Self-hosted deployment overview

Scalekit’s self-hosted deployment lets you run the full Scalekit platform on your own Kubernetes cluster. All authentication data stays within your infrastructure — nothing leaves your network.

Use self-hosted deployment when your organization requires:

• Data residency: Auth data must remain in a specific region or on-premises location
• Network isolation: The auth service must not be reachable from the public internet
• Compliance: Regulations such as FedRAMP, HIPAA, or internal security policies prohibit use of SaaS auth services
• Air-gapped environments: Your deployment environment has no outbound internet access

How it works

Scalekit is deployed on Kubernetes via a Helm chart managed through the Scalekit distribution portal. You configure the deployment with a values.yaml file, apply Kubernetes secrets to your cluster, and connect the cluster to the portal — which handles chart delivery, migrations, and upgrades.

What Scalekit runs

A self-hosted deployment runs as a single Kubernetes Deployment with multiple containers:

Component	Description
Auth service	Core service handling login, token issuance, sessions, SSO, and SCIM
Dashboard	Admin web UI for managing your Scalekit instance
Flagd	Feature flag sidecar for runtime configuration
Webhooks	Webhook delivery service
OpenFGA	Fine-grained authorization engine (optional)

What you provide

Scalekit does not bundle a database or cache in production. You provision and manage these separately:

Dependency	Requirement	Notes
Kubernetes	1.27 or later	Any managed or self-managed cluster
PostgreSQL	15 or later	Three databases required: scalekit, webhooks, openfga
Redis	6.2 or later	Used for sessions, caching, and job queues
SMTP	Any provider	Postmark and SendGrid have first-class support

Evaluation shortcut

The Helm chart includes optional PostgreSQL and Redis subcharts. Enable them to spin up Scalekit quickly without provisioning external services. Use subcharts for evaluation only — they are not suitable for production.

Access required

Self-hosted deployment requires a Scalekit enterprise license. You receive your Helm chart access and container registry token through the Scalekit distribution portal as part of onboarding.

Choose your path

Path	When to use
Quick start	Get Scalekit running fast using bundled PostgreSQL and Redis. Ideal for evaluation and proof-of-concept. No external databases or kubectl secret commands needed.
Full installation	Production deployment with external PostgreSQL and Redis, full secret management, and your choice of ingress controller.