stubkit docs

Fastest path · 10 minutes to working Pro check

Setup with an AI coding assistant

Stubkit publishes a machine-readable OpenAPI spec and well-structured docs. Any modern AI coding assistant with web-read + code-edit access can read both and scaffold a complete integration for your app — SDK init, purchase sync, entitlement gating, webhook wiring, the works.

What you’ll need

  1. An admin API key (sk_live_...) from app.stubkit.com/account/api-keys. Pick Secret, name it ai-setup, grant admin:*.
  2. A publishable key (pk_live_...) from the same page — Publishable, scope read:entitlement + write:purchases + track:events.
  3. Your provider credentials already connected in Integrations (or plan to let the AI do it via API).

Paste this into your AI assistant

Copy the block below, replace the two keys + your platform, and paste as your first message. The assistant will fetch the OpenAPI spec, read the relevant docs, and propose the changes.

I'm integrating stubkit (subscription management for Apple App Store /
Google Play / Stripe) into my app. Please help me set it up end-to-end.

## My stack
- Platform: [iOS Swift / Android Kotlin / React Native / Flutter / web]
- App ID in stubkit: your-app-id
- Backend framework: [Node + Express / Go / FastAPI / Workers / none]
- Auth provider: [Supabase / Clerk / Auth0 / Firebase / custom]

## Credentials (do NOT commit these)
- Publishable key (safe for client): pk_live_xxxxxxxxxxxxxxxxxxxxxxxxxx
- Admin key (server only): sk_live_xxxxxxxxxxxxxxxxxxxxxxxxxx

## Reference material to read before editing code
- OpenAPI spec: https://docs.stubkit.com/openapi.yaml
- Getting started: https://docs.stubkit.com/getting-started
- SDK docs: https://docs.stubkit.com/getting-started/ios  (or /android, /flutter)
- Tenant JWT: https://docs.stubkit.com/getting-started/tenant-jwt
- Entitlement concept: https://docs.stubkit.com/concepts/entitlements
- Webhook setup: https://docs.stubkit.com/webhooks/apple  (+ /google, /stripe)

## What I want you to do
1. Install @stubkit/js (or the native SDK for my platform).
2. Wire up a `stubkit` client with the publishableKey + a getAuthToken
   callback that returns a tenant JWT. If my auth provider is Supabase /
   Clerk / Auth0 / Firebase, use its existing session token.
3. Add a server endpoint that mints tenant JWTs (only if custom auth).
4. Replace my existing "isPro" / "isPremium" / paywall gate with
   `stubkit.isActive(userId, 'pro')`.
5. Add a purchase-completion hook that calls stubkit.syncPurchase.
6. Print a final checklist of things I still need to do manually in the
   Apple / Google / Stripe dashboards (webhook URLs, product registration).

Before writing code, summarize your plan and ask me to confirm.

Tips for best results

  • Tell the assistant your stack. "I use Supabase" or "I use Clerk" saves a lot of back-and-forth.
  • Let it read docs first. Claude Code / Cursor will fetch the URLs above; don’t paste snippets — link the real docs so it gets current info.
  • Point it at your existing paywall gate. "My current isPro() function is in src/lib/subscriptions.ts — replace the body with stubkit."
  • Revoke the ai-setup key after. Dashboard → API Keys → revoke. You can always mint a new one if you need to iterate.

What NOT to do

  • Don’t paste the sk_live_ key into any tool you don’t trust with server access. Local Claude Code / Cursor is fine; random web chatbots are not.
  • Don’t let AI commit the keys — it will try to. Keep a .env.local and add it to .gitignore before you start.
  • Don’t skip the manual provider-dashboard steps (Apple webhook URL, Play service-account grant, Stripe endpoint). The AI will list them but can’t perform them — those live on provider websites, not in your code.

Works in any AI coding editor

The same prompt works across assistants that have web-read and code-edit permission on your repo. Paste it into whichever you already use. If you don’t have one yet, common choices include Claude Code, Cursor, GitHub Copilot Chat, Windsurf, Cline, Aider, Continue — all accept the same prompt.

The output varies per tool but the structure is the same: plan → diff → final checklist. A working “is this user Pro?” call in your existing code within 10–20 minutes, assuming your auth provider is already set up.