azure

System Design

intermediate

B2B SaaS with per-tenant billing

Multi-Tenant SaaS Platform

Generic SaaS

A multi-tenant SaaS platform must balance cost efficiency (shared infrastructure) with security (tenant isolation). This Azure-native architecture uses Azure AD B2C for identity with tenant-scoped JWTs, row-level security in Azure SQL for data isolation, Redis Cache for instant feature flag lookups, and Azure Functions for asynchronous usage metering that feeds billing integration. Ideal for SaaS founders building multi-tenant platforms that need per-tenant isolation, usage metering, and subscription billing.

Data Flow

Front Door + WAF

Azure AD B2C

Tenant API

Async Jobs

App Service

Billing Service

Usage Metering

Tenant DB (SQL)

Feature Flag Cache

Share this architecture with your network

Service Breakdown (9 services)

Other9 services

Front Door + WAF

•Routes application traffic with L7 rules
•Supports WAF and SSL offloading
•Integrates with backend pools for scaling

Azure AD B2C

•Authenticates tenants with customizable sign-in flows
•Supports social and enterprise identity federation
•Issues scoped tokens per tenant for API access

Tenant API

•Exposes tenant-scoped endpoints with rate limiting
•Routes requests to the correct tenant context
•Enforces subscription tier limits per tenant

App Service

•Hosts the core application logic for all tenants
•Auto-scales based on concurrent request volume
•Supports deployment slots for zero-downtime updates

Billing Service

•Tracks usage metrics per tenant for invoicing
•Integrates with payment gateways for subscriptions
•Enforces plan limits and triggers upgrade prompts

Tenant DB (SQL)

•Stores tenant-specific data with row-level isolation
•Supports elastic pools for cost-efficient scaling
•Handles automated backups and point-in-time restore

Feature Flag Cache

•Caches frequently accessed data in-memory
•Reduces database round-trips and latency
•Supports TTL-based expiration policies

Usage Metering

•Aggregates API call counts and resource consumption
•Emits usage events for billing reconciliation
•Runs on schedule to minimize compute cost

Async Jobs

•Provides reliable enterprise message brokering
•Supports topics and queue-based messaging
•Guarantees at-least-once delivery

Scaling Strategy

App Service auto-scales horizontally behind API Management with tenant-aware routing. Azure SQL uses elastic pools for tenant DB isolation with shared compute. Redis Cache stores feature flags with sub-millisecond lookups. Usage metering runs asynchronously via Functions to avoid impacting request latency, and Service Bus handles billing event processing with at-least-once delivery guarantees.

Related Architectures

Notification System

System Design Classic

Multi-channel notification system on Azure supporting push, email, SMS, and in-app notifications with Event Grid fan-out.

intermediate

System Design

Dropbox File Storage System

Dropbox

Cloud file storage on Azure with chunked uploads to Blob Storage, delta sync, deduplication, and cross-device synchronization.

intermediate

System Design

Chat Application System

System Design Classic

Real-time 1-on-1 and group chat on Azure with SignalR delivery guarantees, read receipts, typing indicators, and offline support.

intermediate

System Design

News Feed System

System Design Classic

Personalized news feed on GCP with ranking, fan-out strategies via Pub/Sub, and Memorystore caching for social platforms.

intermediate

System Design

Search Autocomplete System

System Design Classic

Real-time search suggestions on GCP with Memorystore trie, frequency-based ranking, and personalized results via Pub/Sub streaming.

intermediate

System Design

Instagram Photo Sharing System

Instagram / Meta

Photo and video sharing platform on Azure with Blob Storage, CDN delivery, feed generation, stories, and Computer Vision image processing.

intermediate

System Design

Multi-Tenant SaaS Platform

Remix this architecture in Canvas