ProductSignals API — Prod checklist

API for product reliability analysis based on publicly available sources (Trustpilot, Reddit, ArnaqueOuFiable, Gridinsoft).

Current version: v1 (Changelog).

Infrastructure

• 1 VM is enough for low/medium usage (scale up if crawl concurrency increases).
• Nginx reverse-proxy → Kestrel
• HTTPS only

Security

• Firewall: open only 80/443
• Disable SSH password auth
• API key required for POST /v1/product-signals (X-API-Key)
• Monthly quota per API key (plan)

Billing (public)

• Public checkout: POST /v1/billing/public/checkout-session
• Stripe Checkout collects customer email.
• Client + API key are created after payment (Stripe webhook).
• API key is revealed once on success via session_id (temporary store, TTL).

Health / monitoring

• Monitor CPU/RAM, request count, 429 rate, 5xx rate
• Track Stripe webhook delivery (must be 200)

Logs

• Keep logs lean: avoid storing request bodies, API keys, and customer secrets.

Docs Pricing