Secure internal communication between services
Vercel Service Bindings let one service in a deployment call another via an injected env var URL, with internal routing, auth, and TLS handled — e.g. a Next.js frontend reaching a FastAPI backend privately.
**The gist** Vercel shipped **Service Bindings**: a service declares a binding to another service in the same deployment, Vercel injects an **environment variable** holding an internal URL, and a plain HTTPS fetch works — **routing, auth, and TLS** are handled internally, off the public route table.
**Why it matters** Multi-service apps on one deployment get practical: a **Next.js frontend** can call a **FastAPI backend** without exposing it publicly or managing certificates, and each call shows in **observability** with the target service and duration.
**The gist** Vercel shipped **Service Bindings**: a service declares a binding to another service in the same deployment, Vercel injects an **environment variable** holding an internal URL, and a plain HTTPS fetch works — **routing, auth, and TLS** are handled internally, off the public route table. **Why it matters** Multi-service apps on one deployment get practical: a **Next.js frontend** can call a **FastAPI backend** without exposing it publicly or managing certificates, and each call shows in **observability** with the target service and duration. **Watch out** Billing is its own lane — bound calls count as **Service Requests** and **Fast Origin Transfer**, not CDN Requests — so check current rates before routing chatty internal traffic; a service stays unreachable unless exposed via a **rewrite or a binding**.