App marketplace: OAuth installs, API keys, and the developer SDK
Install third-party apps with scoped OAuth, rotate API keys safely, and build custom integrations with the Mrfqy developer portal.
Growing Arab stores need loyalty apps, reviews widgets, and accounting connectors without fragile custom scripts. Mrfqy's app marketplace uses OAuth consent, revenue-share billing, and a public SDK so partners ship safely.
Browse and install apps
The apps directory lists vetted integrations with pricing, scopes, and support links. Install with one click — OAuth shows exactly which store data the app can read or write.
Uninstall revokes tokens immediately. Billing for paid apps flows through your Mrfqy subscription invoice.
OAuth scopes and security
Apps request minimal scopes — orders read-only, products write, webhooks subscribe. Merchants approve or deny before any API call runs.
Rotate compromised keys from the developer portal. Audit logs show which app last accessed sensitive endpoints.
Build with the developer SDK
Partners register apps, define redirect URLs, and test against sandbox stores. The SDK covers products, orders, customers, and webhook verification helpers.
Submit for review when you are ready for the public directory — Mrfqy validates security, billing hooks, and uninstall cleanup.
Revenue share and monthly billing
Paid apps can charge a monthly fee or revenue share on attributed orders. Merchants see line items on their platform bill — no separate card per app.
Free apps still go through OAuth review so scopes stay honest and uninstall is clean.
