Comment by taurath
15 hours ago
I'm rather confused by this article - I've made products and pricing services, and just on the first line its said that billing requires webhooks and state syncing.. but why? Is it a way to utilize payments in an otherwise static site? Whats the benefit? You can absolutely accept payments without webhooks. Please help, I really don't understand the niche!
I'm left with the sense that this is a sort of solution that's trying to do auth permissions via the billing process, without calling it auth. Any access token you'd set up for auth with roles or permissions can give you access to both a customerId and whatever access grants you'd want to give.
Yes you're right -- payments can definitely be done without webhooks, but it is typically all controlled server-side. Especially things like upgrade and downgrade flows, as they involve automatically charging a user's card.
What we were exploring is whether there's a way to do this securely from the frontend (eg on a pricing page) without needing to open up backend routes.
You're also correct that our niche is trying to control feature permissions, so that we can decouple pricing logic from an application (which makes it easier to handle pricing changes, custom plans etc). We are moving more towards a solution that just uses the JWTs to handle this instead of a customer_id.
I've made solutions before that a product can have many permissions, a product can have many prices, and a product can also be a bundle of products. The products service does the heavy lifting by having systems to determine things like addons (If have Product1 that gives Permission1, you can purchase Product43 as an Addon to give Permission2).
This will not give you clean easy to understand reporting if you make bundles willy-nilly (N product line makes $ dollars, if bundled products exist), but to me, it gives accurate data that matches up with the pricing complexity that the business is designing.
The browser allows JavaScript to be modified. Therefore, you can never trust the client side. You can’t put “trust” there.
I work in the billing space at Lago, so I think I can add a bit of color (though I'm also somewhat confused).
Technically speaking, billing and payments are two separate things.
For example: OpenAI needs to calculate how much you need to pay for the tokens you consumed across all of its models. That usage aggregation, calculation and then issuing of an invoice is billing—payments is only the transfer of money.