Implementing Feature Flags for SaaS Subscription Tiers
When your SaaS hits product-market fit, you'll face a familiar challenge: customers requesting features that would be perfect for a higher-tier plan, while your...
Osmoto Team
Senior Software Engineer
When your SaaS hits product-market fit, you'll face a familiar challenge: customers requesting features that would be perfect for a higher-tier plan, while your current architecture treats all users identically. I've seen teams scramble to implement feature gating after the fact, often resulting in messy conditional logic scattered throughout their codebase and inconsistent user experiences across subscription tiers.
Feature flags for subscription tiers aren't just about hiding buttons or showing upgrade prompts. They're about building a scalable architecture that can evolve with your pricing strategy while maintaining clean separation between business logic and feature access. The difference between a well-implemented feature gating system and a hastily cobbled solution becomes apparent when you need to launch a new tier, deprecate features, or handle complex scenarios like grandfathered plans.
In this guide, we'll explore proven patterns for implementing subscription-based feature flags, from the foundational data models to advanced scenarios like usage-based limits and progressive feature rollouts. You'll learn how to avoid common pitfalls that can lead to security vulnerabilities or inconsistent billing, and build a system that scales with your business.
Understanding Feature Flag Architecture for SaaS
Feature flags for subscription tiers operate differently from traditional feature flags used for gradual rollouts or A/B testing. While standard feature flags typically use boolean values or percentage-based rollouts, subscription-based flags must consider plan hierarchies, user-specific overrides, and billing state consistency.
The foundation starts with your subscription data model. Your feature flag system needs to understand not just what plan a user is on, but also their billing status, trial state, and any grandfathered permissions. Here's a robust approach:
interface SubscriptionContext { planId: string; status: 'active' | 'trialing' | 'past_due' | 'canceled'; trialEnd?: Date; features: string[]; limits: Record<string, number>; grandfathered?: string[]; } interface FeatureFlag { key: string; type: 'boolean' | 'limit' | 'list'; planRequirements: { [planId: string]: boolean | number | string[]; }; fallback: boolean | number | string[]; }
This structure separates concerns between subscription state and feature definitions, making it easier to modify plans without touching feature logic. The grandfathered array handles users who retain access to deprecated features, while limits support usage-based restrictions.
Implementing the Feature Flag Service
Your feature flag service should provide a consistent interface regardless of the underlying complexity. Here's a pattern that works well with both server-side and client-side implementations:
class FeatureFlagService { private flags: Map<string, FeatureFlag>; private subscriptionService: SubscriptionService; async canAccess(userId: string, featureKey: string): Promise<boolean> { const subscription = await this.subscriptionService.getSubscription(userId); const flag = this.flags.get(featureKey); if (!flag || !subscription) { return false; } // Check grandfathered access first if (subscription.grandfathered?.includes(featureKey)) { return true; } // Handle trial users if (subscription.status === 'trialing' && this.isTrialFeature(flag)) { return true; } // Check plan-based access const requirement = flag.planRequirements[subscription.planId]; return this.evaluateRequirement(flag.type, requirement); } async getLimit(userId: string, featureKey: string): Promise<number> { const subscription = await this.subscriptionService.getSubscription(userId); const flag = this.flags.get(featureKey); if (!flag || flag.type !== 'limit') { return 0; } const planLimit = flag.planRequirements[subscription.planId] as number; const grandfatheredLimit = subscription.limits[featureKey]; return Math.max(planLimit || 0, grandfatheredLimit || 0); } }
This service handles the common scenarios you'll encounter: boolean feature access, numeric limits, and special cases like grandfathered users. The key insight is caching subscription data appropriately while ensuring consistency with your billing system.
Server-Side Implementation Patterns
Server-side feature gating requires careful consideration of performance and security. You can't rely on client-side checks alone, as they can be bypassed. Every API endpoint that serves premium features must validate access server-side.
