Cost to build a public API for your SaaS
Cost to build a public API for your SaaS
Building a public API for your SaaS in 2026 typically costs $20,000 to $250,000+ to ship a real V1. The cheap end is API keys plus hardened endpoints. The expensive end is a Stripe-grade surface with SDKs, sandbox, dashboard, and status page. Most of the cost gap is not the endpoint code; it is the product around it.
The decision that drives everything: which buyer is the API for, and how much of that surface do you owe them on day one?
What you are actually building when you ship a public API
An internal API is a contract between two of your services. A public API is a product. Customers depend on it, write code against it, ship that code to production, and call you when it breaks at 2 a.m.
Concretely, a real public API has at least 11 distinct surfaces:
- Hardened endpoints with consistent error codes
- Versioning and a backward-compatibility policy
- Authentication (API keys, often OAuth 2.0 for partners)
- Rate limiting tuned per pricing tier
- Webhook delivery, signing, and retries
- A customer dashboard for keys, usage, and logs
- Hosted documentation
- SDKs in at least Python and TypeScript
- A sandbox environment with seeded test data
- A status page with uptime SLA
- A support pipe for developer questions
An internal API needs maybe three of these (auth, errors, docs in a Notion page). A public API needs all eleven, and dropping any one of them shows up in churn within the first 90 days. This is the part most cost calculators get wrong: they price endpoint count, not the surface that turns endpoints into a product.
The three scope tiers and what each one costs
There are really only three honest scope tiers for a public API V1. Pick the one that matches your buyer.
Tier 1, $20,000 to $50,000. API keys, 10 to 25 endpoints, autogenerated reference docs from your OpenAPI spec, basic rate limiting, error codes. No SDK. No sandbox. No customer dashboard beyond a key-management page. This works if your buyer is a backend developer integrating once and forgetting. Think: data-enrichment APIs, internal tooling exposed to a couple of partners. The math here is similar to what we mapped out for the cost to integrate Stripe, where the endpoint count is small but the surrounding hardening still bites.
Tier 2, $80,000 to $150,000. Tier 1 plus auto-generated SDKs (Python and TypeScript at minimum), a real sandbox environment, webhook signing and retries, a customer dashboard with usage charts and request logs, a Mintlify or Fern docs site instead of bare reference. This is the right tier for most B2B SaaS APIs in 2026. Customers expect this much.
Tier 3, $250,000 and up. Stripe-grade. OAuth 2.0 with fine-grained scopes, partner onboarding flows, multi-region infrastructure, a status page with formal SLA, a developer relations function, dedicated support engineers. You only build this if API revenue is a top-3 line item or your customers are Fortune 500 procurement teams.
The mistake founders make is targeting Tier 3 at launch because it sounds professional. The right move is to ship Tier 1 or Tier 2, get five paying customers, then upgrade based on what they actually push back on.
Cost breakdown by approach
Here is what each hiring lane really costs for a Tier 2 build, fully loaded:
| Approach | Cost | Timeline | Pros | Cons |
|---|---|---|---|---|
| US full-time hire | $160k-$240k/yr loaded | 6-12 wk to hire, then 8-16 wk to build | Owns the API surface long-term | Expensive, slow to start, hard to size if usage stays flat |
| Dev agency (US/EU) | $80k-$300k fixed bid | 12-24 wk | Predictable scope, contractual SLA | Change orders punish iteration, agency walks away with the knowledge |
| Freelancer (Upwork or Toptal) | $60-$200/hr; $30-$120k total | 8-20 wk | Cheaper than agency, flexible | No bench depth, vetting is on you, single point of failure |
| Cadence | $500-$2,000/wk per engineer | 48-hour trial then ship in 6-10 wk | Every engineer is AI-native by default, weekly billing, replace any week | Less suited to enterprise procurement |
A few notes on this table. The full-time hire number assumes one senior engineer at a $180k base plus 30% loaded cost. The agency range is real: a public API with sandbox and SDKs from a competent US shop will land around $150k after change orders. Freelancers are cheaper but the variance is brutal; we have seen the same scope quoted at $35k and at $110k from people with similar resumes.
