How to authorize a CLI app with Memberstack for API billing and metered usage? Answered
Hi everyone, I'm evaluating solutions for a SaaS MVP, which is not exactly a traditional web app. The product itself is actually an API and corresponding command line application. My idea is to use Memberstack for managing user accounts, authorizing API usage and billing customers (flat and per use). Therefore, I have a few technical questions upfront. Hopefully, someone here can give me some guidance.
- What is the recommended way to authorize a CLI app against Memberstack. I've seen that it provides OpenID endpoints, but can they be used in a simple OAuth2 flow in the same way, for instance Auth0 would be used?
- Instead of charging a flat fee per month, I'd like to deduct/bill a custom amount based on the metered usage at the end of the month. Is this possible with Memberstack, and are there API calls for this scenario?
- Are there any plans for a Python SDK?
the AI bot recommends me to use the stripe API directly
Thanks!
Comments
7 comments
Memberstack's default integration with Stripe only allows to charge a fixed pay by month basis or one total fixed price for lifetime.
If you want to do a custom amount based on usage, I think you could benefit of using the Stripe API directly. You could still use Memberstack to store members and handle (free) plan management with your API connected to Stripe.
And about authorizing your users, so far the frontend library is usually the one that sends authorization requests to the Memberstack server. You could de a little reverse engineering to identify the authorization endpoints and the paramters for signup and signin. (basically open your Network tab and login to analyze the request in a Memberstack website), and then you can use those REST endpoints to authorize your users.
thanks Raquel Lopez,
then it seems like I cannot use a standard approach to user authentication in a command line app unless I use an external (OpenID) authentication provider, right? I don't really want to reverse-engineer and hack in a custom authentication flow (unless its really really simple and proven safe). Actually, I only need a way for the CLI to login and retrieve an authentication or session token that can be verified by the API. That's usually an OAuth thing, for which client libraries exist in every language and framework.
Just to clarify: if I do direct stripe payments on my side using the connected Stripe account, does Memberstack still charge the transaction fee on top?
Why don't you think it would be safe? If you were to use a node environment to develop you could try to use the auth methods found in the frontend library if it makes you more confortable using "an official" solution.
Yes, if you were to handle the Stripe on your own you wouldn't have to pay the transaction fees/nor user paid plans handled by Memberstack
I'll have to read about the OpenID SSO hehe, but if you feel comfortable doing it and it works go ahead 🙂
I'd love to get more into the different auth methods and flows as well, just don't have the time to do so. I must build an MVP as fast as possible, which brings me to the standard recipes. Authentication is a light form of cryptography and for me, the slogan "don't roll out your own crypto" applies. Besides, having standard that support other forms of authentication enables you to abstract it out and to quickly adapt more secure approaches like FIDO/Passkey and 2FA.
So just to clarify (because the AI bot Ray is not always right):
I can use Memberstack to manage members and to charge a plan (free or paid) to my members using my connected Stripe account. To charge my members individual amounts on top, I could then pull the memberID using Memberstacks API and use that to identify the user in my Stripe account and to create a payment/invoice. is that how it would work?
I can confirm you can use Memberstack as a service to manage members and FREE plans. Paid plans are only available using their native Stripe integration.
After that you will follow your own architecture, you can handle it as you want with your own server. But yeah, you will create a service that handle stripe payments and after a successful payment you can create the member, and assign it a free plan.
You can see all the actions the backend could take with Memberstack here: https://developers.memberstack.com/docs/admin-package
I guess I misunderstood how the Stripe integration works. I assumed that I would just link an organization Stripe account to Memberstack, but it seems that is not the case (although the documentation says so)? A main reason I'd use Memberstack is the billing part, and not being able to create dynamic payments for members based on usage actually is a showstopper for my application. I don't want to do all the payment and member logic on my own. So I'd like to use a payed membership with Memberstack and Stripe integration and use the customer id to charge individual amounts using the Stripe API. I guess I have to look and try if that would work somehow.
Thanks again, Raquel Lopez, for clarifying these things!
Uhm, recently Julian uploaded a video about usage based pricing. Where you can import the Stripe Id and create a "usage based pricing" plan. I think it could work out for you https://youtu.be/i_eKOWiZbHY (replacing Wized with custom logic for you CLI app)
Please sign in to leave a comment.