Developer & Marketplace Policies

These Developer & Marketplace Policies (the "Developer Policies") govern your access to and use of the application programming interfaces, developer tools, documentation, and sandbox environments made available by AWRA OpsHub ("AWRA", "we", "us", or "our") (collectively, the "APIs"), and the listing or distribution of any application or integration through the AWRA OpsHub Marketplace.

By requesting API credentials, calling the APIs, or submitting an application for listing, you (the "Developer", "you", or "your") agree to these Developer Policies, together with our Terms of Service, Privacy Policy, Data Processing Agreement, and — where you participate in the partner program — our Partner Terms. If you are acting on behalf of an organization, you represent that you have authority to bind it. If you do not agree, do not access the APIs or list in the Marketplace.

1. Definitions

• "Application" (or "Integration", "App") means any software, integration, connector, or service you build that interacts with the APIs or is listed in the Marketplace.
• "Credentials" means API keys, client IDs/secrets, tokens, and other access materials issued to you.
• "Customer" means an AWRA OpsHub customer organization; "End User" means an individual authorized by a Customer.
• "Customer Data" means any data belonging to a Customer or End User that you access, receive, or process through the APIs.
• "Marketplace" means the AWRA OpsHub app marketplace where Applications are listed.

2. Developer Accounts & Credentials

To access the APIs you must register for a developer account and obtain Credentials. You are responsible for all activity under your Credentials. You must keep secrets confidential, never embed them in client-side code or public repositories, rotate them if compromised, and notify us promptly of any suspected exposure or unauthorized use. We may issue, scope, throttle, rotate, or revoke Credentials at our discretion, including for security reasons.

3. License to Use the APIs

Subject to your continuous compliance with these Developer Policies, AWRA grants you a limited, revocable, non-exclusive, non-transferable, non-sublicensable license to access and use the APIs solely to develop, test, and operate your Application and to integrate with AWRA OpsHub for Customers who have authorized your Application. This license grants no rights to AWRA's source code, and no ownership of the APIs or platform.

4. Acceptable Use

You must not, and must not permit others to:

• Use the APIs to build or train a product that replicates, competes with, or substitutes for AWRA OpsHub, or to benchmark for a competitor.
• Reverse engineer, decompile, or attempt to derive source code, except to the extent that restriction is prohibited by law.
• Scrape, harvest, cache, or retain data beyond what is necessary to operate your Application, or build an independent database from API data.
• Circumvent rate limits, authentication, quotas, or any technical or security control.
• Introduce malware, attempt to gain unauthorized access, probe or test the vulnerability of any system without written authorization, or interfere with the integrity or performance of the platform.
• Use the APIs for unlawful, deceptive, infringing, or harmful purposes, or in violation of any third party's rights.

5. Rate Limits & Fair Use

The APIs are subject to rate limits, quotas, and fair-use thresholds that we may publish and change. You must design your Application to handle throttling, errors, retries with backoff, and pagination gracefully, and to avoid unnecessary polling. We may throttle, suspend, or block traffic that threatens platform stability or other users, with or without notice in an emergency.

6. Data Protection & Privacy

Customer Data is owned by the Customer. With respect to Customer Data you access through the APIs:

• You may access and process it only as necessary to provide your Application to the authorizing Customer, and only for purposes the Customer and End Users have consented to.
• You must apply data minimization — request and retain only the data you need, for only as long as you need it.
• You must not sell Customer Data, use it for advertising or unrelated profiling, or share it except with sub-processors bound by equivalent obligations and disclosed to the Customer where required.
• You must comply with applicable data-protection laws and with our Privacy Policy and Data Processing Agreement, acting as an independent controller or as a processor of the Customer as applicable.
• You must delete Customer Data on request, on loss of authorization, or on termination, except where retention is legally required.
• You must notify AWRA and affected Customers without undue delay of any security incident affecting Customer Data, and cooperate with investigation and remediation.

7. Security Requirements

You must implement and maintain security measures appropriate to the data you handle, including encryption of data in transit and at rest, secure secret storage, the principle of least privilege, access logging, timely patching, and a documented vulnerability-management process. You must request only the OAuth scopes your Application genuinely needs, and must present clear, accurate consent screens to End Users. AWRA may require a security review and may suspend access pending remediation of identified risks.

8. Authentication, Scopes & Consent

Where the APIs use OAuth or similar delegated authorization, you must honor the granted scopes, refresh and revoke tokens correctly, and never request broader access than your Application uses. Customers and End Users may revoke access at any time, and you must immediately cease accessing their data when access is revoked.

9. Marketplace Listing Requirements

To list an Application in the Marketplace, your listing must:

• Accurately describe what the Application does, what data it accesses, and how it uses that data; metadata, screenshots, and claims must not be misleading.
• Provide a working support contact and a clear privacy policy for the Application.
• Disclose pricing transparently, including any fees you charge End Users.
• Meet our content standards — no unlawful, infringing, deceptive, or offensive content, and no functionality hidden from review.
• Remain functional and compatible with current supported API versions.

