SaaS (Software as a Service) has transformed how businesses deliver software โ scalable, subscription-based, and user-friendly. But building a SaaS platform comes with architectural challenges: multi-tenancy, authentication, billing, custom domains, onboarding flows, and more.
In this comprehensive guide, weโll explore how to build SaaS applications using Spring Boot 3, covering real-world concerns like multi-tenancy, data isolation, user management, role-based access control (RBAC), and extensibility โ all using the base package com.kscodes.springboot.advanced.
๐งฑ What is a SaaS Application?
A SaaS application is a centrally hosted software delivered to users over the internet โ usually subscription-based. Common traits include:
- Multi-tenancy: Each customer (tenant) has logically or physically separated data.
- Authentication & Access Control
- Self-Service Sign-up & Billing
- Modular architecture for extensibility
๐ ๏ธ Technologies Used
- Spring Boot 3.x
- Spring Security
- PostgreSQL
- Hibernate
- JWT / OAuth2
- Stripe (for billing)
- Docker
๐๏ธ Architecture Overview
com.kscodes.springboot.advanced
โ
โโโ common โ Shared components
โโโ tenant โ Tenant context, interceptors
โโโ security โ Auth + Role-based access
โโโ user โ Signup, login, profile mgmt
โโโ billing โ Stripe or mock integration
โโโ features โ Modular feature implementations
โโโ api โ REST controllers
๐ 1. Tenant-Aware Multi-Tenancy (Schema-based)
Multi-tenancy can be implemented in various ways:
- Schema-per-tenant (recommended for SaaS)
- Database-per-tenant
- Row-based (single db with tenant_id)
๐ TenantContextHolder.java
package com.kscodes.springboot.advanced.tenant;
public class TenantContextHolder {
private static final ThreadLocal currentTenant = new ThreadLocal<>();
public static void setTenantId(String tenantId) {
currentTenant.set(tenantId);
}
public static String getTenantId() {
return currentTenant.get();
}
public static void clear() {
currentTenant.remove();
}
}
๐ TenantInterceptor.java
package com.kscodes.springboot.advanced.tenant;
import jakarta.servlet.*;
import jakarta.servlet.http.HttpServletRequest;
import org.springframework.stereotype.Component;
@Component
public class TenantInterceptor implements Filter {
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws java.io.IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
String tenantId = req.getHeader("X-Tenant-ID"); // Extract tenant ID
if (tenantId != null) {
TenantContextHolder.setTenantId(tenantId);
}
try {
chain.doFilter(request, response);
} finally {
TenantContextHolder.clear();
}
}
}
๐ 2. Authentication & RBAC with JWT
๐งพ Roles
public enum Role {
ROLE_USER, ROLE_ADMIN, ROLE_SUPERADMIN
}
๐ JWT-based Security
package com.kscodes.springboot.advanced.security;
@Configuration
@EnableWebSecurity
public class SecurityConfig {
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http
.csrf(AbstractHttpConfigurer::disable)
.authorizeHttpRequests(auth -> auth
.requestMatchers("/auth/**").permitAll()
.anyRequest().authenticated())
.oauth2ResourceServer(oauth2 -> oauth2.jwt(Customizer.withDefaults()));
return http.build();
}
}
๐ง 3. Self-Service Sign-up & User Management
package com.kscodes.springboot.advanced.user;
@RestController
@RequestMapping("/auth")
public class AuthController {
private final UserService userService;
@PostMapping("/signup")
public ResponseEntity signup(@RequestBody SignupRequest request) {
userService.register(request);
return ResponseEntity.ok("User registered");
}
}
๐ณ 4. Billing Integration (Stripe-ready)
package com.kscodes.springboot.advanced.billing;
@Service
public class BillingService {
public void createCustomerSubscription(String userId, String planId) {
// Call Stripe API
}
public void cancelSubscription(String userId) {
// Call Stripe API
}
}
๐ 5. Tenant-Based Data Isolation (JPA)
๐๏ธ MultiTenantConnectionProviderImpl
@Component
public class MultiTenantConnectionProviderImpl extends AbstractDataSourceBasedMultiTenantConnectionProviderImpl {
@Override
protected DataSource selectAnyDataSource() {
return defaultDataSource;
}
@Override
protected DataSource selectDataSource(String tenantIdentifier) {
return tenantDataSourceMap.get(tenantIdentifier);
}
}
๐งช 6. API Endpoint Example
package com.kscodes.springboot.advanced.api;
@RestController
@RequestMapping("/dashboard")
public class DashboardController {
@GetMapping
public String dashboard() {
String tenant = TenantContextHolder.getTenantId();
return "Welcome to the dashboard of tenant: " + tenant;
}
}
๐ 7. CI/CD & Dockerization
Dockerfile
FROM eclipse-temurin:21-jdk-alpine
COPY target/saas-app.jar app.jar
ENTRYPOINT ["java", "-jar", "/app.jar"]
๐ฏ Best Practices
| Area | Best Practice |
|---|---|
| Multi-tenancy | Use schema-per-tenant for scale |
| Authentication | Use JWT + Spring Security |
| Billing | Use Stripe or Razorpay |
| Config Management | Centralize via Spring Config Server |
| Environment setup | Use Docker Compose |
โ Advantages of Spring Boot for SaaS
| Feature | Benefit |
|---|---|
| Spring Security | Out-of-the-box OAuth2, JWT, RBAC |
| Multi-Tenant JPA | Schema/DB separation |
| Auto-config | Fast bootstrapping for new services |
| Ecosystem | Rich libraries for billing, analytics, etc |
๐ก๏ธ SaaS Features You Can Extend
- Usage metering
- Invite-based sign-up
- Email verification
- Team management
- API rate limiting (via Bucket4j)
๐ Conclusion
Spring Boot 3 provides a solid foundation for building modern SaaS applications with Spring Boot. From multitenancy and authentication to billing and observability, the ecosystem is rich enough to help you build and scale your platform rapidly.
By structuring your code around tenants, ensuring proper isolation, and using proven SaaS patterns, you set yourself up for long-term growth and maintainability.