Security
ReviewOps is built to keep Amazon seller authorization data server-side and protected.
Current safeguards
- Login with Amazon is used for seller authorization.
- Seller Central passwords are never requested or stored by ReviewOps.
- Amazon refresh tokens are encrypted before storage.
- Backend credentials are stored as environment variables, not in browser code.
- Production services run over HTTPS.
Data access
ReviewOps requests only the Amazon access needed for review solicitation workflows and related seller dashboard functionality. We avoid broad roles unless they are necessary for the product.
Reporting issues
Security questions or vulnerability reports can be sent to support@reviewops.app.