Implementing Dynamic Feature Gating for Multi-Tier SaaS Applications
· 6 min read
When building SaaS platforms with multiple subscription tiers, controlling feature access based on billing plans becomes a fundamental architectural concern. In this post, we'll explore patterns for implementing flexible, scalable feature gating systems that integrate seamlessly with payment providers and adapt to evolving business models.
The Architecture Challenge
Modern SaaS applications typically offer tiered pricing with progressive feature unlocks:
- Basic Tier ($X/month) - Core functionality and basic features
- Professional Tier ($Y/month) - Enhanced features and integrations
- Enterprise Tier ($Z/month) - Advanced capabilities and customization
The system must:
- Control feature visibility based on subscription status
- Integrate with payment systems for real-time plan detection
- Cache decisions efficiently for performance at scale
- Provide upgrade guidance when users hit feature limits
- Support gradual rollouts and A/B testing scenarios
High-Level System Design
An effective solution combines subscription detection, permission caching, and feature enforcement:
graph TD
A[User Request] --> B[Subscription Detection]
B --> C[Payment Provider Query]
C --> D[Feature Permission Cache]
D --> E[Feature Gate Evaluation]
E --> F[Access Granted/Denied]
F --> G[Upgrade Recommendation Engine]
Subscription Detection Service
The foundation is a service that maps payment provider data to internal feature permissions:
class SubscriptionManager {
constructor() {
// Map payment provider plan IDs to internal tiers
this.PLAN_TIER_MAPPING = {
'plan_basic_monthly': 'basic',
'plan_professional_monthly': 'professional',
'plan_enterprise_monthly': 'enterprise'
};
// Define tier hierarchy for upgrade paths
this.TIER_HIERARCHY = {
'basic': 1,
'professional': 2,
'enterprise': 3
};
// Features available per tier
this.TIER_FEATURES = {
'basic': [
'core:functionality',
'basic:integrations',
'standard:support'
],
'professional': [
'core:functionality',
'basic:integrations',
'standard:support',
'advanced:analytics',
'premium:integrations',
'custom:branding'
],
'enterprise': [
'core:functionality',
'basic:integrations',
'standard:support',
'advanced:analytics',
'premium:integrations',
'custom:branding',
'enterprise:sso',
'priority:support',
'white:label'
]
};
}
}
Real-time Subscription Status
Query payment providers efficiently while maintaining performance through caching:
async function getUserSubscriptionTier(userId, organizationId) {
// Check memory cache first
const cacheKey = `${userId}-${organizationId}`;
const cached = this.cache.get(cacheKey);
if (cached && (Date.now() - cached.timestamp) < this.CACHE_DURATION) {
return cached.tier;
}
try {
// Query recent subscription activity
const client = await database.pool.connect();
const result = await client.query(`
SELECT se.plan_id, se.created_at
FROM subscription_events se
WHERE se.organization_id = $1
AND se.event_type = 'payment_succeeded'
AND se.plan_id IS NOT NULL
AND se.created_at > NOW() - INTERVAL '45 days'
ORDER BY se.created_at DESC
LIMIT 1
`, [organizationId]);
client.release();
if (result.rows.length === 0) {
return null; // No active subscription
}
const planId = result.rows[0].plan_id;
const subscriptionTier = this.PLAN_TIER_MAPPING[planId];
// Update cache
this.cache.set(cacheKey, {
tier: subscriptionTier,
timestamp: Date.now()
});
return subscriptionTier;
} catch (error) {
console.error(`Error determining subscription tier for user ${userId}:`, error);
return null;
}
}
Feature Gate Middleware
Implement middleware that automatically enforces subscription-based access control:
const featureGate = (requiredFeature) => {
return async (req, res, next) => {
try {
const { user } = req;
const organizationId = req.organizationId;
// Check feature access
const hasAccess = await subscriptionManager.hasFeatureAccess(
user.id,
organizationId,
requiredFeature
);
if (!hasAccess) {
const upgradeInfo = await subscriptionManager.getUpgradeRecommendation(
user.id,
organizationId,
requiredFeature
);
return res.status(403).json({
error: 'Feature requires subscription upgrade',
requiredFeature: requiredFeature,
upgrade: upgradeInfo
});
}
next();
} catch (error) {
console.error('Feature gate evaluation error:', error);
res.status(500).json({ error: 'Access control system unavailable' });
}
};
};
// Usage in API routes
router.post('/advanced-analytics',
authenticateUser,
featureGate('advanced:analytics'),
generateAnalyticsReport
);
router.post('/premium-integration/setup',
authenticateUser,
featureGate('premium:integrations'),
configurePremiumIntegration
);
Intelligent Upgrade Recommendations
When users encounter feature limits, provide contextual upgrade guidance:
async function getUpgradeRecommendation(userId, organizationId, requestedFeature) {
const currentTier = await this.getUserSubscriptionTier(userId, organizationId);
const currentLevel = currentTier ? this.TIER_HIERARCHY[currentTier] : 0;
// Find minimum tier required for requested feature
let requiredTier = null;
for (const [tier, features] of Object.entries(this.TIER_FEATURES)) {
if (features.includes(requestedFeature)) {
const tierLevel = this.TIER_HIERARCHY[tier];
if (tierLevel > currentLevel) {
requiredTier = tier;
break;
}
}
}
if (!requiredTier) {
return {
needsUpgrade: false,
