Skip to main content
Vrin is designed for organizations where data cannot leave their environment. Every architectural decision prioritizes data sovereignty.

Deployment Options

Shared Cloud

Vrin-hosted infrastructure. Data is encrypted at rest and in transit. Suitable for non-regulated workloads.API keys start with vrin_

Enterprise (Your Cloud)

Deployed in your own AWS or Azure account. Data never leaves your environment. Vrin manages the software; you control the infrastructure.API keys start with vrin_ent_

Enterprise Architecture

In enterprise deployment, Vrin routes all operations to your cloud:
  • Neptune / Cosmos DB in your account (knowledge graph)
  • OpenSearch / Azure Search in your account (vector index)
  • S3 / Azure Blob in your account (document storage)
  • LLM calls through your Azure OpenAI or AWS Bedrock endpoint
No data is stored on Vrin infrastructure. No data transits through Vrin servers.

Security Controls

  • SOC 2 Type II compliance (in progress)
  • Encryption: AES-256 at rest, TLS 1.3 in transit
  • Access isolation: All data access scoped by user_id / organization_id
  • Zero-retention LLM agreements: LLM providers do not store or train on your data
  • Audit logging: Every query and ingestion event is logged

Authentication

Two authentication methods:
MethodUse Case
API Key (vrin_ or vrin_ent_)Programmatic access from agents and applications
Stytch JWTUser-level authentication from web applications
API key prefix determines routing: vrin_ routes to shared infrastructure, vrin_ent_ routes to your dedicated environment.