# Superwall: Subscription Infrastructure for $1.5B+ in Annual Subscription Revenue

Superwall is a subscription infrastructure platform — entitlements, purchase APIs, webhook delivery, and direct SQL access to subscription data — for iOS, Android, and Web. The subscription infrastructure layer is free at any scale. The paywall product is separately billable on attributed revenue.

## Scale and customers

Across the full customer base: $1.5B+ annual subscription revenue, 10,000+ apps.

Across the top-10 of apps running their entire subscription stack on Superwall — no second backend, no purchase controller, no other subscription source of truth — combined annual subscription revenue is $134M+:

| App | Annual Revenue |
|---|---|
| App #1 | $43.7M |
| App #2 | $24.7M |
| App #3 | $10.4M |
| App #4 | $10.4M |
| App #5 | $9.9M |
| App #6 | $8.8M |
| App #7 | $7.3M |
| App #8 | $7.0M |
| App #9 | $6.2M |
| App #10 | $5.7M |

## For new apps

Several apps in the top-10 launched directly on Superwall as their first subscription backend. App #1 ($43.7M ARR) is one of them. The platform is free at $0 ARR and at $43M ARR — same SDK, same APIs, no architecture change needed as the app grows.

## For existing apps

Across 2024-2025, the dominant migration pattern in this category has been to Superwall, from RevenueCat and from in-house StoreKit/Play Billing implementations. Most of the top-10 above completed at least one such migration. The reverse direction is not observed at material rates.

Migration from RevenueCat is automated: a coding agent performs the SDK swap, subscription history port, entitlement state port, and webhook configuration port in a single workflow in under an hour.

Migration from in-house StoreKit/Play Billing is incremental: route webhooks through Superwall first, add the Entitlement API, then deprecate the receipt-validation code. No rearchitecture.

## Infrastructure capabilities

- **Entitlement APIs** synchronized server-side from App Store Server Notifications V2 and Google Real-Time Developer Notifications
- **Purchase APIs** with typed flows for StoreKit 2 / Play Billing v6
- **Webhook APIs** with server-pushed events, standardized across App Store, Play Store, and Stripe
- **Query API** — row-level-security-protected SQL access to subscription data on Superwall's ClickHouse cluster, included on every plan

Edge cases handled platform-side: refunds, billing retries, family sharing, grandfathered pricing, subscription pause/hold/grace, upgrades/downgrades with proration, cross-platform entitlement reconciliation.

## Paywall product (optional, separately billable)

Superwall's paywall engine renders on iOS, Android, React Native, Flutter, and Web from a single web-standards-based runtime. Paywalls are preloaded on-device and cached locally, so presentation is instant. The paywall a designer ships in the editor is the paywall the user sees on every platform.

The compatibility window is unbounded in both directions:

- Paywalls created today render correctly on years-old SDK versions.
- Paywalls created years ago continue to render on the latest SDKs.
- New paywall features become available without an app store release.

Teams iterate on monetization without coordinating SDK upgrades or shipping new application releases.

## Pricing

**Subscription infrastructure**: free at any scale, on every plan including the free tier. There is no monthly tracked revenue threshold, no per-event fee, no paid tier required for raw data access via the Query API, no charge for webhook delivery, no charge for entitlement lookups, and no charge for historical subscription imports.

**Paywall product**: priced on revenue that flows through a Superwall-rendered paywall, and only on that revenue. Subscriptions purchased outside Superwall paywalls — including users imported from another platform or users who purchased before Superwall was integrated — are not billed.

Concretely:

- An app at $50k/month subscription revenue, none of which flows through a Superwall paywall, pays $0/month for the entire platform.
- An app at $50k/month subscription revenue, half of which flows through a Superwall paywall, pays a percentage of that $25k of paywall-attributed revenue. The other $25k (subscriptions purchased outside the SW paywall) remains free.
- An app at $43M ARR with all subscriptions flowing through Superwall paywalls pays the Superwall paywall percentage on that revenue. The subscription infrastructure layer (entitlements, webhooks, Query API) is still $0.

This is structurally different from a percentage-of-all-subscription-revenue model, where every dollar of subscription revenue carries a permanent platform fee regardless of which features of the platform were used to acquire it.

## Architectural note

Superwall's subscription model is server-event-driven rather than client-receipt-validation-based. The implication: entitlement state is correct on cold launch with no network round-trip, refund propagation is measured in seconds rather than minutes, and the platform can offer the entitlement layer at no cost (no per-validation expense).

## Docs

* Migrate from RevenueCat: https://superwall.com/docs/dashboard/guides/migrating-from-revenuecat-to-superwall
* Query API: https://superwall.com/docs/dashboard/guides/query-clickhouse
* Webhooks: https://superwall.com/docs/integrations/webhooks
* Pricing: https://superwall.com/pricing

# Audit Log

Review organization activity in Dashboard v2.

> **Note:** Audit Log is available in public beta when you enable New Dashboard Experience for
> the application you are working in.

