Buf Pro gives organizations complete control over their development environment through a private instance with a dedicated subdomain, providing an integrated and dependable developer experience. This reduces the amount of time spent on tedious and repetitive tasks, freeing up more time for developers to create value for their clients.

Our Pro tier gives organizations a private instance of the BSR with dedicated subdomain instead of the public instance at buf.build. When moving to your private instance, you'll need to complete a few basic tasks.

Create tokens

In order to access the BSR, you will need to provide login configuration details via the buf CLI.

buf registry login example.buf.dev

Bot users will need to have tokens from the new instance generated, see authentication for details.

Manage members

Organizations on the Pro tier have 2 options for managing team members:

  • Set up custom SSO via OAuth2 OIDC, or SAML. See the SSO docs for more information.
  • Use the public BSR as your identity provider (IdP). Instructions below.

Using the BSR as your IdP

  1. New organization members must sign up for the BSR.
  2. The organization admin must then add the member to the org on the public BSR via the https://buf.build/[org]/members page.
  3. The new member can then log in to the private BSR instance. You can organize members into teams on the private instance by creating Organizations there.

Using community modules in your BSR server

Buf has made various modules available in the BSR for community use and regularly maintains them. These modules include the popular googleapis and protoc-gen-validate, which were added to support community development with the BSR. We auto-sync these modules to your private BSR server, which alleviates the need to download and locally manage these Protobuf files, especially those from larger modules such as googleapis/googleapis. Syncing can take a few hours from the time we create the server.

Rename and push modules

With your own dedicated instance of the Buf Schema Registry, all configured modules will need their name changed to reference your private subdomain.

  • Get a token from the BSR, see authentication for details
  • Login to your new instance
buf registry login example.buf.dev
  • Rename all occurrences of buf.build in your buf.yaml with example.buf.dev
  • Push all of your modules
buf push