We don't offer self-host. Here's what we offer instead.
Self-hosting Pro isn't on the menu today and probably won't be soon, Pro is built directly on Cloudflare's edge runtime (Workers, D1, KV, R2) and that architecture doesn't translate cleanly to a Docker-Compose-on-your-VPS install we could support without becoming a much bigger company. That's the honest answer. Below is what we offer to the security-conscious buyer who would normally reach for self-host first.
What you'd want self-host for, and what we substitute
Data never leaves my infrastructure
Substitute: minimum-data-by-design + per-region residency. Our scan schema stores only country (from CF-IPCountry) and device class, never IP, never user agent, never sub-day timestamps. There is no behavioral data to leak. For regulated buyers we also offer single-region D1 placement (EU-only / APAC-only), see /security/.
I want to hold the encryption keys
Substitute: Agency-tier add-on for per-tenant encryption keys. Today every tenant's data is encrypted at rest by Cloudflare; the optional add-on lets Agency customers supply a key we use to wrap a per-tenant DEK, so a Cloudflare-side breach yields ciphertext we can't decrypt without your key. (Roadmap; ETA Q3 2026.) The nightly D1 → R2 backup is already AES-256-GCM encrypted with a key you can rotate at any time, see backup key handling.
I need to audit every change
Substitute: shipped audit log + export. Every mutation (code create/edit/delete, team invite/role change, billing event) is recorded in audit_log with actor + timestamp + scope. The full log is exposed via GET /api/user/export as part of your data ZIP. Retention: 180 days rolling. Public-stats share-tokens have an independent revocation log.
I need data isolation per client
Substitute: Agency tier already isolates each team into its own scope (codes, scans, members, audit log). The Vault/Agency per-tenant D1 shard model (ADR-0010) splits each Agency-tier tenant onto a dedicated D1 database under the hood as soon as they cross a usage threshold, the API surface stays identical.
I need contractual data-handling commitments
Substitute: standard DPA + EU Standard Contractual Clauses available for all paying tiers. Sub-processor list is published at abundera.ai/legal/subprocessors/ with 30-day change notification. Custom Enterprise contracts (security questionnaire support, custom retention windows, contractual SLAs with financial credits) available, email enterprise@abundera.ai.
I need an SSO / SCIM integration
Available today. SAML 2.0 + OIDC single sign-on and SCIM 2.0 user provisioning shipped on the abundera.ai identity layer (Agency + Custom Enterprise tiers). SSO supports per-domain IdP routing, JIT user creation, and MFA enforcement. SCIM covers Users CRUD, Groups CRUD with group→role mapping, PATCH deactivation, and the Okta/Entra shape differences customers hit in production. RFC 7643/7644 compliance verified (20/20 on the PingIdentity-derived test suite). Okta OIN + Entra Gallery + JumpCloud partner-portal listings are in progress, in the meantime, connect as a custom SAML + SCIM app (endpoints + attribute mapping guides in our docs). Email enterprise@abundera.ai to get set up.
When self-host really is the right answer
Some buyers genuinely need self-host and we won't pretend otherwise:
- Air-gapped networks with no outbound internet.
- Specific regulators (some defense, some healthcare jurisdictions) that prohibit any third-party hosting regardless of contractual posture.
- Single-tenant infrastructure mandate from a procurement policy that doesn't accept logical isolation, only physical.
For those buyers, the right move today is the free static QR generator at qr.abundera.ai, it's a standalone HTML+JS bundle, runs entirely in the browser, makes zero outbound requests. Static codes can't be edited after print, but they also don't depend on us being online. That's the trade-off.
If your situation doesn't quite fit any of the above, email enterprise@abundera.ai, there's often a configuration of the substitute controls above that closes the gap.
Still think self-host is the only path?
Email enterprise@abundera.ai with the specific requirement that's blocking you. We answer everything; we'll tell you honestly if we can't meet it instead of pretending.
Email enterprise@abundera.ai