Middleware-Based Approach
Implementing feature checks as middleware provides clean separation and reusability:
// Next.js API route with feature gating import { NextRequest } from 'next/server'; import { requireFeature } from '@/lib/middleware/feature-gate'; export async function POST(request: NextRequest) { const userId = await getUserId(request); // Validate feature access before processing const hasAccess = await requireFeature(userId, 'advanced-analytics'); if (!hasAccess) { return new Response('Upgrade required', { status: 402 }); } // Process premium feature return processAdvancedAnalytics(request); } // Reusable middleware async function requireFeature(userId: string, feature: string) { const flagService = new FeatureFlagService(); return await flagService.canAccess(userId, feature); }
For usage-based features, implement rate limiting that respects subscription limits:
async function checkUsageLimit(userId: string, feature: string): Promise<boolean> { const currentUsage = await getUsage(userId, feature); const limit = await flagService.getLimit(userId, feature); if (currentUsage >= limit) { // Log for billing insights await logLimitReached(userId, feature, currentUsage, limit); return false; } return true; }
Database-Level Enforcement
For critical features, consider implementing constraints at the database level. This prevents data inconsistencies even if application-level checks fail:
-- PostgreSQL example: Limit projects per subscription tier CREATE OR REPLACE FUNCTION check_project_limit() RETURNS TRIGGER AS $$ BEGIN IF ( SELECT COUNT(*) FROM projects p JOIN users u ON p.user_id = u.id JOIN subscriptions s ON u.id = s.user_id WHERE p.user_id = NEW.user_id ) >= ( SELECT COALESCE(plan_limits->>'projects', '0')::int FROM subscription_plans sp JOIN subscriptions s ON sp.id = s.plan_id WHERE s.user_id = NEW.user_id ) THEN RAISE EXCEPTION 'Project limit exceeded for current plan'; END IF; RETURN NEW; END; $$ LANGUAGE plpgsql; CREATE TRIGGER enforce_project_limit BEFORE INSERT ON projects FOR EACH ROW EXECUTE FUNCTION check_project_limit();
Client-Side Feature Gating
Client-side implementation focuses on user experience rather than security. The goal is providing immediate feedback and smooth upgrade flows while maintaining server-side enforcement.
React Hook Pattern
Create a custom hook that integrates with your feature flag service:
import { useUser } from '@/hooks/useUser'; import { useQuery } from '@tanstack/react-query'; export function useFeatureFlag(featureKey: string) { const { user } = useUser(); const { data: hasAccess, isLoading } = useQuery({ queryKey: ['feature-flag', user?.id, featureKey], queryFn: () => checkFeatureAccess(featureKey), enabled: !!user, staleTime: 5 * 60 * 1000, // 5 minutes }); const { data: limit } = useQuery({ queryKey: ['feature-limit', user?.id, featureKey], queryFn: () => getFeatureLimit(featureKey), enabled: !!user && hasAccess, staleTime: 5 * 60 * 1000, }); return { hasAccess: hasAccess ?? false, limit, isLoading, }; } // Usage in components function AdvancedAnalytics() { const { hasAccess, isLoading } = useFeatureFlag('advanced-analytics'); if (isLoading) { return <AnalyticsSkeleton />; } if (!hasAccess) { return <UpgradePrompt feature="advanced-analytics" />; } return <AdvancedAnalyticsComponent />; }
Progressive Enhancement
Implement graceful degradation for features that can work with limited functionality:
function ProjectDashboard() { const { hasAccess: hasAdvanced } = useFeatureFlag('advanced-filters'); const { hasAccess: hasExport } = useFeatureFlag('data-export'); return ( <div> <ProjectList filters={hasAdvanced ? advancedFilters : basicFilters} /> {hasExport ? ( <ExportButton /> ) : ( <UpgradePrompt feature="data-export" trigger={<ExportButton disabled />} /> )} </div> ); }
This approach maintains functionality while clearly communicating value propositions for upgrades.
Stripe Integration Patterns
When using Stripe for subscription management, your feature flag system must stay synchronized with billing events. Webhook handling becomes crucial for maintaining consistency.
Webhook-Driven Updates
Set up webhooks to update feature access when subscription changes occur:
// Webhook handler for subscription updates export async function POST(request: NextRequest) { const sig = request.headers.get('stripe-signature'); const body = await request.text(); let event: Stripe.Event; try { event = stripe.webhooks.constructEvent(body, sig!, process.env.STRIPE_WEBHOOK_SECRET!); } catch (err) { return new Response('Webhook signature verification failed', { status: 400 }); } switch (event.type) { case 'customer.subscription.updated': case 'customer.subscription.deleted': await updateSubscriptionFeatures(event.data.object as Stripe.Subscription); break; case 'invoice.payment_failed': await handlePaymentFailure(event.data.object as Stripe.Invoice); break; } return new Response('OK'); } async function updateSubscriptionFeatures(subscription: Stripe.Subscription) { const userId = await getUserByStripeCustomerId(subscription.customer as string); if (!userId) return; // Update cached subscription data await subscriptionService.updateSubscription(userId, { planId: subscription.items.data[0].price.id, status: subscription.status, features: await getPlanFeatures(subscription.items.data[0].price.id), }); // Invalidate feature flag cache await featureFlagCache.invalidate(userId); }
Plan-Based Feature Mapping
Maintain a clear mapping between Stripe price IDs and feature sets:
const PLAN_FEATURES = { 'price_starter': { features: ['basic-analytics', 'email-support'], limits: { projects: 3, team_members: 1 } }, 'price_professional': { features: ['basic-analytics', 'advanced-analytics', 'priority-support'], limits: { projects: 25, team_members: 10 } }, 'price_enterprise': { features: ['*'], // All features limits: { projects: -1, team_members: -1 } // Unlimited } } as const; async function getPlanFeatures(priceId: string) { const planConfig = PLAN_FEATURES[priceId]; if (!planConfig) { throw new Error(`Unknown price ID: ${priceId}`); } return planConfig; }
For more complex Stripe subscription scenarios, including handling trials, prorations, and customer portals, our Stripe Subscriptions service provides comprehensive implementation support.
