OpseerOpseer
Docs
Dashboard

RevenueCat

Connect your RevenueCat account via OAuth to track mobile IAP/subscription revenue, MRR, active subscribers, and trials in one place.

Last updated: 2026-05-18

The RevenueCat integration uses OAuth 2.0 with PKCE (read-only scopes) to query mobile IAP and subscription metrics. Tokens are stored AES-256-GCM encrypted, and refresh tokens rotate single-use.

Prerequisites

  • A RevenueCat account with at least one project
  • Permission to authorize OAuth applications (project owner / collaborator)
  • Starter / Plus / Max plan (revenue alerts are paid features)

Connect via OAuth

1

Open Account Settings

Go to /dashboard/account or /dashboard/integrations and click Connect on the RevenueCat card.

2

Authorize on RevenueCat

A popup (desktop) or new page (mobile) opens. Sign in to RevenueCat and approve the requested read-only scopes.

3

Auto-discover all projects

Opseer stores every project in your RevenueCat account into metadata.projects[]. Stats fan out across all projects and aggregate server-side.

4

Done

The popup closes (or shows a confirmation). Account/Integrations pages refresh and show the connected project list.

RevenueCat is connected at the account level, not per project. One OAuth grant serves all Opseer projects, and all RevenueCat projects in the account are fan-out + aggregated automatically.

Requested scopes

All scopes are read-only — Opseer never modifies your RevenueCat account.

Project Configuration (8)

  • project_configuration:projects:read, project_configuration:apps:read, project_configuration:entitlements:read, project_configuration:offerings:read, project_configuration:packages:read, project_configuration:products:read, project_configuration:experiments:read, project_configuration:virtual_currencies:read

Customer Information (3)

  • customer_information:subscriptions:read, customer_information:purchases:read, customer_information:invoices:read

Charts & Metrics (4)

  • charts_metrics:overview:read, charts_metrics:charts:read, charts_metrics:experiment_results:read, charts_metrics:benchmarks:read

Data displayed

On /dashboard/revenue/revenuecat, Opseer calls both the Overview Metrics endpoint (snapshot) and the Charts API (time series) and renders cards plus charts.

Snapshot metrics (Today/Yesterday — Overview API)

  • MRR (Monthly Recurring Revenue)
  • Active Subscriptions
  • Active Trials
  • New Customers

Time-series metrics (Period — Charts API)

per-project × 6 chart slugs are fanned out (mrr / revenue / actives_new / churn / conversion_to_paying / actives). Multi-project results are aggregated via Promise.allSettled.

  • MRR Trend, Revenue, New Subscriptions, Churn, Trial Conversion, Active Users
  • Subscription Movement Chart (newSubs / churnedSubs)

Snapshot metrics use today/yesterday realtime calls. Time-series metrics use revenue_daily_cache (90-day sliding window). Charts API D-1 lag metrics are skipped if today's datapoint is missing. Charts & Metrics rate limit: 15/min — graceful skip on 429 for 3+ projects.

Sandbox vs production

Opseer focuses on production data. RevenueCat distinguishes sandbox vs production at the API resource level — make sure your live data is what you see in the RevenueCat dashboard before relying on Opseer numbers.

Token rotation policy

  • access_token expires in 1 hour
  • refresh_token: 30-day absolute lifetime, but rotates on every refresh (clock resets)
  • refresh_token is single-use — Opseer handles concurrent refresh races via re-read winner pattern
  • Re-authorization is only required after 30+ days of inactivity or explicit revocation

Disconnect

Click "Disconnect" on the RevenueCat card (Account or Integrations page). Encrypted tokens are removed and the integration is marked inactive. To fully revoke from RevenueCat's side, also remove Opseer from your RevenueCat OAuth approvals.

Security

  • OAuth 2.0 with PKCE (S256) — code_verifier never leaves Opseer server
  • Confidential client — client_secret is server-side only
  • AES-256-GCM encrypted token storage (opseer_user_integration.config)
  • No write scopes requested — Opseer cannot modify your RevenueCat data

Troubleshooting

"No project found"

Your RevenueCat account has no project. Create one in the RevenueCat dashboard first, then re-connect.

"OAuth failed" or invalid_grant

Refresh token race or 30-day inactivity. Disconnect and reconnect to issue a new token pair.