Product subscription checks in a Microservice API's
-
12-03-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianPergunta
We're in the middle of architecture a SaaS web app which will operate on a subscription basis. Each user is associated with a merchant by means of a claim on their identity and the subscription exists at the merchant level.
We have a number of separate microservice API's and we'd like to prevent anyone without a valid subscription from successfully calling these API's. So far we've come up with a couple of potential options:
- Add a policy to the API gateway which fronts all of the API's. The policy would check for an active subscription by calling an endpoint on our subscription API. If no valid subscription is found a 402 payment required response would be returned for our front end to handle
- Replicate active subscriptions into each Microservice by messaging. Each API would hold a complete list of all active subscriptions and would perform a check before executing the requested API method. Again a 402 would be returned where there is no valid subscription.
Option 1 seems the simpler but has a single point of failure, if the subscription API goes down nothing will work. Option 2 seems more robust but requires more effort and could result in data becoming out of sync.
Are there any thoughts on whether these are suitable ways to achieve our goal and if so which one might be best? We're very much open to other ideas as well if anyone has any.
The solution will be written in .NET core and will be deployed to Azure so we're open to PaaS solutions if there are any.
Many thanks in advance.
Solução
Both are suitable ways of achieving your goal. Which one is best depends on additional factors, like
- should other services remain functional when the subscription service has an outage? If they must remain operational, then solution 1 requires that you build additional redundancy around the subscription service to guarantee a better availability.
- after a subscription becomes invalid (not renewed in time, terminated, etc.), what is the maximum time your services still accept requests using that subscription as credentials? The shorter this period, the more effort you have to put into synchronization when using option 2.
