# SaaS (Software as a Service) Software as a Service (SaaS) is a software distribution model in which a provider hosts an application on cloud infrastructure and makes it available to customers over the internet, typically through a web browser or API. Customers subscribe to the service rather than purchasing and installing software locally, and the provider handles infrastructure, maintenance, updates, and scaling. ## Characteristics of SaaS SaaS applications share several defining traits: * **Multi-tenant architecture**: A single instance of the software serves multiple customers (tenants), with data isolation ensuring each tenant can only access their own data. * **Subscription pricing**: Customers pay on a recurring basis (monthly or annually) rather than a one-time license fee. Many SaaS products offer tiered plans with different feature sets and usage limits. * **Automatic updates**: The provider deploys updates centrally, so all customers run the same version without manual upgrade processes. * **Accessibility**: Users access the application from any device with an internet connection, with no installation required. * **Managed infrastructure**: The provider handles servers, databases, backups, security patches, and capacity planning. ## SaaS in the cloud computing stack SaaS sits at the top of the cloud computing service model hierarchy: * **IaaS (Infrastructure as a Service)**: Provides raw compute, storage, and networking. The customer manages everything from the operating system up. Examples: AWS EC2, Google Compute Engine. * **PaaS (Platform as a Service)**: Provides a runtime environment for deploying applications. The customer manages the application code. Examples: Heroku, Google App Engine. * **SaaS**: Provides the complete application. The customer manages only configuration and data. Examples: Slack, Salesforce, Notion, GitHub. ## APIs and SaaS APIs are fundamental to modern SaaS products. Most SaaS applications expose APIs that allow customers to integrate the service into their workflows, automate tasks, and extract or push data programmatically. SaaS APIs are typically RESTful, authenticated via API keys or OAuth, and documented with OpenAPI specifications. For SaaS providers, API management is a significant concern. The provider must authenticate API consumers, enforce rate limits per pricing tier, version the API without breaking existing integrations, and monitor usage for billing and capacity planning. ## SaaS and API gateways An API gateway is a common component in SaaS architectures, sitting in front of the application's API to handle cross-cutting concerns: * **Tenant authentication**: Verifying the identity of the calling tenant and routing requests to the appropriate data partition. * **Tier-based rate limiting**: Enforcing different request quotas for free, pro, and enterprise plans. * **API versioning**: Routing requests to different backend versions based on URL paths or headers. * **Usage metering**: Tracking API calls per tenant for billing purposes. Serverless API Gateway can serve as the API layer for a SaaS product. Its JWT authorization support handles tenant authentication, its path-based routing directs requests to the appropriate backend services, and its edge-based architecture on Cloudflare Workers provides low-latency responses to users worldwide without managing regional deployments. ## Related documentation * [Authorizer Configuration](/configuration/authorizer.md) - Authenticate SaaS API consumers with JWT * [Path Routing](/configuration/paths.md) - Route API versions and tenant-specific endpoints * [CORS Configuration](/configuration/cors.md) - Configure cross-origin access for SaaS web clients * [Getting Started](/getting-started/introduction.md) - Set up an API gateway for your SaaS product --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.serverlessapigateway.com/glossary/s/saas-software-as-a-service.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.