Billing
Ithbat IAM billing is managed through the admin console and the billing API. Payments are processed via Stripe for international cards and Moyasar for MENA payments including Mada (Saudi Arabia). Billing is available in USD, SAR, and EGP.
Subscription plans
| Plan | Best for |
|---|---|
| Starter | Small teams and early-stage applications. Core authentication, up to 1,000 MAU |
| Growth | Scaling applications. SAML SSO, SCIM, webhooks, custom domains, up to 10,000 MAU |
| Enterprise | Large organizations. Dedicated DB, data residency, SLA guarantee, unlimited MAU, custom contracts |
Exact plan limits and feature sets are defined in the platform and available via:
GET /api/v1/billing/plans
Authorization: Bearer {token}
Viewing your current subscription
GET /api/v1/billing/subscription
Authorization: Bearer {token}
X-Tenant-ID: {tenant_id}
Response:
{
"id": "sub_abc123",
"planId": "growth",
"planName": "Growth",
"status": "active",
"currentPeriodStart": "2026-02-01T00:00:00Z",
"currentPeriodEnd": "2026-03-01T00:00:00Z",
"currency": "usd",
"amount": 9900,
"interval": "month",
"cancelAtPeriodEnd": false,
"paymentProvider": "stripe",
"createdAt": "2025-06-01T10:00:00Z"
}
Creating a subscription
Step 1 — Get available plans
GET /api/v1/billing/plans
Authorization: Bearer {token}
Step 2 — Estimate cost
POST /api/v1/billing/estimates
Authorization: Bearer {token}
X-Tenant-ID: {tenant_id}
Content-Type: application/json
{
"planId": "growth",
"currency": "sar",
"interval": "year"
}
Response:
{
"planId": "growth",
"currency": "sar",
"interval": "year",
"amount": 26400,
"formattedAmount": "SAR 264.00",
"discount": {
"percentage": 20,
"description": "Annual discount"
}
}
Step 3 — Create a payment intent
POST /api/v1/payments/intent
Authorization: Bearer {token}
X-Tenant-ID: {tenant_id}
Content-Type: application/json
{
"planId": "growth",
"currency": "sar",
"interval": "month",
"paymentMethodId": "pm_abc123"
}
Step 4 — Confirm the payment
POST /api/v1/payments/confirm
Authorization: Bearer {token}
X-Tenant-ID: {tenant_id}
Content-Type: application/json
{
"paymentIntentId": "pi_abc123"
}
On confirmation, the subscription is activated immediately.
Payment methods
Supported payment options
| Provider | Supported methods | Currencies |
|---|---|---|
| Stripe | Visa, Mastercard, Amex, Apple Pay, Google Pay | USD, EUR, GBP |
| Moyasar | Mada, Visa, Mastercard, STC Pay | SAR |
| Moyasar | Visa, Mastercard, Fawry | EGP |
Bank transfer is available for Enterprise annual plans. Contact [email protected].
Add a payment method
POST /api/v1/billing/payment-methods
Authorization: Bearer {token}
X-Tenant-ID: {tenant_id}
Content-Type: application/json
{
"provider": "stripe",
"token": "tok_visa_from_stripe_elements"
}
For Moyasar payments, the token is the source_id returned by the Moyasar.js SDK.
List payment methods
GET /api/v1/billing/payment-methods
Authorization: Bearer {token}
X-Tenant-ID: {tenant_id}
Set default payment method
PUT /api/v1/billing/payment-methods/{id}/default
Authorization: Bearer {token}
X-Tenant-ID: {tenant_id}
Remove a payment method
DELETE /api/v1/billing/payment-methods/{id}
Authorization: Bearer {token}
Multi-currency support
Ithbat IAM bills in the currency appropriate for your region.
| Currency | Region | Symbol |
|---|---|---|
| USD | Global | $ |
| SAR | Saudi Arabia | ر.س |
| EGP | Egypt | E£ |
Currency is selected at subscription creation. You can change it by contacting support for Enterprise plans, or by cancelling and re-subscribing for Growth plans.
All amounts in the API are in the currency's smallest unit (cents for USD, halalas for SAR, piastres for EGP). Divide by 100 to get the display amount.
