Private Cloud Deployment Options

If you have requirements that are not met by the Public Cloud deployment option, you can choose one of the Private Cloud deployment options:

Private Cloud Basic: Dedicated option that builds on Public Cloud performance and management and addresses specific data residency needs and includes a PCI add-on.
Private Cloud Performance: Includes all Private Cloud Basic capabilities and increases requests per second (RPS) to 500, upgrade control, load testing, and a GEO-HA add-on.
Private Cloud Performance Plus: Includes all Private Cloud Performance capabilities and increases RPS to 1,500 and load testing.

The table below compares each of the Private Cloud options with the Public Cloud option.

Feature	Public Cloud	Private Cloud Basic	Private Cloud Performance	Private Cloud Performance Plus
Tenancy	Multi	Single	Single	Single
Requests per second (RPS)	100	100	500	1,500
Service level agreement (SLA)	99.99%	99.99%	99.99%	99.99%
Data residency	Public cloud regions only	Yes	Yes	Yes
Upgrade flexibility	No	No	Yes	Yes
Dev environment	No	No	1	1

With Private Cloud, you can choose the region where your data is stored. Auth0 can provide a list of available regions that use three availability zones for the deployment. All data can remain and be stored in the chosen region. This is crucial in instances where regulations prevent data from being stored or processed outside the origin region.

For Private Cloud customers, by default, backups will be processed and stored in the United States (USA). Service logs will be processed in the region closest to where Private Cloud is hosted, currently, this includes:

Australia
Canada
Germany
India
Ireland
Japan
United States

If you have data sovereignty requirements, Auth0 supports Private Cloud deployments in the following regions:

United States
Europe
Australia
Canada
Japan

Otherwise, the Private Cloud can be supported in other regions (except China). Furthermore, Auth0 can deploy backups to AWS's S3 service in the same region that hosts the Private Cloud.

Auth0's Private Cloud instances have a 99.99% service level agreement (SLA).

If your application requires a significantly high amount of requests per second (RPS), you may also wish to consider Private Cloud. Public and Private Cloud deployment options support up to 100 requests per second (RPS). If you require more than 100 RPS, you should choose a Private Cloud deployment option. See the rate limits policies for more information about the standard rate limits. For Private Cloud deployments, the limit is 100 RPS with an upgrade to 1,500 RPS.

If your application is PCI Compliant or striving to be, and your requirements indicate that your identity provider also needs to be PCI compliant, this is only available as a Private Cloud addon. Public Cloud customers cannot acquire this benefit.

Add-on or Service	Public Cloud	Private Cloud Basic	Private Cloud Performance	Private Cloud Performance Plus
GEO-HA	Yes in US and EU only	No	Yes	Yes
PCI	No	Yes	Yes	Yes
Additional dev environments	No	No	Yes	Yes
Bundled services	None	Arch Workshop Health Check	Arch Workshop Health Check Go Live Load test (1)	Arch Workshop Health Check Go Live Load tests (2)

With the Geographic High Availability (GEO-HA) add-on, you will have the highest form of dedicated deployment availability offered by Auth0.

The standard dedicated deployment is a single-region, high availability solution, but the GEO-HA add-on extends the cluster with a geographically-distributed region where the maximum round-trip latency does not exceed 100 milliseconds. This is referred to as a high-availability GEO cluster, which is a warm standby configuration with failure handling for rapid recovery during a regional outage.

Auth0's dedicated deployments are ISO27001, SOC 2 Type II, ISO27018, and HIPAA BAA compliant, but the PCI Certified add-on ensures that your deployment is compliant with PCI-DSS requirements as well.

Private Cloud Performance Plus includes a fully-isolated and independently-updated instance for development and testing. You can add additional pre-production environments to meet your business requirements.

Guaranteed requests per second (RPS) and SLA do not apply to pre-production environments.

Private Cloud is fully deployable (meeting full data sovereignty requirements) in the following regions:

USA
Europe
Australia
Japan
Canada

Auth0’s default public Guardian MFA application (the app you can download from your MobileOS's AppStore) is not compatible with dedicated instances because it is always pointing to cloud shared endpoints. However, you can still leverage Auth0 Guardian via the Guardian SDK. Using the Guardian SDK, you can build your own MFA application that calls the Guardian API and can provide push notifications via Guardian. You can still leverage third-party MFA solutions via Auth0, such as Duo or Google Authenticator, while deployed within Private Cloud, this simply would not leverage Auth0 Guardian.

User import with hashed password is available upon request. Bulk user export via the Management API is currently not supported with the Private Cloud.

Docs

Private Cloud Deployment Options

Private Cloud Deployment Options

Operational differences

Data residency and isolation

Backups and logs

Data sovereignty

Maximum availability

High demand apps

PCI compliance certification

Add-ons and service differences

Geographic high availability

PCI certified

Additional dev environments

Limitations

Data residency

Guardian MFA

User import and export

Keep reading

Was this article helpful?