Skip to content

SaaS tablestakes

Building a true SaaS service is much more involved than just provisioning, scaling, monitoring, patching and billing. The expectation is that there should be support for basic SaaS capabilities like:

  • User experience
  • Management operations
  • User management
  • Observability
  • Enterprise-grade security

In the next section, we will cover in detail what each one of them entails and how Omnistrate helps you enable these capabilities out of the box.

User experience

Omnistrate platform automatically generates working REST APIs (that are automatically versioned and fully-managed) for your control plane when you build you SaaS. Your customers can immediately start consuming your APIs and build their applications for their users. In addition, we generate default CLI and UI for your SaaS that you can use to directly onboard customers or extend it to further customize on top.

Omnistrate will take care to keep all the interfaces in sync every time you make a change to your SaaS, or release a new version of SaaS offering, to your customers across all the channels.

Separately, you may want to offer different tenancy models to your customers as mentioned here. With Omnistrate, you can define your service plan, add new service plans with different capabilities, iterate your SaaS experience at any time.

Management operations

Omnistrate automatically support several operations out of the box on each of the service components ranging from basic CRUD operations to start, stop, restart, and so on.

In addition, Omnistrate offers additional SaaS capabilities. For more details, please see this

Tenant access management

How will your tenants authenticate with your service? How will they manage their users and give them desired permissions? How will they audit every activity for their resource instances?

Your SaaS control plane seamlessly provides access control for your customers to seamlessly manage users in their organization by granting them appropriate roles.

Today, we have support for reader and writer roles, and actively working on adding the support for other roles. In addition, all actions from your customers will be audited by your SaaS control plane and will be available to your customers for review.

You maybe invited by others from their own subscriptions for a given service or you may also subscribe to those services directly. You will be able to view all the subscriptions and manage them seamlessly.

In addition, your customers will be able to connect securely with your SaaS control plane, and setup secure mechanisms for the data plane connectivity.

Finally, your customers will be able to configure their account information, update and manage as necessary

Observability

The best SaaS products give you deep and immediate insights not just about the usage of the product but also the operational visibility. A responsive observability subsystem goes a long way to give your product a professional feel, and robust audit logs give confidence to compliance and security teams that the usage of this product will stand the test of time.

There are different mechanisms to provide observability:

  • Auditing: records every action being taken on the resource instance for troubleshooting and compliance requirements
  • Notifications: alerts the users of any outages or incidents or upcoming maintenance
  • Metrics: product and operational metrics depending on the level of visibility you want to expose to your customers
  • Logging: debugging information to allow your users to debug during incidents or integrating their applications

For metrics and logs, please see this for more information.

Enterprise-grade security

First, your customers are looking for secure options to connect to the underlying application. The basic auth mechanism along with TLS is a good starting point but not enough for enterprises looking for multi-layer defense. At the minimum, they want IP whitelisting to limit the attack vector and only allow their systems to talk to specific IPs. In addition, you may also need stable IP for your customers to whitelist incoming traffic from your systems into their infrastructure. Omnistrate can automatically enable all of these capabilities without any effort from your end.

Separately, your customers may have compliance requirements. We have our SOC2 Type II where we’ve documented and implemented a bunch of the controls. You can extend your systems achieve the well established SOC2 compliance.

If you have other requirements on compliance or secure connectivity, please reach out to us support@omnistrate.com