Cadence sits at $500 to $2,000 per engineer per week, with weekly billing and no notice period. A senior engineer for 8 weeks of focused build is $12,000. Add a mid for testing and docs polish for 4 weeks at $1,000 and you are at $16,000 in engineer cost, before tooling. The model works because every engineer on Cadence is AI-native by default, vetted on Cursor, Claude Code, and Copilot fluency before they unlock bookings, so a senior plus a mid moves at the velocity a four-person agency team did in 2022.
Feature-by-feature: where the money actually goes
Endpoint code is roughly 25% of total cost. The other 75% is the product around it. Here is where each line item really lands in 2026.
API design and endpoint hardening
A public endpoint is not the same as an internal one. Public endpoints need consistent error envelopes, idempotency keys for write operations, pagination that scales to millions of records, and input validation that does not leak stack traces. Budget 1.5x to 2x the engineer time you would spend on the same internal endpoint. We cover this more in our notes on REST API design in 2026.
Versioning and backward compatibility
Decide your versioning policy before you ship V1, not after. URL versioning (/v1/) is the easiest to operate; header versioning gives you cleaner URLs but a steeper learning curve for customers. Whichever you pick, document the deprecation policy in writing: how many months notice before a breaking change, what counts as breaking, who pays for the migration. A clear policy here is worth 5 to 10 engineer-weeks per year in deferred fire drills. Our writeup on API versioning in 2026 walks through the trade-offs.
Authentication: API keys and OAuth 2.0
API keys are the right default for the first 50 customers. They take a senior engineer 1 to 2 weeks to ship correctly, with scoped permissions, key rotation, and a revocation flow. OAuth 2.0 is a 4 to 8 week project: the spec is small, but the customer-facing consent screens, refresh-token logic, and scope management are where time goes. Do not build OAuth before a partner integration actually requires it.
Rate limiting by tier
Rate limits map to your pricing tiers. Free tier 100 requests per minute, paid tier 1,000, enterprise 10,000 with burst tolerance. The implementation is 1 to 2 weeks if you use Redis or Cloudflare's built-in rate limiter. The hard part is the customer-visible side: returning a clean 429 with Retry-After headers, surfacing usage in the dashboard, and deciding whether to throttle or hard-block on overage.
Webhooks: delivery, signing, and retries
Webhooks are easy to build badly and hard to build well. The minimum bar in 2026 is HMAC-SHA256 request signing, an exponential-retry queue with a dead-letter bucket, idempotency for replays, and a customer-facing log of attempted deliveries. Budget 2 to 3 weeks for a senior to do this right. Svix and Hookdeck will run it as a service for $40 to $400 per month if you want to skip the build entirely.
Customer dashboard
The dashboard is where customers manage keys, see usage, debug failed requests, and configure webhooks. It is a real product: 3 to 5 weeks of full-stack work. Skipping it forces customers into your support inbox for everything, which is the single biggest hidden cost of Tier 1 APIs.
Documentation
The docs vendor matters more than founders expect.
- Mintlify ($99 to $499 per month): the fastest setup, best developer experience, hosts the OpenAPI reference plus your hand-written guides. Most B2B SaaS APIs in 2026 default to Mintlify.
- Fern: OSS-first, free for the core, paid plans for hosting and SDK gen bundled. Good if you want to own the pipeline.
- Scalar: free OSS OpenAPI viewer. Use this for Tier 1 when you do not need authored guides.
- In-house (Docusaurus, Nextra): 4 to 8 weeks of frontend work and ongoing maintenance. Only worth it if your docs are a competitive moat.
For 95% of public APIs, paying Mintlify $200 a month beats burning 6 weeks of engineer time on a custom site.
SDKs
SDKs used to be a 4 to 8 week per-language project. In 2026 they are largely a tooling decision.
- Stainless ($400 to $2,000 per month): generates idiomatic SDKs in TypeScript, Python, Go, Java, and more from your OpenAPI spec. Stripe and Anthropic use it.
- Speakeasy: similar pricing and feature set, slightly different ergonomics on customizations.
- Hand-rolled: still defensible if your SDK has unusual ergonomics (streaming, complex auth, multimodal). Plan 4 to 8 weeks per language.
Most teams should auto-generate. The math is clear: $1,000 a month buys you SDKs in five languages forever, versus $40,000 to hand-write two of them once.