message: 'Feature not available in any subscription tier'
};
}
const tierDisplayNames = {
'basic': 'Basic Plan ($X/month)',
'professional': 'Professional Plan ($Y/month)',
'enterprise': 'Enterprise Plan ($Z/month)'
};
return {
needsUpgrade: true,
currentTier: currentTier,
requiredTier: requiredTier,
requiredTierName: tierDisplayNames[requiredTier],
message: `This feature requires ${tierDisplayNames[requiredTier]} or higher`,
upgradeUrl: `/billing/upgrade?plan=${requiredTier}`
};
}
Client-Side Feature Control
Dynamically show/hide features based on subscription status:
// Load subscription permissions on page load
async function loadSubscriptionPermissions() {
try {
const response = await fetch('/api/subscription/permissions');
const permissions = await response.json();
// Control UI visibility based on subscription tier
if (permissions.hasAdvancedAnalytics) {
document.getElementById('analytics-section').style.display = 'block';
} else {
document.getElementById('analytics-section').style.display = 'none';
document.getElementById('analytics-upgrade-prompt').style.display = 'block';
}
if (permissions.hasPremiumIntegrations) {
document.getElementById('integrations-section').style.display = 'block';
} else {
document.getElementById('integrations-section').style.display = 'none';
document.getElementById('integrations-upgrade-prompt').style.display = 'block';
}
// Store permissions for runtime checks
window.subscriptionPermissions = permissions;
} catch (error) {
console.error('Failed to load subscription permissions:', error);
}
}
// Check permissions before expensive operations
async function performAdvancedOperation() {
if (!window.subscriptionPermissions?.hasAdvancedAnalytics) {
showUpgradeModal('Advanced Analytics', 'professional');
return;
}
// Proceed with feature...
}
Performance Optimization Strategies
Ensure the system scales efficiently under production load:
Multi-Layer Caching
// In-memory cache for immediate access
this.memoryCache = new Map();
// Database cache for persistence across server restarts
await client.query(`
INSERT INTO subscription_cache
(user_id, organization_id, subscription_tier, features, expires_at)
VALUES ($1, $2, $3, $4, $5)
ON CONFLICT (user_id, organization_id)
DO UPDATE SET subscription_tier = EXCLUDED.subscription_tier
`, [userId, organizationId, tier, JSON.stringify(features), expiresAt]);
Batch Permission Evaluation
// Evaluate multiple features simultaneously
const permissions = await subscriptionManager.getBulkPermissions(userId, organizationId);
const hasAnalytics = permissions.features.includes('advanced:analytics');
const hasIntegrations = permissions.features.includes('premium:integrations');
Lazy Permission Loading
// Only check permissions when features are accessed
const checkFeatureAccess = memoize(async (userId, organizationId, feature) => {
return await subscriptionManager.hasFeatureAccess(userId, organizationId, feature);
});
Testing Feature Gates
Comprehensive testing ensures correct behavior across subscription tiers:
describe('Subscription Feature Gates', () => {
it('should grant access to tier-appropriate features', async () => {
// Mock user with Professional subscription
const mockUser = await createMockUser('professional');
const hasAnalyticsAccess = await subscriptionManager.hasFeatureAccess(
mockUser.id,
mockUser.organizationId,
'advanced:analytics'
);
expect(hasAnalyticsAccess).toBe(true);
const hasEnterpriseAccess = await subscriptionManager.hasFeatureAccess(
mockUser.id,
mockUser.organizationId,
'enterprise:sso'
);
expect(hasEnterpriseAccess).toBe(false);
});
it('should provide accurate upgrade recommendations', async () => {
const mockUser = await createMockUser('basic');
const upgrade = await subscriptionManager.getUpgradeRecommendation(
mockUser.id,
mockUser.organizationId,
'advanced:analytics'
);
expect(upgrade.needsUpgrade).toBe(true);
expect(upgrade.requiredTier).toBe('professional');
expect(upgrade.upgradeUrl).toContain('plan=professional');
});
});
Analytics and Business Intelligence
Track feature usage patterns to inform product and pricing decisions:
// Log feature access attempts for analysis
await client.query(`
INSERT INTO feature_usage_analytics (user_id, organization_id, feature, subscription_tier, access_granted)
VALUES ($1, $2, $3, $4, $5)
`, [userId, organizationId, feature, currentTier, hasAccess]);
// Track subscription upgrade conversions
await client.query(`
INSERT INTO upgrade_conversion_events (user_id, organization_id, from_tier, to_tier, trigger_feature)
VALUES ($1, $2, $3, $4, $5)
`, [userId, organizationId, oldTier, newTier, triggerFeature]);
Key Design Principles
Essential patterns for building scalable subscription systems:
- Cache Aggressively - Feature checks happen on every request
- Fail Gracefully - Show upgrade prompts instead of hard blocks
- Test Extensively - Cover subscription transitions and edge cases
- Monitor Usage - Data drives feature and pricing optimization
- Keep Logic Simple - Complex rules create maintenance overhead
This architecture has proven effective for managing feature access across thousands of subscribers while maintaining performance and providing clear monetization paths. The foundation is building flexibility and observability into the system from the beginning.
Discover more SaaS architecture patterns in our posts on concurrent financial operations and system resilience.