.png)
Billing System Architecture vs. Entitlements Explained
Billing system architecture manages invoices and payments. Entitlements control product access and limits. See how both layers fit into a modern software stack.
The credit layer in usage-based API billing is different from standard metering. Here's what it requires in real-world production deployments.

Two concurrent sessions hit the same credit wallet. Both read a balance of 200 credits, both claim 150, and both commit. The balance lands at negative 100 with no block triggered.
Credits look like a simple variant of usage-based API billing, but the infrastructure behind them is different in ways that only surface under concurrent load or with enterprise customers. Here’s how that works and what it means for you.
Usage-based API billing charges customers based on actual consumption rather than a flat fee.
The billing unit is whatever the product meters:
The model became standard for AI APIs because per-request serving costs vary by tokens consumed and model invoked. Flat subscriptions either subsidize heavy users or make pricing unattractive for lighter ones.
Credit-based pricing solves that problem by tying consumption to value delivered. Customers preload a balance, and each request draws from it based on the resources consumed. Customers get predictable spending, while providers maintain clearer cost coverage.
The first implementation often looks straightforward. You get a credits column in the customer table, a decrement on each request, and a Stripe webhook that adds credits after a purchase. That design works when requests arrive sequentially.
Production traffic introduces a different reality. Multiple requests hit the same account concurrently, balances update in parallel, and a simple decrement operation is no longer enough to guarantee correctness.
Credit systems differ from traditional usage-based billing because they must make access decisions against a live balance before usage occurs. That requirement changes how the system handles settlement, concurrency, and failure recovery.
In a metered billing system, the financial decision happens after the request completes. Events are recorded, usage is aggregated, and invoicing happens later.
Credit systems operate differently. Before a request runs, the platform needs to determine whether sufficient balance exists to cover the expected cost.
The implementation changes as soon as you're enforcing a balance instead of recording an event. Metered billing primarily appends events to a log that can be processed later.
Credit systems perform read-modify-write operations against a shared balance. Multiple sessions may attempt to consume credits simultaneously, which creates concurrency requirements that don’t exist in append-only metering systems.
The consequences of failure look very different in a credit system. A metering pipeline that falls behind may delay reporting or invoicing by a few seconds.
A credit enforcement system that falls behind can approve requests against balances that have already been consumed elsewhere. At scale, those overdrafts accumulate quickly and create direct financial exposure.
Standard usage-based billing tools miss the enforcement layer that controls usage in real time. For instance, Stripe Billing, Orb, and Chargebee handle the financial layer of usage-based billing reliably, aggregating consumption events, applying pricing rules, and generating accurate invoices.
What they weren't designed for:
These tools settle usage after it occurs. There's no mechanism to check a live balance before a model call and block the request if the balance is insufficient.
Two sessions reading the same balance simultaneously and both committing their deductions is a race condition. Standard billing aggregation doesn't encounter this problem because it's append-only, but a credit balance does.
A customer might hold general credits, model-specific credits, and promotional credits with a 30-day expiry. The billing tool tracks total consumption for invoicing.
The credit system needs to know which credits to deplete first, what happens when one type is exhausted, and how expiry applies without a manual override.
Enterprise customers need spending limits at the department, team, and agent level, enforced in real time. A per-customer balance isn't granular enough.
A production credit system has to enforce access decisions in real time, maintain balance accuracy under concurrent load, and generate an audit trail that finance teams can rely on.
Teams often begin with a credits_remaining column that gets decremented on each request. That approach works for low-volume, sequential traffic, but concurrent requests introduce a different set of requirements.
A production system uses an append-only ledger that records:
Every transaction becomes immutable and auditable. The ledger also provides the foundation for handling concurrent deductions safely.
Credit enforcement works best when requests reserve funds before execution and settle afterward.
For example:
If sufficient credits are unavailable, the request never starts.
This pattern is similar to payment card pre-authorizations and helps maintain balance accuracy when multiple sessions consume credits simultaneously.
Balance checks happen before compute starts, which makes latency a critical design consideration.
A production enforcement system typically aims for:
Every entitlement check sits in the request path. Performance characteristics that look acceptable in isolation can quickly become significant at production traffic volumes.
AI products that scale past a single pricing model end up supporting multiple credit pools, such as:
Each credit type requires clear precedence and expiry rules.
For example, if promotional credits expire during a long-running workflow, enforcement should roll over to the next eligible credit pool. That behavior depends on rules built directly into the ledger and enforcement model.
Enterprise customers rarely operate from a single shared balance.
Common requirements include:
Supporting these controls requires a tenancy model that reflects the customer's organizational structure from the beginning. As enterprise requirements grow, that hierarchy becomes part of the core architecture.
Finance teams need visibility into every credit movement throughout its lifecycle.
For prepaid credit models, revenue is recognized as credits are consumed. That requires a complete transaction history showing:
These records support revenue recognition, dispute resolution, financial reporting, and compliance requirements.
The credit system now sits alongside core infrastructure, supporting enforcement, concurrency control, financial operations, and governance.
Those requirements tend to accumulate one at a time, usually triggered by a new customer segment, a product launch, or a finance request. By the time the fifth one lands, the system you built for the first one is already the wrong foundation.
Building a credit system in-house makes sense when requirements are simple. A single credit type, one pricing model, sequential usage patterns, and limited governance requirements can often be handled with a balance table and a decrement function.
The challenge is that credit systems rarely stay that simple.
In practice, these requirements land sequentially, each triggered by a different team:
Each change looks manageable in isolation, but together, they reshape the architecture.
A balance table becomes a ledger, a decrement function becomes a reservation system, and customer-level balances become hierarchical budget allocations.
The question eventually becomes one of engineering focus. How much of the roadmap should go toward evolving credit infrastructure versus building customer-facing product features?
The architectural challenges with Usage-based API billing begin with credit enforcement.
Two concurrent sessions, a second credit type, or the first enterprise customer asking for team-level budget controls can quickly expose the limits of a simple balance-based design.
In credit-based billing, few decisions matter more than getting the data model right before usage, customers, and requirements accumulate around it.
Stigg is the usage runtime for AI products. Entitlements, credits, usage limits, and spend governance run synchronously in the request path.
For teams designing or rethinking the credit layer:
See how Stigg handles credit enforcement, usage governance, and budget controls within usage-based API billing architecture.
The main difference between usage-based billing and credit-based billing is when consumption is enforced. Usage-based billing typically measures usage and settles later, while credit-based billing checks the available balance before a request executes.
AI APIs use credits because request costs can vary by tokens, models, and workflows. Credits convert that variability into a unit that customers can budget for while helping providers align usage with cost.
Enterprise credit management requires controls for budgets, credit allocation, and governance across teams and departments. At scale, organizations also need audit trails, multiple credit types, and real-time spending limits enforced during request execution.