Authelia takes security very seriously. We follow the rule of responsible disclosure, and we encourage the community to as well.

If you discover a vulnerability in Authelia, please first contact one of the maintainers privately either via Matrix or email as described in the contact options below.

For details about security measures implemented in Authelia, please follow this link and for reading about the threat model follow this link.

Join the Matrix Room and locate one of the maintainers. You can identify them as they are the room administrators. Alternatively you can just ask for one of the maintainers. Once you've made contact we ask you privately message the maintainer to communicate the vulnerability.

Join the Discord Server and message the #support chat which links to Matrix and contact a maintainer.

You can contact any of the maintainers for security vulnerability related issues by emailing security@authelia.com. This email is strictly reserved for security and vulnerability disclosure related matters. If you need to contact us for another reason please use Matrix or team@authelia.com.