Developer verification (not-KYC)
We manually verify that the person registering controls the addon they claim. We do not perform government ID verification or full KYC.
Goals
- Reduce impersonation and malware integrations.
- Give end users confidence that addon identifiers in logs map to real projects we vetted at least once.
Information we collect
Exact fields are finalized in product, but we expect:
- Human identity: contact email (for updates on verification status and addon-related concerns in the future), name (known name in the community so we don't have to call you "bro" or "sis").
- Addon identifier: unique slug (e.g.
stremio-debrid-search-xyz). You can input whatever, but it'll be used to identify your addon in future - Ownership evidence (one or more):
- Public source repository URL where we can see the addon manifest or README referencing Relaygate integration.
- Hosted verification: specific path on a domain tied to the addon returning a nonce we assign.
- Other signals operators agree on (signed release artifacts, etc.).
Workflow
- Developer submits application in dashboard.
- Status → pending / under review.
- Operator checks evidence; may request more info via email.
- Approve → we issue or activate developer API secret (shown once) and lock addon identifier.
- Reject → we record reason (internal) and notify developer.
After approval, your developer secret is used on every canonical API request via X-Relaygate-Addon-Secret.
Re-review
If an addon is sold or transferred, we may require a new application or identifier rotation. If we detect abuse, we revoke approval and disable secrets immediately.