Domainee
Sign inGet started
← Back to blog

Entri alternative in 2026: why you don't need to spend $3,000 a year before you ship

Jonathan Geiger·
entrientri alternativecustom domainscomparisonalternativessaaspricing

Entri's DNS-configuration widget is genuinely one of the best onboarding components in the market. The iframe that pops up, detects the customer's registrar, and writes the right records on their behalf is real, lovely engineering. I'd want it for my product too.

What I would not want is the bill.

Entri starts at $249 a month for 600 automatic domain connections per year. The custom-domain infrastructure with automatic SSL (the part you actually need to ship the feature) is a separate $500 a month add-on. That's $749 a month, or roughly $9,000 a year, before you've onboarded your first customer. The Growth, Premium, and Enterprise tiers above that aren't published.

If you typed "Entri alternative" into Google, the conversation in your head is probably some version of: the product is great, the price doesn't fit. Maybe you're an indie SaaS with 12 customers and the per-month sticker is the entire feature budget. Maybe you're a Series A and the $9K/yr is fine but the 600-domain annual cap is going to bite by month 6. Maybe you just don't want to commit to a six-figure ARR product before you've validated the feature.

This post is the full walkthrough of Domainee, the alternative I build, written the way I'd want a competitor to write about it. What it is, who it's for, how it works under the hood, and the 5-minute tutorial.

Why people search for an Entri alternative

Four reasons keep showing up in DMs and Reddit threads:

  1. The $249 entry sticker. Entri's lowest paid tier is $249 a month. There's no free tier. For most indie and small SaaS teams, that's a feature budget for the whole quarter, not a single integration.
  2. The $500/mo upsell to actually ship. The $249 plan ("Connect") gets you the DNS widget. The custom-domain infrastructure with auto-SSL ("Connect + Power") is a separate $500/mo add-on, putting you at $749/mo to ship the feature.
  3. The annual domain cap. Entry plan: 600 domain connections per year. That's a hard ceiling. If your SaaS does 60 new customer hostnames a month, you're capped halfway through the year and the next tier (Growth, 2,400/yr) isn't publicly priced.
  4. Pricing transparency falls off a cliff. Connect and Connect + Power are published. Growth, Premium, and Enterprise aren't. If you need more than 600 domains a year, you're back on a sales call.

If any of those got you to Google, the rest of this is for you.

What Entri actually charges, plan by plan

To make the comparison honest, the published numbers:

PlanPrice/moDomain connections/yrCustom-domain infra + SSL
Connect$249600No (DNS widget only)
Connect + Power$749600Yes
GrowthContact sales2,400Yes
PremiumContact sales12,000Yes
EnterpriseContact sales12,000+Yes

At "Connect + Power," $749/mo equates to about $1.25 per domain per month, IF you fill the 600-domain annual cap. Most teams running custom domains for their users don't, especially in year one. Real-world effective cost-per-domain ends up much higher.

To put $749/mo in perspective: at Domainee's pay-as-you-go rate of $0.20 per domain per month, $749 covers roughly 3,745 custom domains. The free tier covers the first 50.

The fuller side-by-side breakdown is at /alternatives/entri.

OK. The alternative.

Meet Domainee

Domainee is a developer API that lets your SaaS users connect their own domain to your product. Their customer types shop.acme.com and lands on your app, with first-class TLS, real HTTP, and your origin invisible behind the edge.

Three things ship together:

  1. Connect API. Bring your own domain. One POST per customer hostname, one CNAME at their registrar, cert provisions on first request and renews forever.
  2. Buy-a-Domain API. Your user doesn't own a domain yet. Live availability check, one purchase call, auto-connect, the user is the legal registrant. Flat $1 fee on top of the TLD price.
  3. Masking and Forwarding APIs. Reverse-proxy at the edge (mode: "proxy") or HTTP 301/302 (mode: "redirect"). Same API, different intent.

Public REST surface plus a first-class MCP server so AI agents can drive the exact same key. HMAC-signed webhooks fire on every plan, including the free one. Stripe-shaped developer experience: Bearer auth, idempotency keys, signed webhooks, every endpoint documented at /docs/api.

Where Entri still wins

Two things, in fairness:

The DNS-configuration widget. Entri's iframe widget that pops up, detects the customer's registrar, and writes the records on the customer's behalf via Domain Connect partnerships is genuinely best-in-class. If your customers are non-technical (think marketing teams at SMBs configuring their own custom domain), that widget is worth real money.

Wider Domain Connect coverage. Entri has direct integrations with 50+ DNS providers via the Domain Connect protocol, including some smaller registrars that nobody else has integrations with. For most teams this doesn't matter; for some it does.

Where Domainee wins: everything else, especially the price. Below 600 domains a year, by an order of magnitude.