10. Review, Approval & Listing

Listings are subject to review. We may approve, reject, request changes to, re-review, reclassify, suspend, or remove any listing at our discretion, including for security, legal, quality, accuracy, or Customer-protection reasons. Approval or listing does not constitute an endorsement, certification of security, or warranty of your Application. You remain solely responsible for your Application and its support.

11. Branding & Trademarks

Subject to any brand guidelines we provide, AWRA grants you a limited, revocable, non-exclusive license to use AWRA's approved names and logos solely to indicate compatibility and to market your listed Application. You must not imply that AWRA developed, owns, endorses, or guarantees your Application, register confusingly similar marks or domains, or use AWRA's marks in a misleading manner. All goodwill from use of AWRA's marks inures to AWRA.

12. Fees, Revenue Share & Payouts

Listing in the Marketplace is currently offered without a listing fee, except as stated for specific programs. Where an Application is monetized through AWRA, the applicable revenue-share, billing, taxes, clawbacks, and payout mechanics are those set out in your Partner Terms or a separate written agreement. You are responsible for your own taxes and for the accuracy of your payout details. AWRA may change Marketplace commercial terms on a prospective basis.

13. Developer Support Obligations

You are responsible for supporting your Application and its End Users, including triaging issues, maintaining compatibility, and responding to reasonable support and security inquiries within a commercially reasonable time. Persistent unaddressed defects, security issues, or support failures are grounds for suspension or delisting.

14. Versioning, Deprecation & Changes

The APIs evolve. We may add, change, deprecate, or remove endpoints, fields, scopes, and behaviors. We will endeavor to provide reasonable advance notice of breaking changes and deprecations through our developer channels, but we may make changes without notice where necessary for security, legal compliance, or platform integrity. You are responsible for keeping your Application current; continued use after a change constitutes acceptance.

15. Intellectual Property

You retain ownership of your Application (excluding any AWRA materials). AWRA retains all rights in the APIs, the platform, documentation, and its marks. You grant AWRA a license to use, host, display, and distribute your listing content and marks as necessary to operate the Marketplace and promote listed Applications. Any feedback you provide may be used by AWRA without restriction or obligation.

16. Disclaimer of Warranties

The APIs, developer tools, sandbox, and Marketplace are provided "as is" and "as available", without warranties of any kind, express or implied, including merchantability, fitness for a particular purpose, and non-infringement. AWRA does not warrant that the APIs will be uninterrupted, error-free, or that any feature will remain available.

17. Limitation of Liability

To the fullest extent permitted by law, AWRA will not be liable for indirect, incidental, special, consequential, exemplary, or punitive damages, or for lost profits, revenue, data, or business, arising out of or relating to the APIs or Marketplace. AWRA's total aggregate liability arising out of or relating to these Developer Policies will not exceed the greater of (a) the total fees you paid to AWRA for API or Marketplace access in the three (3) months preceding the claim, or (b) USD 100.

18. Indemnification

You agree to indemnify, defend, and hold harmless AWRA and its officers, employees, and agents from and against any claims, damages, losses, liabilities, and expenses (including reasonable legal fees) arising out of or related to your Application, your use of the APIs, your handling of Customer Data, your listing, your breach of these Developer Policies, or your violation of any law or third-party right.

19. Suspension, Delisting & Termination

You may stop using the APIs and request delisting at any time. AWRA may suspend your access, remove your listing, or terminate these Developer Policies immediately for breach, security or legal risk, harm to Customers or the platform, or prolonged inactivity. On termination, your license to the APIs and to AWRA's marks ends, you must cease accessing the APIs and Customer Data, and you must delete Customer Data except where retention is legally required. Sections concerning data protection, confidentiality, IP, disclaimers, limitation of liability, indemnification, and governing law survive.

20. Compliance, Export & Anti-Corruption

You must comply with all applicable laws, including data-protection, consumer-protection, anti-spam, export-control, economic-sanctions, and anti-bribery laws. You represent that you are not located in, or a resident of, any comprehensively sanctioned jurisdiction and are not on any applicable restricted-party list.

21. Order of Precedence

These Developer Policies supplement AWRA's Terms of Service and, where applicable, the Partner Terms. If you have a separately signed developer, ISV, or marketplace agreement with AWRA, that signed agreement controls where it directly conflicts with these Developer Policies as to its subject matter.

22. Changes to These Policies

We may update these Developer Policies from time to time. Material changes will be communicated through our developer channels or by email. Changes apply prospectively; continued use of the APIs or Marketplace after a change takes effect constitutes acceptance.

23. Contact

Questions about these Developer Policies, API access, or Marketplace listing can be sent to [email protected]. To explore current integrations, visit the App Marketplace.

Last updated: June 17, 2026