What SubSovereign is
Sovereign, self-hosted subscription & entitlement infrastructure. You validate purchases from any app store β Apple, Google, Amazon, Roku, Stripe β grant the right access, and keep your own billing data. No revenue share, no third party holding your customers.
What it does
- Validates store receipts and keeps entitlements live via store server-notifications.
- Builds, serves and A/B-tests paywalls across every platform.
- Bring-your-own billing bridge for any payment provider.
- Multi-tenant back office, GDPR tooling, and AI insights via Merlyn.
Core concepts
Apps & API keys
Each app gets an SDK key (shipped in the app, runtime only) and a dashboard login (you, org-scoped). The SDK key can never read business data.
Access levels (tiers)
Define the tiers you sell β e.g. Free, Pro, Lifetime. An entitlement grants one tier.
Product β tier mapping
Map each store product ID to the tier it unlocks. A validated purchase then grants the right tier automatically.
Paywalls
Build paywall configs (or generate one with Merlyn), served to the app at runtime and rendered by the SDK on every platform.
Entitlements
The source of truth for who has access. Look any user up in the Entitlements explorer.
Store credentials
Enter your own Apple / Google / Amazon / Roku / Stripe keys per app (encrypted at rest). Validation then uses your own store account.
Experiments
Launch paywall experiments from a 50-template library, let Merlyn suggest the next test, and promote a winner once it is statistically significant.
Billing bridge
Bring your own billing provider: grant entitlements over a signed HMAC bridge for any payment source we do not natively validate.
Privacy (GDPR)
Handle erasure / export / do-not-sell requests per user. Billing records are retained for tax; PII is pseudonymised past the retention window.
Integrate the SDK (3 calls)
The app-side SDK only ever needs three endpoints. Full per-platform code is on the Getting Started page.
Deeper docs
Full API reference lives in docs/API.md; per-platform integration guides (iOS, Android, Roku, Web/JS, React, React Native, Flutter, Web Component) and a "how it works" overview are in docs/guides/. Security posture is documented in docs/SECURITY.md.