Responsible Disclosure

Being pro-active rather than re-active to emerging security issues is a fundamental belief at OneLogin. Every day, new security issues and attack vectors are emerging and OneLogin strives to keep abreast of the latest security developments by working with security researchers, our peers, and our customers. We appreciate the community's efforts in creating a more secure ecosystem for all.

Please note: We ask that you do not share or publicize any vulnerabilities submitted via this form or directly through the bug bounty program platform.

High impact, well-written, non-duplicate reports may qualify for inclusion on our security hall of fame. Here are some tips for writing good reports.


If you have a vulnerability to report, please email security-bug-reports@onelogin.com.

For all other security inquiries, security@onelogin.com.

Are you a Security Researcher?

We are always looking for talented individuals with security experience.

See Career Opportunities