Back to Library

azure

System Design

intermediate

B2B SaaS with per-tenant billing

Multi-Tenant SaaS Platform

Generic SaaS

A multi-tenant SaaS platform must balance cost efficiency (shared infrastructure) with security (tenant isolation). This Azure-native architecture uses Azure AD B2C for identity with tenant-scoped JWTs, row-level security in Azure SQL for data isolation, Redis Cache for instant feature flag lookups, and Azure Functions for asynchronous usage metering that feeds billing integration. Ideal for SaaS founders building multi-tenant platforms that need per-tenant isolation, usage metering, and subscription billing.

Data Flow

Front Door + WAF

Azure AD B2C

Tenant API

Async Jobs

App Service

Billing Service

Usage Metering

Tenant DB (SQL)

Feature Flag Cache

Share this architecture with your network

Service Breakdown (9 services)

Other9 services

Front Door + WAF

•Routes application traffic with L7 rules
•Supports WAF and SSL offloading
•Integrates with backend pools for scaling

Azure AD B2C

•Authenticates tenants with customizable sign-in flows
•Supports social and enterprise identity federation
•Issues scoped tokens per tenant for API access

Tenant API

•Exposes tenant-scoped endpoints with rate limiting
•Routes requests to the correct tenant context
•Enforces subscription tier limits per tenant

App Service

•Hosts the core application logic for all tenants
•Auto-scales based on concurrent request volume
•Supports deployment slots for zero-downtime updates

Billing Service

•Tracks usage metrics per tenant for invoicing
•Integrates with payment gateways for subscriptions
•Enforces plan limits and triggers upgrade prompts

Tenant DB (SQL)

•Stores tenant-specific data with row-level isolation
•Supports elastic pools for cost-efficient scaling
•Handles automated backups and point-in-time restore

Feature Flag Cache

•Caches frequently accessed data in-memory
•Reduces database round-trips and latency
•Supports TTL-based expiration policies

Usage Metering

•Aggregates API call counts and resource consumption
•Emits usage events for billing reconciliation
•Runs on schedule to minimize compute cost

Async Jobs

•Provides reliable enterprise message brokering
•Supports topics and queue-based messaging
•Guarantees at-least-once delivery

Scaling Strategy

App Service auto-scales horizontally behind API Management with tenant-aware routing. Azure SQL uses elastic pools for tenant DB isolation with shared compute. Redis Cache stores feature flags with sub-millisecond lookups. Usage metering runs asynchronously via Functions to avoid impacting request latency, and Service Bus handles billing event processing with at-least-once delivery guarantees.

Related Architectures

Notification System

System Design Classic

Dropbox File Storage System

Dropbox

Chat Application System

System Design Classic

News Feed System

System Design Classic

Search Autocomplete System

System Design Classic

Instagram Photo Sharing System

Instagram / Meta

Multi-Tenant SaaS Platform

Remix this architecture in Canvas

Canvas Cloud AI

JavaScript is required to use Canvas Cloud AI. Please enable JavaScript in your browser settings.