Discover how an Auth0 customer used Tenant ACL and JA3 TLS client fingerprints to mitigate a massive signup fraud attack, blocking 21 million requests.

Auth0's platform is a  identity management solution, offering insights into authentication, authorization, and user management for web and mobile applications. Through articles, tutorials, and documentation, Auth0 offers insights into securing applications with modern identity protocols like OAuth and OpenID Connect. Developers can learn about implementing single sign-on (SSO), multi-factor authentication (MFA), and user authorization policies to enhance application security and user experience.

Auth0

Auth0's Tenant Access Control List (ACL) feature helped a customer block over 21 million fraudulent signup requests during a sustained attack in September 2025. The attackers initially used specific JA3/JA4 TLS fingerprints to flood the system with fake signups at 40x normal volume. When they pivoted tactics after the first block, the customer used Tenant ACL to independently identify and block new malicious fingerprints in real-time without waiting for support intervention. This edge-level filtering prevented malicious traffic from reaching the application, avoiding rate limit impacts on legitimate users while the security team continuously updated rules to stay ahead of evolving attacker tactics.

How Auth0 Tenant Access Control List Empowers Customers Under Fire

Data-Driven Agility Outmaneuvers Identity Attacks at the Edge