Deployment Models: Managed, White-Label, Private

Paprel ships three ways: managed (we host, you integrate), white-label (we power, your brand fronts), and private deployment (your infrastructure, scoped together). This page is the map — what each model actually is, when it's the right call, and what doesn't change no matter which one you pick. Vendors are routinely vague about deployment boundaries; we'd rather you cite this page in your evaluation.

ManagedWhite-labelPrivate / BYOC
Who hostsPaprelPaprel, behind your brandYour cloud, or dedicated infrastructure
Who your customers seeYou (API) or Paprel (workspace)You, end to endYou
Tenant attributionStandard companiespartner_id on every tenantScoped per engagement
PricingStarter $149/mo · Growth $499/moCustom tierCustom tier
Starting pointSandbox, self-serve, todaySandbox today, contract for productionConversation first

Managed — the default

Paprel hosts everything: API, ledger, hosted workspace surfaces. You integrate over REST (or MCP for agents) and never think about infrastructure.

Two properties matter architecturally:

  • Tenant-pinned regions. Tenant data lives in one of US, EU, or APAC — pinned at provisioning, no cross-region replication. If your customers are split across jurisdictions, you pin per tenant, not per account.
  • Sandbox → production is the trial path. Sandbox is self-serve — no billing, no sales call. Run the 20-minute build there, then move to production on Starter ($149/month, 5,000 included accounting ops) or Growth ($499/month, 30,000 included ops) with a 14-day trial. Sandbox and production are separate, isolated environments, so evaluation never touches live data.

Choose managed when you're embedding accounting into your product and standard data-residency options cover you. This is the right starting point for almost everyone — the other two models exist for distribution and compliance shapes that managed can't express, not as upgrades.

White-label — your brand end to end

Same managed infrastructure, different ownership of the customer relationship. Every tenant you provision carries your partner_id, attributing it to your platform rather than floating as an independent signup — the field that makes this white-label rather than just multi-tenant. The full setup (provisioning, per-tenant roles, tenant-scoped OAuth) is walked in the white-label setup guide.

Two delivery surfaces today:

  1. Headless API under your brand. Your UI, your domain, your design system. Paprel is the engine behind your endpoints.
  2. Hosted surfaces. Paprel-hosted workspace views you hand your customers, for the accounting screens you don't want to rebuild.

Embeddable UI components — drop-in widgets you mount inside your own app — are on the roadmap, not shipping today. If a component library is a launch requirement, talk to us before you commit.

Commercially, white-label is scoped in the Custom tier: white-label SaaS distribution, committed usage bands, and rollout support, priced per engagement rather than off the Starter/Growth grid.

Choose white-label when you sell accounting to your own customers — vertical SaaS, neobanks, accounting firms, fintech platforms — and our name should never appear on their books.

Private deployment / BYOC — your cloud

For teams whose compliance posture or network boundary rules out shared infrastructure: dedicated infrastructure or bring-your-own-cloud, with private networking where the engagement calls for it.

This is not a checkbox; it's a scoped engagement. Usage, support, infrastructure, security review, and rollout support are scoped together under the Custom tier — deployment shape, region, and operational responsibilities get decided with your security reviewers in the room, not discovered after signature. Bring them: we'll walk architecture, controls, and documentation in detail.

Choose private/BYOC when a regulator, a procurement gate, or your own security policy requires the ledger to run inside infrastructure you control — and accept that the path starts with a conversation, not a sandbox key. (You can and should still evaluate the product in sandbox first; it's the same API surface.)

What stays the same in every model

The deployment model changes who hosts and who your customers see. It does not change the product:

  • Same OpenAPI surface. One API contract across managed, white-label, and private. Code you write against sandbox is the code you ship, whichever model you land on.
  • Same ledger guarantees. Double-entry, balance-validated postings — unbalanced entries are rejected, not corrected silently. Journal history is append-only; writes are idempotent via client-supplied keys.
  • Full export, no lock-in. Your data can be exported in full at any time; we don't lock the ledger behind the product.
  • Same ownership terms. Your data is yours — processed to provide the service, not sold or used for advertising. A DPA and sub-processor list are available on request during evaluation.

On posture, stated plainly: managed infrastructure runs on Google Cloud and Cloudflare, both independently SOC 2 and ISO 27001 certified at the infrastructure layer. Paprel's own formal certifications are on the roadmap — we don't make certification claims we haven't earned, and we share current controls and documentation directly during evaluation. Uptime is a 99.9% target. If a specific certification or control gates your decision, raise it early and we'll be candid about where we are.

Where to go next

Evaluate Paprel

Build in sandbox, launch with a production trial

Use sandbox for developer testing with no billing. When you are ready for real workflows, start production on a monthly plan with a 14-day free trial.

API-First Delivery
Audit-Ready Controls
Sandbox And Guided Rollout
We use cookies to improve your experience. Manage preferences or accept all.