au, example.jp.auth0.com is jp, and an older example.auth0.com without a region segment is us. Match that to the region listed on status.auth0.com before assuming an incident affects you.