Changing your subscription
Upgrade or downgrade at any time:
PUT /api/v1/billing/subscription
Authorization: Bearer {token}
X-Tenant-ID: {tenant_id}
Content-Type: application/json
{
"planId": "enterprise",
"interval": "year"
}
Upgrades take effect immediately. Downgrades take effect at the end of the current billing period. Proration is calculated automatically by Stripe/Moyasar.
Cancelling your subscription
POST /api/v1/billing/subscription/cancel
Authorization: Bearer {token}
X-Tenant-ID: {tenant_id}
By default, cancellation takes effect at the end of the current billing period (cancelAtPeriodEnd: true). Your account remains active until then. After cancellation, the tenant is downgraded to the Starter plan.
Invoices and receipts
List invoices
GET /api/v1/billing/invoices
Authorization: Bearer {token}
X-Tenant-ID: {tenant_id}
Response includes a list of invoices with id, amount, currency, status, and createdAt.
Get a specific invoice
GET /api/v1/billing/invoices/{id}
Authorization: Bearer {token}
Download invoice PDF
GET /api/v1/billing/invoices/{id}/pdf
Authorization: Bearer {token}
Returns a PDF file suitable for accounting and tax purposes. Invoices include your company name, address (from billing settings), VAT number (if provided), and line items.
Usage-based billing
Usage is tracked monthly and reported in the billing dashboard.
Tracked metrics
| Metric | Description |
|---|---|
| Monthly Active Users (MAU) | Users who authenticated at least once in the calendar month |
| API calls | Total authenticated API requests per month |
| SCIM syncs | Number of SCIM provisioning operations |
| Webhook deliveries | Total webhook delivery attempts |
Get current usage
GET /api/v1/billing/usage
Authorization: Bearer {token}
X-Tenant-ID: {tenant_id}
{
"period": "2026-02",
"mau": 1247,
"mauLimit": 10000,
"apiCalls": 183400,
"scimSyncs": 3200,
"webhookDeliveries": 9100
}
Get tenant usage summary
GET /api/v1/tenant/usage
Authorization: Bearer {token}
X-Tenant-ID: {tenant_id}
Get plan limits
GET /api/v1/tenant/limits
Authorization: Bearer {token}
X-Tenant-ID: {tenant_id}
Billing settings
Set your company name, VAT number, and billing address for invoices:
PATCH /api/v1/tenant/settings/general
Authorization: Bearer {token}
X-Tenant-ID: {tenant_id}
Content-Type: application/json
{
"billingName": "Acme Corp Ltd",
"billingEmail": "[email protected]",
"billingAddress": {
"line1": "King Fahd Road",
"city": "Riyadh",
"country": "SA",
"postalCode": "12345"
},
"vatNumber": "SA300000000000003"
}
Billing API reference
| Method | Endpoint | Permission |
|---|---|---|
GET | /api/v1/billing/plans | billing:read |
GET | /api/v1/billing/subscription | billing:read |
GET | /api/v1/billing/invoices | billing:read |
GET | /api/v1/billing/invoices/{id} | billing:read |
GET | /api/v1/billing/invoices/{id}/pdf | billing:read |
GET | /api/v1/billing/usage | billing:read |
GET | /api/v1/billing/payment-methods | billing:read |
POST | /api/v1/billing/subscription | billing:write |
PUT | /api/v1/billing/subscription | billing:write |
POST | /api/v1/billing/subscription/cancel | billing:write |
POST | /api/v1/billing/estimates | billing:write |
POST | /api/v1/billing/payment-methods | billing:write |
DELETE | /api/v1/billing/payment-methods/{id} | billing:write |
PUT | /api/v1/billing/payment-methods/{id}/default | billing:write |
POST | /api/v1/payments/intent | billing:write |
POST | /api/v1/payments/confirm | billing:write |
Enterprise procurement
For Enterprise plans with custom pricing, SLA requirements, data processing agreements (DPA), or purchase orders:
- Email [email protected]
- Include your expected MAU, required regions, and any compliance requirements (PDPL, GDPR, etc.)
Enterprise contracts support annual invoicing in SAR, USD, or EGP and are available on 12-month and 24-month terms.
Next steps
- Multi-Tenancy — understand plan limits per tenant
- Audit Logs — subscription change events are recorded in the audit log
- RBAC & Permissions — control who has
billing:readandbilling:writeaccess