Sandbox environment
A sandbox is a separate environment with seeded test data and obviously-fake credentials. Customers test integrations here without spending real money or polluting their production data. Building one cleanly is 2 to 3 engineer-weeks plus ongoing care. Skipping it is fine for Tier 1; not for Tier 2.
Status page and SLA
Statuspage.io ($29 to $1,499 per month) and BetterStack (from $29 per month) cover the status-page side. The SLA itself is a contractual document, not a feature. Writing a defensible SLA, with the underlying monitoring and incident-response runbook to back it, is a 2 to 4 week project for a senior engineer plus your legal review.
Ongoing support burden
This is the line item that surprises founders. A public API with 50 active integrations generates 5 to 15 developer-support tickets a week, indefinitely. Plan for 10% to 25% of build cost per year in support engineering, recurring. A $100k API build implies $10k to $25k a year in support time alone, before any feature work.
How to reduce cost without crippling the API
A few patterns that work in 2026:
- Buy commodity layers. Mintlify for docs, Stainless for SDKs, Statuspage for status, Sentry for error tracking. Building any of these in-house is a six-figure mistake.
- Build only the customer-visible differentiator. Your endpoints are the moat. Your dashboard is the moat. The plumbing around them is not.
- Ship Tier 1 first. Get five paying customers on raw API keys before you spend $100k on a sandbox no one asked for.
- Use AI-native engineers. A senior who is fluent in Cursor and Claude Code can wire Mintlify and Stainless in days; an engineer who is not will spend a week per integration. The skill gap is real and widening.
- Avoid premature OAuth. API keys are fine until a customer or partner explicitly says they cannot use them.
- Pick the tier that matches the buyer. Targeting Tier 3 at launch is the most expensive mistake on this list.
The fastest path from internal endpoints to a public API
Three steps, in order.
Step 1: Pick the scope tier. Be honest about your buyer. If you are selling to indie devs, Tier 1 is enough. If you are selling to mid-market B2B, Tier 2. Only the largest enterprise API plays need Tier 3 on day one.
Step 2: Buy the commodity layers up front. Mintlify or Fern, Stainless or Speakeasy, Statuspage or BetterStack, Sentry. Pick before you write code so the engineer is wiring vendors, not building custom infrastructure.
Step 3: Book the engineer (or two) for the focused build. A senior for 6 to 10 weeks gets you a Tier 2 API. Add a mid for the dashboard and docs polish if you want to compress the timeline. If you do not already have an engineer ready to start tomorrow, the fastest path is to book a senior engineer on Cadence and start the 48-hour free trial. You can have a senior at a keyboard within a day, and replace them at the end of any week if the fit is wrong.
For more on the API design choices that make all of this cheaper to maintain, see our notes on API design best practices.
If you want a senior engineer wiring Mintlify, Stainless, and your endpoints by the end of the week, book on Cadence. Weekly billing, 48-hour free trial, and every engineer is AI-native by default so the commodity layers go in days, not weeks.
FAQ
How long does it take to ship a public API?
Tier 1 takes 4 to 6 weeks with a senior engineer. Tier 2 with SDKs and a sandbox takes 8 to 12 weeks. Stripe-grade Tier 3 takes 16 to 24 weeks before public launch, plus a permanent dev-relations function after.
Should I build SDKs or let customers wrap the REST API themselves?
If you have 10 or more enterprise customers, ship at least Python and TypeScript SDKs. Auto-generating with Stainless or Speakeasy beats hand-rolling unless your SDK has unusual ergonomics like streaming or complex auth.
API keys or OAuth 2.0 first?
API keys for your first 50 customers. OAuth 2.0 only when you start running into partner integrations where the customer cannot share a raw key. Building OAuth too early is a 6-week project that solves a problem you do not yet have.
Should I use Mintlify, Fern, or Scalar for docs?
Mintlify ($99 to $499 per month) for fastest setup and best developer experience. Fern if you want OSS-first with the option to self-host. Scalar (free OSS) if you only need an OpenAPI reference viewer with no authored guides.
What is the ongoing cost of running a public API?
Plan for 10% to 25% of build cost per year in support engineering, infra growth, breaking-change migrations, and SDK refresh. A $100,000 V1 build implies $10,000 to $25,000 in recurring annual cost, not counting feature work.