Question
- What do I need to do before sending my app to Thinkific for review?
Solution
Before submitting your app to Thinkific, please:
- Thoroughly review the App Submission Guidelines
- Completely fill in all of your app's details in the Partner Portal
The App Submission form requires the following:
Admin
- The name of the app (as you'd like it to appear in the Thinkific App Store)
- The email address you use to log into the Partner Portal
- The name of your company (as you'd like it to appear in the Thinkific App Store)
- If you are submitting multiple apps, please ensure this name is consistent
Function
- An overview of your app's value proposition from a Thinkific course creator’s perspective
- A description of your app's functionality, including any scopes/endpoints used to accomplish this
- The app install URL
Incorrect install flow is the number one reason that an app submission is denied. Please confirm that your app uses the correct installation flow before submitting your app.
- Instructions on how to set up your app, including:
- Configuration details
- Guidance on how to set up test 3rd party accounts (such as Stripe)
- The price range of your app. Include whether it has:
- A free trial period (if so, how long is it)
- A free price tier
- How you will provide support for your app (support email address / forms / chat / etc)
- A link to your app's support documentation (for more, see App Documentation)
Security
- A description of how you've ensured your app is protected against cross-site request forgery attacks, cross-site scripting attacks, and other security vulnerabilities
- Whether or not your app is served over HTTPS using a valid SSL certificate
- Whether or not your app is persisting Access Tokens.
- If yes:
- How are they being stored?
- How are they being encrypted?
- Who has access to this data?
- What controls are in place to protect the confidentiality and integrity of the tokens?
- If no:
- Are you persisting them in the browser? If yes, then how?
- Are you using the OAuth PKCE flow?
- If yes:
- The processes you've put in place to ensure the security of our customers' data
- Whether your app stores salted password hashes instead of actual passwords (as described on OWASP)
Important Considerations
You can submit your App Submission form to Thinkific here.