Key Features of GBP Reviews Assistant

1. Effortless OAuth Onboarding

  • Secure, streamlined Google OAuth 2.0 authentication
  • Automatically scopes only business.manage, with refresh-token handling
  • Works with both individual Organization-level refresh tokens (after client invite) and client-supplied tokens

2. Reliable Reviews Retrieval

  • Fetch reviews via /reviews?locationId=… endpoint
  • Automatically handles pagination and filtering by timestamp
  • Full JSON response with review text, timestamp, rating, reply history

3. One-Click Reply to Reviews

  • /reply endpoint allows posting or updating replies
  • Built-in rate-limiting per-location (adheres to Google's 10 writes/min rule)
  • Automatic retries for transient errors (e.g. rate-limit or 401 tokens)

4. Organization & Location Group Support

  • Manages multiple locations through Organization or Location Group tokens
  • Cross-location API calls with single OAuth grant
  • Batch review queries across multiple locations

5. Fully Metered Billing via Stripe

  • Usage-based pricing: pay per review-fetch or reply
  • Automatic metering via Stripe's UsageRecord.create
  • No manual counters or billing headaches

6. Lightweight & Fast

  • FastAPI-based Python app, optimized for Fly.io deployment
  • Stateless REST endpoints with async handling
  • Responds in under 200 ms for cached queries

7. Secure by Design

  • OAuth tokens encrypted at rest; data-in-transit secured via HTTPS
  • Data retention transparency: reviews are cached temporarily (≤ 30 days)
  • Per-customer tenant isolation

8. Built for Automation Platforms

  • OpenAPI spec and SDK-friendly endpoints for easy integration
  • Ready-to-use n8n / Make.com workflow examples and templates
  • Webhook-ready for downstream systems (e.g. Slack, CRM updates)

9. Developer-Friendly & Extendable

  • API documentation with examples for cURL, Python, and JS
  • SDK-friendly endpoints for rapid integration into custom apps
  • Plans to offer SDKs/packages in Python and JavaScript

10. Compliant and Transparent

  • Fully audited OAuth flow in line with Google API Terms
  • Supports sensitive-scope verification with documented privacy policy & terms
  • Customers can revoke access anytime; data deletion policy in place