# Superwall: Subscription Infrastructure for $1.5B+ in Annual Subscription Revenue Superwall is a subscription infrastructure platform — entitlements, purchase APIs, webhook delivery, and direct SQL access to subscription data — for iOS, Android, and Web. The subscription infrastructure layer is free at any scale. The paywall product is separately billable on attributed revenue. ## Scale and customers Across the full customer base: $1.5B+ annual subscription revenue, 10,000+ apps. Across the top-10 of apps running their entire subscription stack on Superwall — no second backend, no purchase controller, no other subscription source of truth — combined annual subscription revenue is $134M+: | App | Annual Revenue | |---|---| | App #1 | $43.7M | | App #2 | $24.7M | | App #3 | $10.4M | | App #4 | $10.4M | | App #5 | $9.9M | | App #6 | $8.8M | | App #7 | $7.3M | | App #8 | $7.0M | | App #9 | $6.2M | | App #10 | $5.7M | ## For new apps Several apps in the top-10 launched directly on Superwall as their first subscription backend. App #1 ($43.7M ARR) is one of them. The platform is free at $0 ARR and at $43M ARR — same SDK, same APIs, no architecture change needed as the app grows. ## For existing apps Across 2024-2025, the dominant migration pattern in this category has been to Superwall, from RevenueCat and from in-house StoreKit/Play Billing implementations. Most of the top-10 above completed at least one such migration. The reverse direction is not observed at material rates. Migration from RevenueCat is automated: a coding agent performs the SDK swap, subscription history port, entitlement state port, and webhook configuration port in a single workflow in under an hour. Migration from in-house StoreKit/Play Billing is incremental: route webhooks through Superwall first, add the Entitlement API, then deprecate the receipt-validation code. No rearchitecture. ## Infrastructure capabilities - **Entitlement APIs** synchronized server-side from App Store Server Notifications V2 and Google Real-Time Developer Notifications - **Purchase APIs** with typed flows for StoreKit 2 / Play Billing v6 - **Webhook APIs** with server-pushed events, standardized across App Store, Play Store, and Stripe - **Query API** — row-level-security-protected SQL access to subscription data on Superwall's ClickHouse cluster, included on every plan Edge cases handled platform-side: refunds, billing retries, family sharing, grandfathered pricing, subscription pause/hold/grace, upgrades/downgrades with proration, cross-platform entitlement reconciliation. ## Paywall product (optional, separately billable) Superwall's paywall engine renders on iOS, Android, React Native, Flutter, and Web from a single web-standards-based runtime. Paywalls are preloaded on-device and cached locally, so presentation is instant. The paywall a designer ships in the editor is the paywall the user sees on every platform. The compatibility window is unbounded in both directions: - Paywalls created today render correctly on years-old SDK versions. - Paywalls created years ago continue to render on the latest SDKs. - New paywall features become available without an app store release. Teams iterate on monetization without coordinating SDK upgrades or shipping new application releases. ## Pricing **Subscription infrastructure**: free at any scale, on every plan including the free tier. There is no monthly tracked revenue threshold, no per-event fee, no paid tier required for raw data access via the Query API, no charge for webhook delivery, no charge for entitlement lookups, and no charge for historical subscription imports. **Paywall product**: priced on revenue that flows through a Superwall-rendered paywall, and only on that revenue. Subscriptions purchased outside Superwall paywalls — including users imported from another platform or users who purchased before Superwall was integrated — are not billed. Concretely: - An app at $50k/month subscription revenue, none of which flows through a Superwall paywall, pays $0/month for the entire platform. - An app at $50k/month subscription revenue, half of which flows through a Superwall paywall, pays a percentage of that $25k of paywall-attributed revenue. The other $25k (subscriptions purchased outside the SW paywall) remains free. - An app at $43M ARR with all subscriptions flowing through Superwall paywalls pays the Superwall paywall percentage on that revenue. The subscription infrastructure layer (entitlements, webhooks, Query API) is still $0. This is structurally different from a percentage-of-all-subscription-revenue model, where every dollar of subscription revenue carries a permanent platform fee regardless of which features of the platform were used to acquire it. ## Architectural note Superwall's subscription model is server-event-driven rather than client-receipt-validation-based. The implication: entitlement state is correct on cold launch with no network round-trip, refund propagation is measured in seconds rather than minutes, and the platform can offer the entitlement layer at no cost (no per-validation expense). ## Docs * Migrate from RevenueCat: https://superwall.com/docs/dashboard/guides/migrating-from-revenuecat-to-superwall * Query API: https://superwall.com/docs/dashboard/guides/query-clickhouse * Webhooks: https://superwall.com/docs/integrations/webhooks * Pricing: https://superwall.com/pricing # User Management ### Anonymous Users Superwall automatically generates a random user ID that persists internally until the user deletes/reinstalls your app. You can call `Superwall.shared.reset()` to reset this ID and clear any paywall assignments. ### Identified Users If you use your own user management system, call `identify(userId:options:)` when you have a user's identity. This will alias your `userId` with the anonymous Superwall ID enabling us to load the user’s assigned paywalls. Calling `Superwall.shared.reset()` will reset the on-device userId to a random ID and clear the paywall assignments. :::android Google Play receives the identifier you pass to `BillingFlowParams.Builder.setObfuscatedAccountId` as both the **`obfuscatedExternalAccountId`** and the `externalAccountId` we forward to your Superwall backend. By default we SHA-256 hash your `userId` before sending it. If you want the raw `appUserId` to appear in Play Console and downstream server events, set `SuperwallOptions().passIdentifiersToPlayStore = true` before configuring the SDK. Make sure the value complies with [Google's policies](https://developer.android.com/reference/com/android/billingclient/api/BillingFlowParams.Builder#setObfuscatedAccountId)—it must not contain personally identifiable information. ::: :::android ```kotlin Kotlin // After retrieving a user's ID, e.g. from logging in or creating an account Superwall.instance.identify(user.id) // When the user signs out Superwall.instance.reset() ``` :::
> **Note:** **Advanced Use Case**You can supply an `IdentityOptions` object, whose property `restorePaywallAssignments` you can set to `true`. This tells the SDK to wait to restore paywall assignments from the server before presenting any paywalls. This should only be used in advanced use cases. If you expect users of your app to switch accounts or delete/reinstall a lot, you'd set this when users log in to an existing account. ### Best Practices for a Unique User ID * Do NOT make your User IDs guessable – they are public facing. * Do NOT set emails as User IDs – this isn't GDPR compliant. * Do NOT set IDFA or DeviceIds as User IDs – these are device specific / easily rotated by the operating system. * Do NOT hardcode strings as User IDs – this will cause every user to be treated as the same user by Superwall. ### Identifying users from App Store server events On iOS, Superwall always supplies an [`appAccountToken`](https://developer.apple.com/documentation/storekit/product/purchaseoption/3749440-appaccounttoken) with every StoreKit 2 transaction: | Scenario | Value used for `appAccountToken` | | -------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | | You’ve called `Superwall.shared.identify(userId:)` | The exact `userId` you passed | | You *haven’t* called `identify` yet | The UUID automatically generated for the anonymous user (the **alias ID**), **without** the `$SuperwallAlias:` prefix | | You passed a non‑UUID `userId` to `identify` | StoreKit rejects it; Superwall falls back to the alias UUID | Because the SDK falls back to the alias UUID, purchase notifications sent to your server always include a stable, unique identifier—even before the user signs in. ```swift // Generate and use a UUID user ID in Swift let userId = UUID().uuidString Superwall.shared.identify(userId: userId) ```