Advanced Implementation Scenarios
Real-world SaaS applications often require more sophisticated feature gating scenarios than simple boolean flags.
Hierarchical Plan Structure
When you have multiple plan tiers, implement inheritance to avoid duplicating feature definitions:
interface PlanHierarchy { id: string; inheritsFrom?: string; features: string[]; limits: Record<string, number>; } const PLAN_HIERARCHY: PlanHierarchy[] = [ { id: 'starter', features: ['basic-analytics'], limits: { projects: 3 } }, { id: 'professional', inheritsFrom: 'starter', features: ['advanced-analytics', 'api-access'], limits: { projects: 25, api_calls: 10000 } }, { id: 'enterprise', inheritsFrom: 'professional', features: ['white-label', 'sso'], limits: { projects: -1, api_calls: -1 } } ]; function resolvePlanFeatures(planId: string): string[] { const plan = PLAN_HIERARCHY.find(p => p.id === planId); if (!plan) return []; const inheritedFeatures = plan.inheritsFrom ? resolvePlanFeatures(plan.inheritsFrom) : []; return [...inheritedFeatures, ...plan.features]; }
Time-Based Feature Access
Some features might be available temporarily or on a schedule:
interface TimedFeature { key: string; availableFrom?: Date; availableUntil?: Date; planRequirements: Record<string, boolean>; } async function checkTimedAccess(feature: TimedFeature, userId: string): Promise<boolean> { const now = new Date(); // Check time bounds if (feature.availableFrom && now < feature.availableFrom) { return false; } if (feature.availableUntil && now > feature.availableUntil) { return false; } // Check plan access return await this.canAccess(userId, feature.key); }
Usage-Based Feature Degradation
Implement soft limits that degrade gracefully rather than hard blocking:
async function getFeatureQuality(userId: string, feature: string): Promise<'full' | 'limited' | 'blocked'> { const usage = await getCurrentUsage(userId, feature); const limit = await this.getLimit(userId, feature); if (usage < limit * 0.8) { return 'full'; } else if (usage < limit) { return 'limited'; } else { return 'blocked'; } } // Usage in API endpoints async function generateReport(userId: string, complexity: 'basic' | 'advanced') { const quality = await getFeatureQuality(userId, 'report-generation'); switch (quality) { case 'full': return generateFullReport(complexity); case 'limited': return generateReport(complexity === 'advanced' ? 'basic' : complexity); case 'blocked': throw new Error('Usage limit exceeded'); } }
Common Pitfalls and Edge Cases
Feature flag implementations often fail in subtle ways that only surface under specific conditions. Here are the most critical issues to avoid:
Cache Invalidation Problems
The biggest source of bugs in feature flag systems is stale cache data. Users might see inconsistent access after subscription changes:
// Problem: Cache not invalidated after subscription change class FeatureFlagService { private cache = new Map<string, SubscriptionContext>(); async canAccess(userId: string, feature: string): Promise<boolean> { let subscription = this.cache.get(userId); if (!subscription) { subscription = await this.fetchSubscription(userId); this.cache.set(userId, subscription); // Cached indefinitely! } return this.checkAccess(subscription, feature); } } // Solution: Implement proper cache invalidation class FeatureFlagService { private cache = new Map<string, { data: SubscriptionContext; expires: number }>(); async canAccess(userId: string, feature: string): Promise<boolean> { const cached = this.cache.get(userId); const now = Date.now(); let subscription: SubscriptionContext; if (!cached || cached.expires < now) { subscription = await this.fetchSubscription(userId); this.cache.set(userId, { data: subscription, expires: now + (5 * 60 * 1000) // 5 minutes }); } else { subscription = cached.data; } return this.checkAccess(subscription, feature); } // Called from webhook handlers invalidateCache(userId: string): void { this.cache.delete(userId); } }
Race Conditions During Subscription Changes
When users upgrade or downgrade, multiple systems might be updating simultaneously:
// Problem: Race condition between webhook and user action async function upgradeSubscription(userId: string, newPriceId: string) { // User initiates upgrade await stripe.subscriptions.update(subscriptionId, { items: [{ price: newPriceId }] }); // This might execute before the webhook updates the cache await featureFlagService.invalidateCache(userId); // User might still see old limits briefly } // Solution: Use optimistic updates with fallback async function upgradeSubscription(userId: string, newPriceId: string) { // Optimistically update local cache const newFeatures = await getPlanFeatures(newPriceId); await subscriptionService.updateSubscription(userId, { planId: newPriceId, features: newFeatures.features, limits: newFeatures.limits, pendingUpdate: true // Mark as pending webhook confirmation }); await stripe.subscriptions.update(subscriptionId, { items: [{ price: newPriceId }] }); }
