PayRift AdminSubscriptions, entitlements, webhooks

One console to run your in-app subscription billing.

Monitor revenue, debug identity merges, manage catalog and entitlements, and trace webhooks end-to-end. Built for teams shipping iOS and Android subscriptions.

Start Now See what you get

Multi-tenant org isolationSupabase AuthRLS-first access

Admin Home

At-a-glance signals

Last 28d revenue

$42,918

excludes sandbox

Active entitlements

12,403

active + grace

Subscribers

93,551

unique users

Webhook failures

needs attention

Identity group aware

RevenueCat-style

View linked aliases and merged identities so support can debug reinstalls, logins, and restores fast.

Trusted workflow

Apps + Store creds

Connect Apple/Google once. Keep secrets masked and server-only.

Catalog + Offerings

Ship products, entitlements, and offerings per app.

Subscribers + Webhooks

Audit events, deliveries, and identity merges.

Features

Built for subscription ops

Everything you need to ship and debug subscriptions without bouncing between dashboards.

Start Now

Catalog

Products, entitlements, mappings, offerings.

Subscribers

Identity group aware, activity tabs, audits.

Webhooks

Inbound/outbound trace with payload copy.

Secure secrets

Service-role writes, never echo credentials.

Workflows

From store credentials to revenue reporting

Keep your day-to-day inside one panel: credentials, apps, catalog, subscribers, and webhooks.

Create org + project

Multi-tenant org isolation. Project selection required.

Connect store credentials

Upload .p8 / .json and we paste into secure fields.

Add app

Enforces platform + credential + ids; Apple app id lookup is automatic.

Ship catalog + offerings

Bind entitlements to products and set current offerings.

What you get

Role-based UI (owner/admin/member)
Strict org isolation + project scoping
Identity-linked subscriber details
Webhook failure triage
Catalog + offerings management

Ready?

Create an account and start wiring your apps.

Start Now

Security

Secrets stay server-side

Store credentials are written via privileged server routes using the Supabase service role key. Existing secrets are never returned to the browser, only masked hints.

FAQ

Common questions

Do I need to select a project?

Yes. Project selection is required for data pages like apps, catalog, subscribers, webhooks, and dashboard. Settings pages stay accessible without a project.

Can members delete things?

No. Role-based UI hides destructive actions for members, and server-side checks enforce the same.

Where do I see transactions?

Transactions are user-bound and show inside the Subscriber detail under the Transactions tab.

How do identity merges work here?

Subscriber detail is identity-group aware: you can view aliases and merged users linked to the canonical users.id.