APP STORE INTELLIGENCE
Integrations
E4d-E16c
Ready3
Missing7
Manual8
CheckedJun 17, 2026
Auth
3 checks| Integration | Status | Epic | Next action |
|---|---|---|---|
| Google OAuth credentialsMissing AUTH_GOOGLE_ID, AUTH_GOOGLE_SECRET. | Missing | E4d | Set AUTH_GOOGLE_ID and AUTH_GOOGLE_SECRET in the web runtime. |
| Auth session secretAuth.js session secret is present and long enough. | Ready | E4d | Run production preflight and one browser Google sign-in smoke. |
Google callback URLGoogle Cloud callback registration requires an interactive provider check.http://localhost:3000/api/auth/callback/google | Manual | E4d | Register and browser-test http://localhost:3000/api/auth/callback/google. |
Billing
5 checks| Integration | Status | Epic | Next action |
|---|---|---|---|
| Stripe subscription checkoutMissing STRIPE_SECRET_KEY, STRIPE_MONTHLY_PRICE_ID, STRIPE_YEARLY_PRICE_ID. | Missing | E4e | Set live STRIPE_SECRET_KEY, STRIPE_MONTHLY_PRICE_ID, and STRIPE_YEARLY_PRICE_ID in the API runtime. |
| Stripe webhook signingMissing STRIPE_WEBHOOK_SECRET. | Missing | E4e | Set STRIPE_WEBHOOK_SECRET after registering the deployed webhook. |
| Stripe credit-pack checkoutMissing STRIPE_SECRET_KEY, STRIPE_CREDIT_PACK_PRICE_ID. | Missing | E4e | Set live STRIPE_SECRET_KEY and STRIPE_CREDIT_PACK_PRICE_ID for extra screenshot credits. |
| Stripe Checkout smokeCheckout session creation must be verified against real test/live prices. | Manual | E4e | Run APPKITTIE_EXTERNAL_SMOKE_EXECUTE=1 pnpm run external:smoke -- --execute --json and confirm monthly/yearly/credit-pack sessions. |
| Stripe webhook smokeWebhook delivery can be smoke-tested with signed external checkout and subscription fixtures, then verified with deployed Stripe events. | Manual | E4e | Run APPKITTIE_EXTERNAL_SMOKE_EXECUTE=1 pnpm run external:smoke -- --execute --json, then optionally deliver the same Stripe event types to the deployed webhook. |
Marketing data
3 checks| Integration | Status | Epic | Next action |
|---|---|---|---|
| Meta Ads Library collectorMissing META_ADS_LIBRARY_ACCESS_TOKEN, META_ADS_LIBRARY_APP_ID. | Missing | E11c | Set the reviewed Meta app ID and Ads Library access token. |
| Creator collectorMissing CREATOR_COLLECTOR_BASE_URL, CREATOR_COLLECTOR_API_KEY. | Missing | E11c | Set CREATOR_COLLECTOR_BASE_URL to the deployed HTTPS collector and CREATOR_COLLECTOR_API_KEY. |
| Marketing collector ingest smokeMarketing ingest must prove real ad and creator signals surface in App Detail. | Manual | E11c | Run execute-mode external smoke or post one real ad creative and creator mention to /api/integrations/marketing/ingest. |
Review data
1 checks| Integration | Status | Epic | Next action |
|---|---|---|---|
| Review collector ingest smokeReview ingest must prove imported text and enrichment surface in Reviews. | Manual | E10 | Run execute-mode external smoke or post one real review sample to /api/integrations/reviews/ingest. |
Deploy
6 checks| Integration | Status | Epic | Next action |
|---|---|---|---|
Public web URLPublic origin is configured.https://app.getappniche.com | Ready | E16c | Run production preflight and external smoke checks. |
Public API URLLocal origin is valid for development; production still needs a public origin.http://localhost:8000 | Manual | E16c | Set APPKITTIE_API_BASE_URL to the deployed API origin. |
Browser API URLLocal origin is valid for development; production still needs a public origin.http://localhost:8000 | Manual | E16c | Set NEXT_PUBLIC_API_BASE_URL for browser-side API calls. |
Auth/web origin matchNEXTAUTH_URL does not match APP_PUBLIC_URL.http://localhost:3000 -> https://app.getappniche.com | Missing | E16c | Set NEXTAUTH_URL to the same origin as APP_PUBLIC_URL. |
CORS originCORS_ORIGINS includes APP_PUBLIC_URL.https://app.getappniche.com | Ready | E16c | Run preflight against the deployed API. |
| Deploy health checksProduction health/readiness and web smoke must pass against public URLs. | Manual | E16c | Run pnpm run preflight and pnpm run external:smoke against deploy. |