Who Domainee is for

Five fits where Domainee is the obvious pick:

  • SaaS founders shipping their first custom-domain feature. You're 1 to 200 customers in. You don't have the budget for a $9K/yr commitment and you don't have engineering bandwidth for a roll-your-own ACME loop. The free tier covers the entire pilot phase.
  • Indie / small SaaS that already validated the feature. You've got hundreds of customers, custom domains is delivering, but $749/mo for infrastructure that costs your provider pennies feels wrong. At Domainee's rates, the same scale costs you a fraction of one Entri month.
  • Multi-tenant teams ready to white-label. You're already running tenants on acme.yourapp.com subdomains. The customer wants app.acme.com. Domainee plugs in behind your existing tenant lookup.
  • Agencies and platform builders. You manage dozens of client brands. One Domainee workspace, one Bearer key, every client hostname tagged with metadata.clientId, webhooks fan out to one handler.
  • AI builders shipping with MCP. You're letting an agent provision tenants inside a chat. Domainee's MCP server exposes the API surface as tools with the same auth.

Who Domainee is NOT for: teams whose customers genuinely need the white-glove DNS widget UX, where Domain Connect partnerships with smaller registrars are non-negotiable, and where the budget for that experience is already approved. In that narrow band, Entri's widget is the right tool.

How Domainee works under the hood

If you've built a multi-tenant SaaS before, the architecture will read familiar. If not, here's the path a request walks.

Step 1. The customer adds a CNAME. They go to their registrar (Namecheap, GoDaddy, Cloudflare DNS, name dot com, etc.), open the DNS panel, paste one record: CNAME shop edge.domainee.dev. That's the only thing they ever touch.

Step 2. Domainee's edge picks up the resolver propagation. As Cloudflare, Google, Quad9, and OpenDNS catch up, Domainee verifies the CNAME and fires a domain.pending then domain.verified webhook to your backend.

Step 3. Let's Encrypt issues a cert on first request. ACME validation runs over HTTP-01 against Domainee's edge, no customer action required. The cert lands, marked ssl: "active" in the API. Renewals run every 60 days, forever.

Step 4. A visitor hits shop.acme.com over HTTPS. Domainee's edge terminates TLS using the customer's hostname cert, then proxies to your origin with two headers your origin reads to figure out the tenant:

X-Forwarded-Host:        shop.acme.com
X-Domainee-Original-Host: shop.acme.com

Step 5. Your origin reads the header, looks up the tenant, returns HTML. Same Next.js app, same Rails app, same Phoenix app. Nothing else changes.

Step 6. Drift detection runs in the background. Domainee polls each customer's DNS on a deterministic schedule. If a customer removes the CNAME, points it elsewhere, or flips on Cloudflare orange-cloud, you get a domain.drift webhook within minutes with the exact diagnosis.

The whole thing is one box drawing:

Visitor → shop.acme.com (TLS) → Domainee edge → X-Forwarded-Host → your origin
                                      ↓
                              Let's Encrypt cert
                              DNS health monitor
                              Webhook fanout

Tutorial: Connect your first customer domain in 5 minutes

End-to-end, from API key to a live customer hostname.

Step 1. Mint an API key

Sign up at /sign-up. Free, no card. Open /developers, click Create API key, copy the sk_live_… string. It's shown once.

Step 2. Register a customer hostname

From your app's backend, when a customer adds a domain:

curl https://api.domainee.dev/v1/domains \
  -H "Authorization: Bearer $DOMAINEE_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "hostname": "shop.acme.com",
    "originUrl": "https://acme-prod.fly.dev",
    "mode": "proxy",
    "metadata": { "tenantId": "tnt_77721" }
  }'

Response:

{
  "domain": {
    "id": "8f09b47c-b42f-4d14-9e10-...",
    "hostname": "shop.acme.com",
    "status": "pending",
    "ssl": "pending",
    "dnsRecords": [
      { "type": "CNAME",
        "name": "shop.acme.com",
        "value": "edge.domainee.dev" }
    ]
  }
}

metadata is yours. Stick your tenant ID, client ID, plan tier, whatever. It comes back on every webhook so your handler doesn't need a second lookup.

Step 3. Tell the customer the CNAME

Render the dnsRecords array in your UI. Copy button on the value, a registrar hint ("On Cloudflare DNS? Make sure the proxy is OFF."), a live status pill.

Type   Name           Value
CNAME  shop.acme.com  edge.domainee.dev

This is the part Entri's widget automates. You can write a decent version of it in an afternoon with a registrar detection table; the DNS-instructions UI pattern is covered at /blog/dns-instructions-ux-for-saas.