Grandfathered Feature Management
Handling users with grandfathered access requires careful data modeling:
// Problem: Grandfathered users lose access during plan changes interface SubscriptionContext { planId: string; features: string[]; // Only current plan features } // Solution: Separate grandfathered permissions interface SubscriptionContext { planId: string; planFeatures: string[]; grandfatheredFeatures: string[]; effectiveFeatures: string[]; // Combined list } async function updateSubscription(userId: string, newPlanId: string) { const current = await getSubscription(userId); const newPlanFeatures = await getPlanFeatures(newPlanId); // Preserve grandfathered features that aren't in new plan const preservedFeatures = current.grandfatheredFeatures.filter( feature => !newPlanFeatures.includes(feature) ); await updateSubscription(userId, { planId: newPlanId, planFeatures: newPlanFeatures, grandfatheredFeatures: preservedFeatures, effectiveFeatures: [...newPlanFeatures, ...preservedFeatures] }); }
Performance and Scalability Considerations
Feature flag systems can become performance bottlenecks if not designed carefully. Here are key optimizations:
Batch Feature Checks
Instead of individual feature checks, batch them for pages that need multiple validations:
async function batchCheckFeatures(userId: string, features: string[]): Promise<Record<string, boolean>> { const subscription = await this.getSubscription(userId); const results: Record<string, boolean> = {}; for (const feature of features) { results[feature] = this.checkFeatureAccess(subscription, feature); } return results; } // Usage in React function DashboardPage() { const { data: features } = useQuery({ queryKey: ['features', user.id], queryFn: () => batchCheckFeatures([ 'advanced-analytics', 'data-export', 'api-access', 'priority-support' ]) }); return ( <Dashboard showAdvancedAnalytics={features?.['advanced-analytics']} showExport={features?.['data-export']} // ... /> ); }
Edge Caching for Static Features
For features that rarely change, implement edge caching:
// Next.js API route with edge caching export async function GET(request: NextRequest) { const userId = request.nextUrl.searchParams.get('userId'); const features = await getStaticFeatures(userId); return new Response(JSON.stringify(features), { headers: { 'Content-Type': 'application/json', 'Cache-Control': 'public, max-age=300, stale-while-revalidate=600' } }); }
For applications requiring complex performance optimizations, our Next.js Optimization service can help implement advanced caching strategies and performance monitoring.
Best Practices Summary
Here's a checklist for implementing robust subscription-based feature flags:
Architecture & Design:
- ✅ Separate subscription state from feature definitions
- ✅ Design for plan hierarchy and inheritance
- ✅ Support grandfathered permissions and overrides
- ✅ Implement both boolean and numeric limit types
Security & Validation:
- ✅ Always validate feature access server-side
- ✅ Use middleware for consistent API protection
- ✅ Consider database-level constraints for critical features
- ✅ Log feature access for billing insights
Performance & Scalability:
- ✅ Implement proper cache invalidation strategies
- ✅ Batch feature checks when possible
- ✅ Use optimistic updates for better UX
- ✅ Cache subscription data with appropriate TTL
Integration & Maintenance:
- ✅ Handle webhook events for subscription changes
- ✅ Implement graceful degradation for usage limits
- ✅ Plan for feature deprecation and migration
- ✅ Monitor feature usage for product insights
User Experience:
- ✅ Provide clear upgrade paths and CTAs
- ✅ Show usage progress for limited features
- ✅ Handle loading states and errors gracefully
- ✅ Test edge cases like payment failures
Conclusion
Implementing feature flags for subscription tiers is more than just conditional logic—it's about building a scalable foundation that evolves with your business model. The patterns covered here handle the complex scenarios you'll encounter: grandfathered users, plan hierarchies, usage limits, and the critical synchronization between your billing system and feature access.
The key insight is treating feature flags as a first-class system with proper caching, security, and performance considerations. When done right, your feature gating becomes invisible to users while providing the flexibility your business needs to experiment with pricing and packaging.
For SaaS applications requiring comprehensive subscription billing with sophisticated feature gating, our SaaS solutions provide end-to-end implementation support, from Stripe integration to advanced feature flag architectures that scale with your growth.
Related Articles
