Fully hosted in the EU. Data never leaves Europe. GDPR-native by design.
Every byte runs on EU infrastructure. Nothing is replicated outside Europe.
No US entity, no US cloud. Outside the reach of the US CLOUD Act.
Privacy built into the architecture, not bolted on to pass an audit.
Hosted in Germany. No data leaves the EU. No US legal exposure.
OIDC, SAML, and SCIM. Works with your stack from day one.
Connect identities across organizations. The layer others skip.
One login across every application, over OIDC and SAML.
Provision and remove users automatically as teams change.
MFA, passkeys, and session control out of the box.
Policy-based control over who can reach what.
A clean SDK and standard protocols mean SSO, directory sync, and authorization drop into your app without a rebuild.
Works over OIDC, SAML, and SCIM.
import { Thoryn } from "@thoryn/sdk"; const thoryn = new Thoryn({ region: "eu-central" }); // Send a user into SSO app.get("/login", (req, res) => { const url = thoryn.sso.authorizationUrl({ connection: "acme-oidc", redirectUri: "https://app.example.eu/callback", }); res.redirect(url); }); // Exchange the code for a verified profile app.get("/callback", async (req, res) => { const { user } = await thoryn.sso.exchange(req.query.code); req.session.user = user; // stored in the EU, always res.redirect("/dashboard"); });
We review your apps, identity providers, and requirements.
Single sign-on and directory sync connected to your apps.
Policies, fine-grained access, and audit logging in place.
Running on EU infrastructure, ready for your users.
A single renovation programme runs across municipalities, contractors, engineers, and suppliers. Thoryn gives each partner scoped access to the right files, and nothing else.
Hosted in Germany. No transfers to non-EU jurisdictions.
Data protection native to the platform, not retrofitted.
Aligned security controls for essential and important entities.
Operational resilience for financial sector deployments.
Ready for European Digital Identity, aligned to ARF 1.4.
Every authentication and access event recorded and exportable.
Thoryn speaks the EUDI Wallet protocols today, so you are prepared as eIDAS 2.0 rolls out across the EU.
| Thoryn | WorkOS | Ory | |
|---|---|---|---|
| EU-only infrastructure by default | Yes | No | Self-hosted |
| Zero US legal exposure | Yes | No | Depends |
| Enterprise SSO and SCIM | Yes | Yes | Partial |
| Cross-organization federation | Yes | No | No |
| eIDAS 2.0 and EUDI ready | Yes | No | No |
Based on publicly available product information. Reflects default managed offerings.
All plans hosted in the EU. Priced per year, billed annually.
See how Thoryn fits your stack in a 30-minute demo.