How CreatifyHQ Uses Social Network APIs

High‑Level Architecture

CreatifyHQ is a multi‑tenant SaaS built with a micro‑service backend and a web dashboard. Users connect their social accounts via OAuth. We store only the minimum tokens required to publish the posts they explicitly create or schedule.

• Front‑end SPA (Next.js / React) served from app.creatifyhq.com.
• Backend API at api.creatifyhq.com handles auth and scheduling.
• Background workers send posts at the scheduled time via each platform’s API.

Typical User Flow

1. User connects a social account

• User clicks “Connect [Platform]” in the CreatifyHQ dashboard.
• We redirect the user to the official OAuth authorization URL.
• The user logs in directly with the social network and grants permissions.
• We receive an authorization code and exchange it for an access token.
• Tokens are stored encrypted and scoped to that single user.

2. User creates content

• Inside CreatifyHQ, the user writes a post or generates copy using AI.
• The user chooses target platforms (for example, Facebook page, Instagram business account, X profile).
• The user clicks “Publish now” or selects a future date and time.

3. Our backend publishes the post

• At publish time, a background worker calls the platform’s official API.
• We pass only the content that the user created (text, media URLs, metadata).
• We store returned IDs (post IDs, error codes) for analytics and status.

Data We Access and How We Use It

Across all integrations we follow three core principles:

• Minimal scope – we only request scopes needed to publish and show analytics.
• No resale – we never sell or share user data with third parties.
• User control – users can disconnect any social account at any time.

Examples of data we may access:

• Basic profile information (name, profile picture) – used to label connected accounts.
• Page or channel IDs – used to let the user choose destinations.
• Post performance metrics (impressions, likes, comments) – used for analytics dashboards.