Security and Compliance
Your auth is secure with us
Compliant with all major regulations
Enterprise-grade product security
Security Built-In
Security is baked into every part of our platform. Stay protected against SQL injection, clickjacking, and OWASP Top 10 attacks.
Data Encryption
We use HSTS (HTTP Strict Transport Policy) to prevent man-in-the-middle attacks. We use TLS encryption to ensure all communications are secure.
Secure Defaults
Descope comes pre-configured without skimping on security. All defaults chosen for our customers are both secure and usable to give end users a great experience.
Make Informed Decisions
You know your app best. We allow you to change parameters to tweak the level of desired security for your authentication process (e.g. expiration limits, session lengths).