Platform review
Royalty Paid is built as a managed creator-commerce operations layer. We keep integration scopes narrow, avoid dead OAuth surfaces, and document what each connected platform does before it is submitted for review.
Admin and platform scopes are kept to the smallest set needed for the live workflow.
All production traffic is served over HTTPS. Platform callbacks and webhooks require signed requests where supported.
OAuth tokens are server-side only and never exposed to browser bundles. New partner tokens must use encrypted-at-rest storage before launch.
Admin actions, webhook failures, payout actions, and sensitive workflow changes are logged for operator review.
The app avoids collecting customer PII where attribution IDs, order IDs, promo codes, and sale totals are enough.
Security and platform review questions should go to hello@royaltypaid.com with a clear subject line.
Shopify attribution is the active commerce integration path under review preparation. TikTok Shop API, Instagram Login, TikTok Login, and YouTube account connections remain gated until their app-review requirements, scopes, deletion behavior, and reviewer demos are complete.