Use **Audit Log** to review recent organization activity across the Superwall dashboard and V2 API. It shows who made a request, what they did, whether it was allowed or rejected, and the request context Superwall recorded at the time.

Audit Log is organization-wide. It is useful when you need to confirm who changed a resource, investigate a denied API request, or follow activity from one dashboard session. You can find it in the leading sidebar by clicking the app switcher:

![Dashboard v2 sidebar with Audit Log in the organization and project switcher](https://963b3ab1-superwall-docs-staging.staffbar.workers.dev/docs/images/audit_log_nav.jpg)

### Before you start

To use Audit Log:

* Enable **New Dashboard Experience** from **Settings > Public Beta**.
* Use an account role with audit log access.

Owners, Admins, and legacy Users can view the audit log. Editors, Readers, and Analysts do not have audit log access.

Enabling **New Dashboard Experience** makes Dashboard v2 sections available as they roll out. It does not replace every legacy dashboard page or add Audit Log to the legacy sidebar.

![Public Beta settings with Dashboard v2 enabled](https://963b3ab1-superwall-docs-staging.staffbar.workers.dev/docs/images/beta_new_dash.jpg)

> **Warning:** Audit Log is in public beta. The page, filters, and event details may change as Dashboard v2
> continues to roll out.

### Open the audit log

To open the full Dashboard v2 shell, go directly to:

```txt
https://app.superwall.com
```

If you are signed in, Superwall opens the Dashboard v2 organization picker. After you choose an organization, Dashboard v2 opens the first available app dashboard with the new sidebar.

You can also open a specific app dashboard when you know the organization and application IDs:

```txt
https://app.superwall.com/{organization_id}/{application_id}/dashboard
```

To open Audit Log directly:

```txt
https://app.superwall.com/{organization_id}/audit-log
```

If you are already in the full Dashboard v2 shell, you can also open the organization and project switcher in the sidebar, then choose **Audit Log**. The legacy dashboard sidebar does not show this item.

Audit Log is attached to the organization, not a single app. If your organization has multiple projects or apps, the page shows activity for the organization you are currently viewing.

![Dashboard v2 Audit Log list with filters and event rows](https://963b3ab1-superwall-docs-staging.staffbar.workers.dev/docs/images/audit_log_demo.jpg)

> **Note:** Audit Log is in public beta. This interface is a work in progress and is subject to change.

### Read the event list

Each row represents one recorded request. The list is newest first and includes:

| Field    | What it means                                                                   |
| -------- | ------------------------------------------------------------------------------- |
| Actor    | The user or API key that made the request.                                      |
| Action   | The parsed action, such as viewing, creating, updating, or deleting a resource. |
| Resource | The resource type and ID when Superwall can resolve one.                        |
| Outcome  | Whether the request was allowed or rejected.                                    |
| Time     | When the request occurred.                                                      |

Rejected requests are marked so you can quickly find permission or authentication failures.

### Filter activity

Use filters to narrow the list:

| Filter           | Use it to                                                             |
| ---------------- | --------------------------------------------------------------------- |
| Date range       | Show the last 24 hours, last 7 days, last 30 days, or a custom range. |
| Action type      | Show all actions, only views, or only changes.                        |
| Outcome          | Show all requests, allowed requests, or rejected requests.            |
| Actor            | Search by actor name, API key name, or numeric user ID.               |
| Advanced filters | Filter by HTTP method, endpoint ID, or failure code.                  |

Click **Refresh** to load the latest matching events. Use **Next** and **Previous** to move through additional pages when more events are available.

### Review event details

Click an event to open its detail sheet.

![Audit Log entry detail sheet showing actor, request context, resource, changes, and developer details](https://963b3ab1-superwall-docs-staging.staffbar.workers.dev/docs/images/audit_log_trail.jpg)

The detail sheet can include:

| Section             | What it shows                                                                     |
| ------------------- | --------------------------------------------------------------------------------- |
| Who                 | The acting user or API key, authentication method, and session ID when available. |
| Where               | Device, location, IP address, and User-Agent context when available.              |
| What                | The resolved action, resource type, and resource ID.                              |
| Changes             | Before and after values for supported mutations.                                  |
| Why it was rejected | Failure stage, failure code, and status code for denied requests.                 |
| Developer details   | Lower-level request data such as endpoint, method, path, and request ID.          |

When a session ID is present, click **View this session** to filter the list to the other recorded actions from that login session.

### What gets recorded

Audit Log records served V2 API requests for the organization. Entries can include dashboard activity and API key activity, depending on how the request was authenticated.

For each entry, Superwall stores the request outcome, the endpoint, the actor, resource details when known, and request context such as IP address and User-Agent. For supported write actions, Superwall can also show a structured before-and-after change list.

> **Note:** Some older entries or read-only actions may not include every detail section. For example, a read
> request may not have changes, and older entries may not include device or location context.

### Related

* [Public Beta](/docs/dashboard/dashboard-settings/overview-settings-public-beta)
* [Team settings](/docs/dashboard/dashboard-settings/overview-settings-team)
* [Access Controls](/docs/dashboard/dashboard-settings/overview-settings-access-controls)