auth0 · pmathew92 · Mar 6, 2026 · Mar 6, 2026
@@ -1319,8 +1319,6 @@ You can skip sending the `customScheme` property if you do not want to customize
 
 [DPoP](https://datatracker.ietf.org/doc/html/rfc9449) (Demonstrating Proof-of-Possession) is an OAuth 2.0 extension that cryptographically binds access and refresh tokens to a client-specific key pair. This prevents token theft and replay attacks by ensuring that even if a token is intercepted, it cannot be used from a different device.
 
-> **Note**: This feature is currently available in [Early Access](https://auth0.com/docs/troubleshoot/product-lifecycle/product-release-stages#early-access). Please reach out to Auth0 support to get it enabled for your tenant.
-
 ### Enabling DPoP
 
 DPoP is enabled by default (`useDPoP: true`) when you initialize the Auth0 client:

@@ -483,7 +483,6 @@ DPoP is **enabled by default** (`useDPoP: true`) in this SDK because it provides
 - ✅ Enable if you handle sensitive data or financial transactions
 - ✅ Enable if you want best-in-class security practices
 - ✅ Enable if your users access the app from multiple devices (DPoP helps prevent cross-device token abuse)
-- ⚠️ **Note**: DPoP is currently in [Early Access](https://auth0.com/docs/troubleshoot/product-lifecycle/product-release-stages#early-access) - contact Auth0 support to enable it on your tenant
 - ⚠️ **Note**: Existing users with Bearer tokens will need to log in again to get DPoP tokens (see [FAQ #13](#13-how-do-i-migrate-existing-users-to-dpop))
 
 **How to disable it (if needed):**