In my service I use authorization via Auth0.
As far as I understand, the service allows you to store user data only in Europe or the USA.
I don't understand this at all, but it seems like, according to Russian law, I have to store data in Russia. Its application database is really located in Russia (in the Yandex cloud).
- Am I breaking something using Auth0?
- If the practice of checking compliance with these requirements in small companies. How can this be verified?
- Are there any authorization services of the Auth0 level that store user data in Russia. Or maybe it is possible to force Auth0 to use my DB?
Auth0 allows you to use your own database, but only in the paid version. See instructions for details