Private beta

Drop-in reviews
for SaaS products.

Star ratings, threaded reviews, reactions, and moderation — embedded in your product with two IDs and a signed JWT. Ship today. revws handles persistence, auth federation, and rendering.

Quickstart

One afternoon, tops.

  1. 1

    Get your keys

    Every product gets a public id (pub_…) and a signing secret (sk_…) in the dashboard. The secret stays on your server; rotate it any time.

  2. 2

    Mint a JWT for your user

    Your users, your identity — revws never owns accounts.

    # Your backend mints a short-lived JWT per signed-in user.
    import jwt, time
    
    token = jwt.encode(
        {
            "iss": "pub_...",            # your product id
            "sub": user.id,               # YOUR user id
            "name": user.display_name,
            "exp": int(time.time()) + 600,
        },
        PRODUCT_SIGNING_SECRET,           # sk_... from the dashboard
        algorithm="HS256",
    )
  3. 3

    Drop the tag

    The widget mounts, fetches the thread, and renders. Theme with one CSS variable.

    <script src="https://cdn.revws.io/v1/widget.js"
            data-product="pub_..."
            data-page="<your page id>"
            data-user-token="<signed JWT>"></script>
    <div id="revws"></div>

What we do

Three ways to integrate.

Widget

One script tag, two IDs, a signed user token. Star ratings, threaded reviews, reactions. Vanilla DOM, grayscale chrome that disappears into your product.

REST API

GET /v1/threads, POST /v1/reviews, POST /v1/reactions. For server-side rendering, custom UIs, mobile clients, and exports.

Webhooks

Roadmap

review.created, review.deleted — signed payloads so your policy engine can act on every event. Not live yet; moderation runs in the dashboard today.

Pricing

Start free. Scale when ready.

Enterprise — contract pricing, per-workspace limits, priority support. Talk to us.

Your team's questions.

These answers run on revws itself — read them, or post your own question below and we'll reply.

FAQ

How does auth federation work?

Your backend signs a short-lived HS256 JWT with your product's signing secret — two IDs and a token, nothing else to wire up. The widget sends it as a bearer on every call, and tokens live at most 15 minutes. Your users never create a revws account, so we never own their identity or email them.

Ready when you are

Reviews shipped before
the next standup.

Private beta — keys granted within a day.