What BYOK means
In BYOK, Bring Your Own Keys, you register your own developer app on each
platform (Meta, X, TikTok, LinkedIn) and give Dravo its client_id and
client_secret. Dravo uses those credentials to run the OAuth flow and to
publish on your behalf. Dravo is never the account holder.
You manage these app configs in the dashboard or through
OAuth apps. For each provider Dravo shows the exact
redirect_uri you must register and the scopes it will request.
Why BYOK
Most publishing tools act as a shared middleman: every customer posts through the same app. That means shared rate limits, exposure to that one app being suspended, and pricing that scales with your post volume.
BYOK flips this:
- Your own rate limits, straight from the platform.
- Your own direct relationship with each network.
- Flat pricing for the plumbing, not a markup per post.
- No single point of failure across unrelated customers.
How credentials are stored
Your client_secret and the per account access tokens are encrypted at rest
with AES-256-GCM, bound to your user identity as associated data. They are only
decrypted in memory at publish time. Secrets are never returned by the API; a
created OAuth app or API key shows its secret once and never again.
App review is yours
Because the developer app is yours, any App Review or audit a platform requires is done by you, against your app. Dravo submits nothing on your behalf.
A useful nuance: for publishing to your own accounts you often do not need full
review (you can act as an admin or tester of your own app in development mode).
TikTok is the strict exception: an unaudited app can only post privately
(SELF_ONLY) even to your own account, so public posting requires you to pass
TikTok's audit. See the per network notes for details.