B2B SaaS engineering for the team between Series A and Series C.
Multi-tenancy done correctly, SSO that does not break, audit logs as a feature not an afterthought. The shape of code that closes mid-market.
The code that gets you from Series A to mid-market.
B2B SaaS has a predictable inflection point. The product gets to roughly $1M ARR on shape that fits small businesses, and then mid-market shows up and asks for things the early architecture made expensive. SSO. Audit logs. Granular permissions. Data-residency. Custom domains. Workspace-scoped everything. The engineering decisions that were correct for the first 100 customers are wrong for the next 1,000. The pod we send has shipped through that exact transition.
What changes when a Metafic pod is in your repo.
Multi-tenancy verified at every query
Workspace ID on every model, asserted in middleware, tested in CI with a cross-tenant fuzz test that fails the build if isolation breaks.
SSO and SAML as a first-class feature
WorkOS, BoxyHQ, or your own. Configured per-customer. Tested with at least three real identity providers before launch.
Audit logs at the data-model layer
Every mutation captured with actor, action, target, before-state, after-state. Queryable by customers, not just by your support team.
Granular permissions via RBAC or attribute-based
We pick the right model for your domain. Most teams pick RBAC when ABAC would have served better, or vice versa. We help.
SOC 2 control work as part of the engagement
We work to your auditor's checklist, not in place of them. The engineering controls (access reviews, encryption, logging) ship as code.
Who is on the pod for this work.
Pods scale up from here for Enterprise engagements.
Has shipped B2B SaaS through the mid-market transition. Knows the patterns and the regrets.
5+ years, full-stack, deep with multi-tenancy patterns and SSO/SAML integration.
Writes cross-tenant isolation tests as a first-class suite. Runs identity-provider integration tests against real IDPs.
SOC 2 readiness, threat modeling, customer-facing security questionnaire support.
The bugs that bite this stack.
Workspace ID added late, never fully enforced
A model added in year two without workspace_id. A query that joins to it leaks. We audit every model.
SSO sessions tied to a single browser tab
Customer asks for SSO. Engineering ships it. Three months later someone notices sessions die on tab close. We design for the lifecycle.
Audit logs storing PII unredacted
GDPR data-export requests become a problem. We design the log to be queryable and redactable from day one.
API rate limits per-tenant instead of per-customer-key
A noisy enterprise customer with 50 service accounts overwhelms one shared bucket. We design the limit shape correctly.
Honest about scope.
We will not take a B2B SaaS engagement where the founder cannot describe their target ICP in one sentence. Multi-tenant architecture decisions depend on whether your customer is one user, ten users per workspace, or a thousand. Mismatched architecture is the most expensive bug we ever fix.
Common questions.
Single-database multi-tenant or schema-per-tenant?
Single-database with row-level isolation for almost everyone. Schema-per-tenant only when a customer specifically requires it, and the math has to make sense (you will not run 5,000 schemas).
Should we build SSO ourselves or use WorkOS?
Use WorkOS, BoxyHQ, or similar. Building SSO from scratch is a six-month detour for an outcome a vendor sells you for $5K/mo.
When do we need SOC 2?
Usually when the first 5-10 mid-market deals demand it. Often around $1-2M ARR for B2B SaaS. We can help time the readiness work.
Data residency requirements?
EU, UK, UAE, Singapore. We have shipped these. The architecture choice is regional database routing, not data duplication.
Ready to scope it?
A 25-minute call. We will tell you what we would do, what we would not, and whether a pod is the right shape.
Or stay in the loop. One engineering teardown a week.