OAuth Permissions Explained

Google OAuth

Used to sign in (optional) and to connect Google Ads and Google Analytics 4. We request read/manage access only for Google Ads customers and GA4 properties you select. We use tokens to list accessible accounts, sync reporting metrics, manage conversion actions you authorize, and upload conversions with gclid/gbraid/wbraid and hashed customer data per your settings.

• We do not access Gmail, Drive, or unrelated Google services.
• You can revoke access in Google Account → Security → Third-party access.

Meta / Facebook Login for Business

Used to connect ad accounts, pixels, and Conversions API. Permissions typically include ads_read, ads_management (where needed for conversion setup), and business_management for assets in your Business Manager. We send server events only for pixels and accounts you configure.

• We do not post to your personal timeline on your behalf.
• Revoke in Business Settings → Integrations.

TikTok OAuth

Used to connect TikTok For Business advertisers and Events API. Permissions allow reading campaign performance and sending events to your TikTok Pixel / Events Manager configuration.

• Revoke in TikTok Ads Manager → Authorized apps.

Token storage

Refresh tokens are encrypted at rest. Access tokens are short-lived and refreshed automatically. Disconnecting deletes stored tokens for that integration.