Infrastructure

Global infrastructure.
Local data residency.

Multi-region deployment across 4 regions. Edge locations for low-latency auth. Your tenant data stays in the region you choose.

Available on Free and above. See pricing

Four regions. Data stays local.

Choose your data region when you create a tenant. Auth traffic routes to the nearest edge. Tenant data never leaves the selected region.

US
United States
us-central1
GCP Cloud Run
EU
European Union
europe-west1
GCP Cloud Run
IN
India
asia-south1
GCP + Edge
AU
Australia
australia-se1
GCP Cloud Run

Request flow

Every auth request routes through Cloudflare, resolves the tenant, and hits the correct regional backend.

Request flow:

  User -> Cloudflare Edge (300+ PoPs)
    |
    v
  CF Worker reads tenant slug from subdomain
    |  acme.authfi.app -> tenant: acme
    v
  D1 lookup -> region: us-central1
    |
    v
  GCP Cloud Run (us-central1)
    |  auth-service, admin-service, connect-service
    v
  Response -> JWT issued -> back to user

  Total latency: ~80ms (edge cache hit: ~15ms)

Edge + cloud architecture

Cloudflare edge

300+ PoPs worldwide. DNS, TLS termination, DDoS protection, tenant routing. JWKS caching at the edge.

GCP Cloud Run

Autoscaling containers per region. Zero to N instances. Pay per request. No cold start for auth.

Homelab edge (India)

Bare-metal K8s cluster for Asia-South1. 2 nodes, WireGuard mesh, eBPF agent. Low-latency for Indian tenants.

SLA and compliance

Uptime SLA by plan

Free Best effort
Starter 99.5%
Pro 99.9%
Business 99.95%
Enterprise 99.99%

Security and compliance

SOC 2 Type II Ready
HIPAA Audit logging
GDPR Data residency
Encryption at rest AES-256
Encryption in transit TLS 1.3
Zero telemetry No data sharing

Ready to get started?

Free for 5,000 monthly active users. No credit card required.

Start free Read the docs