Share events across organizations with explicit consent and instant revocation
Bilateral consent, identity mapping, regional data residency, and tamper proof audit trails. Every partnership in minutes, not months.
Your partner needs your order events.
You build a custom API. It takes four months.
Another partner asks for inventory data.
Another four months.
One partner gets breached.
You need to cut access. Now.
But there is no kill switch.
Data keeps flowing through forgotten endpoints.
You cannot prove what was shared or when it stopped.
npayload Federation changes that.
Consent is bilateral. Revocation is instant.
Every event is audited. Every disconnection is proven.
Bilateral consent in three steps
Both parties must consent before any data flows. No developer can fabricate consent.
Propose
One organization defines what data to share, with whom, and under what conditions.
Review
The other organization reviews the terms. Which events, which regions, how long.
Accept
Consent is cryptographically signed. Data flows immediately.
Consent flow
Instant revocation with proof
Cut access in one click. Data stops flowing within seconds. Revocation is recorded permanently and tamper proof.
Revoke
Either party clicks revoke.
Instant stop
Data flow stops within seconds.
Recorded
Revocation is permanently recorded in the audit trail.
Proof
Who revoked, when, and why. Tamper proof.
Security at the infrastructure level
Organizations never connect to each other. npayload is the only intermediary.
Zero direct connections
Organizations never connect to each other. npayload routes based on consent tokens.
Data residency
Data stays in the region your regulators require. Cross region flows need separate consent.
Identity resolution
Identities are resolved automatically at organization boundaries. Each party keeps its own schemas.
Events flow between organizations
Every event is checked against active consent and recorded in the audit trail before delivery.
Every event leaves a tamper proof trail.
Every consent proposal, every acceptance, every shared event, and every revocation is recorded in a hash chain. SOC 2, GDPR, and HIPAA auditors get exactly the proof they need. Nobody can alter or delete a record after the fact.
Before and after npayload Federation
Without Federation
- Custom API per partner (4 months each)
- No standard for consent or revocation
- Data keeps flowing after the partnership ends
- No proof of what was shared or when
- Manual identity mapping per partner
- Regional compliance impossible to verify
With Federation
- New partnership in minutes
- Bilateral cryptographic consent
- Instant revocation with proof
- Tamper proof audit trail per partner
- Automatic identity resolution in real time
- Data residency enforced by the platform
npayload Federation vs. custom integrations
| Feature | npayload | Custom integration |
|---|---|---|
| Consent based data sharing | Custom per partner | |
| Automatic identity resolution | Months of work | |
| Platform enforced data residency | Complex to build | |
| Instant revocation with proof | ||
| Per partner audit trail | Months of work | |
| No direct org connections | ||
| New partnership in minutes | Months per partner | |
| Cross region with residency consent | Major project |