Infrastructure

"Our auth provider went down for 45 minutes. Every customer was locked out. We lost $200K in that window."

— SaaS founder after an auth outage

Your auth can't go down.
Ours doesn't.

Multi-region deployment. Cloudflare edge in 300+ locations. Automatic failover. Zero-downtime deploys. 99.99% SLA. Because auth is the one thing that can never fail.

300+
Edge locations
4
Data regions
99.99%
Uptime SLA
<100ms
Global latency
0s
Deploy downtime
~45μs
eBPF latency

Single-region vs. AuthFI

Single-region auth

  • One region. One database. One point of failure.
  • Deploy = 30 seconds of downtime
  • DDoS hits your auth endpoint → everyone locked out
  • User in Australia → 300ms latency to US-East
  • Compliance requires EU data residency → rewrite infra

AuthFI infrastructure

  • 4 data regions: US, EU, India, Australia
  • Zero-downtime rolling deploys, every time
  • Cloudflare edge: 300+ locations absorb DDoS
  • Auto-failover: region down → traffic reroutes in <30s
  • Data residency per tenant — choose at creation, enforced always

Global infrastructure

4 data regions. 300+ Cloudflare edge locations. Automatic failover between regions. Your users get <100ms latency globally.

Global infrastructure map with 4 regions and 300+ edge locations
US
United States
us-central1
GCP Cloud Run
EU
European Union
europe-west1
GCP Cloud Run
IN
India
asia-south1
GCP Cloud Run + Edge
AU
Australia
australia-southeast1
GCP Cloud Run

Cloudflare Cloudflare Edge

Every auth request enters at the nearest Cloudflare edge location. DDoS absorbed before it reaches our servers.

DDoS Protection

L3/L4/L7 protection. Enterprise-grade. Absorbs volumetric attacks at the edge before they reach auth servers.

SSL Termination

TLS terminated at the edge. Reduces latency by ~10ms. Full end-to-end encryption maintained to origin.

Smart Routing

Worker-based tenant routing. Each request maps to the correct data region based on tenant configuration. <2ms routing overhead.

Zero-downtime deploys

Every deploy is a rolling update. Blue/green with automatic traffic shifting. Zero dropped requests. Zero downtime. Every time.

1

New version built

CI builds container image, pushes to artifact registry.

Image: authfi-auth:v2.14.0 → pushed to registry
2

New revision starts

Cloud Run starts a new revision alongside the current one.

v2.13.0 ████████████ 100% traffic v2.14.0 ░░░░░░░░░░░░ 0% (starting)
3

Health checks pass

New revision passes health checks. Traffic begins shifting.

v2.13.0 ██████░░░░░░ 50% traffic v2.14.0 ██████░░░░░░ 50% (healthy ✓)
4

Traffic fully shifted

Old revision drains connections. 100% on new. Zero dropped requests.

v2.13.0 ░░░░░░░░░░░░ 0% (draining) v2.14.0 ████████████ 100% ✓

Automatic failover

Region goes down? Traffic reroutes to the next closest healthy region in <30 seconds. User sessions preserved — JWTs are stateless, verified via JWKS.

How it works
  • 1. Region health monitored continuously (30s intervals)
  • 2. Failure detected → DNS updated via Cloudflare API
  • 3. Traffic reroutes to next closest healthy region
  • 4. User sessions preserved (JWTs are stateless)
  • 5. Audit logs replicated across regions
Why it matters
  • No single point of failure
  • Users don't notice regional failures
  • Auth never goes down, even during incidents
  • Compliance data stays in-region (not replicated)
  • Automatic recovery when region comes back

Latency breakdown

End-to-end auth in under 50ms. eBPF enforcement in 45 microseconds.

DNS resolution
~5ms
TLS handshake
~10ms
Request routing
~2ms
Auth processing
~15ms
eBPF enforcement
~45μs
Total <50ms

SLA by plan

Free
Best effort
Starter
99.5%
Pro
99.9%
Business
99.95%
Enterprise
99.99%

Compliance & security

SOC 2 Type II
Ready
HIPAA
Audit logging
GDPR
Data residency
Encryption at rest
AES-256
Encryption in transit
TLS 1.3
No data sharing
Zero telemetry
Start free → Check status

Related

Security

How we protect your data at every layer

Observability

Unified audit trail across all regions

Control Plane

One dashboard managing all regions and layers

Available on All plans and above. See pricing →

One platform. Every identity layer.
Free to start.

Free for 5,000 users. Upgrade when you're ready.

Start building free →

Startups and enterprises get 1 year free →