Step 4. Handle the webhook when DNS lands

import crypto from "node:crypto";
import express from "express";

const app = express();

app.post(
  "/webhooks/domainee",
  express.raw({ type: "application/json" }),
  async (req, res) => {
    const sig = req.header("x-domainee-signature");
    const expected =
      "sha256=" +
      crypto.createHmac("sha256", process.env.WHSEC)
        .update(req.body)
        .digest("hex");
    if (!crypto.timingSafeEqual(Buffer.from(sig), Buffer.from(expected))) {
      return res.status(401).end();
    }
    const event = JSON.parse(req.body.toString());
    if (event.type === "domain.verified") {
      await db.tenants.update({
        where: { id: event.data.metadata.tenantId },
        data: { customDomain: event.data.hostname, status: "live" },
      });
    }
    res.json({ ok: true });
  },
);

Step 5. Read the host header at your origin

// middleware.ts
import { NextRequest, NextResponse } from "next/server";

export function middleware(req: NextRequest) {
  const host =
    req.headers.get("x-domainee-original-host") ??
    req.headers.get("x-forwarded-host") ??
    req.headers.get("host") ??
    "";

  if (host === "yoursaas.com" || host.endsWith(".yoursaas.com")) {
    return NextResponse.next();
  }

  const tenant = lookupTenantByHost(host);
  if (!tenant) return NextResponse.next();

  const url = req.nextUrl.clone();
  url.pathname = `/_tenants/${tenant.id}${url.pathname}`;
  return NextResponse.rewrite(url);
}

Full multi-tenant pattern (including dynamic OG tags and per-tenant favicons) at /blog/nextjs-multi-tenant-custom-domains.

Side-by-side: Entri vs Domainee at three scales

At the scales most SaaS products actually operate at:

Customers on custom domainsEntri (Connect + Power)Domainee
50$749/mo · 600/yr cap$0/mo (free tier)
500$749/mo · 600/yr cap~$90/mo
5,000Growth tier (sales call)~$700/mo (with PAYG graduation)
50,000Premium tier (sales call)~$5,000/mo (with PAYG graduation)

At 50 customers, Entri is $9,000/yr you don't need to spend. At 500, Domainee is roughly 12% of the cost. At 5,000, you're comparable on the surface but Domainee publishes the number and Entri doesn't.

What's included on every Domainee tier

Yes, including free:

  • Connect API (BYO domain)
  • Buy-a-Domain API (your user purchases inside your app, $1 flat fee, user is legal registrant)
  • Masking + Forwarding APIs
  • HMAC-signed webhooks with retries
  • MCP server for AI agents
  • Drift detection + orange-cloud warnings
  • Dashboard with per-customer telemetry

What's NOT included on Domainee: Entri's Domain Connect iframe widget. If your customers genuinely need a one-click registrar-detection experience and you can't ship the DIY version, that's the trade.

Operational realities you should know about

Five things every SaaS shipping custom domains hits in production. Useful whether you pick Domainee or anything else.

Cloudflare orange-cloud. Your customer's domain is on Cloudflare DNS, they click the orange cloud, and Cloudflare gets between the visitor and your edge. TLS handshakes fail. Domainee inspects A records on registration and flags it with the fix pre-drafted. Full runbook at /blog/debug-customer-custom-domain-runbook.

Apex domains. Customer wants acme.com, not shop.acme.com. CNAME at the apex is technically against spec; most registrars support ALIAS / ANAME / Cloudflare CNAME-flattening. Where they don't, A records work. Domainee returns BOTH options in dnsRecords. Full breakdown at /blog/apex-domain-support-for-saas.

Cert renewal. Let's Encrypt rate-limits in three tiers (50, 500, 5,000 hostnames per account/week). Domainee handles the pool routing internally. You never trip a limit.

DNS drift. Customer accidentally removes the CNAME six months in. Domainee polls deterministically, fires domain.drift within minutes, the dashboard shows the diagnosis. Wider story at /blog/monitor-customer-ssl-certificates-at-scale.

Masking vs forwarding. Two intents people conflate. Masking keeps the customer's URL in the address bar and proxies under it. Forwarding sends a 301. Both work, different use cases. Long version at /blog/domain-masking-without-iframe.

What to do next

If you came in pre-shortlisted on Entri and the price is the only thing stopping you: start with Domainee's free tier (/sign-up). Fifty customer hostnames is enough to cover the entire pilot and early-paid phase of most SaaS products. No card, no contract.

If you genuinely need Entri's DNS widget UX and the budget is approved, Entri is the right tool for that narrow band. The widget is real engineering and it's worth what it costs IF your customers can't handle a copy-paste CNAME.

If you want the deeper how-to first, the multi-tenant Next.js pattern is at /blog/nextjs-multi-tenant-custom-domains.

Related reading:

Entri alternative in 2026: why you don't need to spend $3,000 a year before you ship | Domainee