A guide on the steps and best practices for deploying Corbado Connect in your environment. Enable secure passkey authentication for all your users.
When deploying the Corbado Connect solution, you have two primary hosting models to choose from - our public cloud (Shared AWS Instance) or a private cloud (Dedicated AWS Instance). Each model offers different levels of customization, security and availability, depending on your organization’s requirements. Within the private cloud model, there are multiple high-availability configurations to handle different disaster scenarios.
For organizations aiming for simplicity and speed, Corbado offers a public cloud instance hosted on shared AWS infrastructure. This is a cost-effective, fully managed environment where Corbado handles all maintenance, security updates, and scaling.
If your focus is on rapid deployment without extensive customization or regulatory constraints, the public cloud instance is an excellent fit.
For organizations requiring tighter controls or more advanced compliance measures, Corbado can be deployed in a private cloud (dedicated AWS instance). This deployment model provides full control over data residency, customized security policies, and network configuration.
The dedicated AWS instance is fully managed by Corbado. We provide break-glass user access for emergency situations, ensuring you retain ultimate control when needed.
Within a private cloud setup, you can choose from three levels of high availability and disaster recovery:
Try our demo application to see how Corbado Connect integrates passkeys into your application.
Corbado’s system architecture ensures that any disruption to the passkey component automatically falls back to traditional login methods (e.g., existing login methods). This means:
The following table provides a high-level comparison of Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO) for different failure scenarios across the dedicated AWS configurations.
Failure Event | Multi-AZ Single-Region | Cross-Region Replica | Geo Failover |
---|---|---|---|
Single AZ Failure | RTO: 1-5 min RPO: ~0 min | No need to fail over | No need to fail over |
Two AZ Failure | RTO: 15-30 min RPO: ~0 min Until AWS stabilizes | RTO: 1-4 h RPO: < 1 min Manual failover if required | RTO: 15-30 min RPO: < 1 min Push-button failover |
Primary Region Failure | RTO: 4-8 h RPO: up to 24 h Manual failover | RTO: 1-4 h RPO: < 1 min Manual failover | RTO: 15-30 min RPO: < 1 min Push-button failover |
Corbado Connect is currently not offered as self-service option. For inquiries, demonstrations, or to discuss enterprise deployment options, please contact us:
We look forward to helping you deploy passkeys seamlessly—while protecting your existing investments and infrastructure.