Key Metrics

Revenue & Growth

Signup Timeline

New users per month — last 12 months

Plan Mix

Active subscriptions by tier

Revenue History

MRR trend — last 6 months

Customer Insights

At-Risk Accounts 0 users

Recent Signups 0 users

⚡ Needs Attention 2 blockers

Stripe is on sandbox keys — swap before accepting payments

og-image.png missing — social previews broken on 517 pages

Quick Actions

Open Tickets

—

Urgent / Unresponded

—

Waiting on Client

—

SLA Breaches

—

past threshold

Resolved This Week

—

Resolution Rate

—

all time

#	Client	Subject	Category	Priority	Status	Assigned	Opened	SLA
Loading tickets…

Select a client

Choose a client from the sidebar to view and manage their account.

Total Tickets

—

Open

—

Resolved All-Time

—

SLA Breaches

—

past configured threshold

Resolution Rate

—

Waiting on Client

—

Tickets by Category

Status Distribution

Tickets by Plan Tier

Top Clients by Volume

Load tickets to see data

Agent Workload

No agents configured — add agents in the Settings tab.

Support Agents Agents appear in ticket assignment and workload reporting

No agents added yet.

Add Agent

Canned Responses Available in the ticket reply box dropdown

No custom responses added — default responses are always available.

Add Canned Response

SLA Thresholds Hours before a ticket is flagged as breaching SLA

Urgent (hours)

High (hours)

Normal (hours)

Low (hours)

Email Notifications Configure when your support team receives alerts

New ticket submitted

Any new support ticket from a client

Urgent ticket opened

Ticket priority set to Urgent

SLA breach

Ticket exceeds configured response threshold

Client reply received

Client responds to an existing ticket thread

Customer action

System / DB

Edge function

Database table

Email (Resend)

External API

Stripe

Signup & Onboarding

User submits signup form

→

profiles table

row created

→

send-email fn

→

Resend API

→

Welcome Email

portal link + pixel instructions

→

admin-actions fn

add_pixel action

→

client_pixels table

kp_* pixel ID assigned

→

User completes onboarding checklist

Pixel Tracking & Visitor Identification

Client installs pixel.js on their site

→

Visitor loads page

browser fires pixel.js

→

leads-api fn

reads DB

→

AudienceLab API

IP + fingerprint resolution

→

Enriched visitor record

company, contact, firmographics

→

Portal: Live Feed

appears in real-time

→

Leads table

stored for analysis

→

Alert rules evaluated

company/page/industry match

→

send-email fn

→

Alert Email

to client's alert address

CRM Integration

Client connects CRM

HubSpot or Salesforce

→

crm-connect fn

OAuth token exchange

→

crm_connections table

token stored encrypted

Client saves lead to CRM

→

crm-push fn

kpGate: growth+ required

→

HubSpot / Salesforce API

→

Contact created in CRM

Billing & Subscription (Stripe)

User clicks Upgrade

pricing.html or billing.html

→

stripe-checkout fn

creates Stripe session

→

Stripe hosted checkout

→

Payment succeeds

→

stripe-webhook fn

checkout.session.completed

→

profiles.plan updated

+ stripe_customer_id

→

Confirmation Email

Payment fails

→

stripe-webhook fn

invoice.payment_failed

→

Failed Payment Email

update card CTA

Manages subscription

→

Stripe Customer Portal

cancel / update card

→

stripe-webhook fn

subscription.updated/deleted

→

profiles.plan updated

Support Tickets

Client submits ticket

portal/support.html

→

support_tickets table

→

send-email fn

→

Ticket Confirmation Email

sent to client

→

Admin views ticket

Admin Portal → Support

→

admin-actions fn

send_ticket_reply

→

ticket_replies table

→

Client sees reply

in portal support page

Team Invites

User invites team member

portal/team.html

→

kpGate check

seat limit by plan

→

send-email fn

→

Team Invite Email

7-day accept link

→

Invitee accepts

signs up or logs in

→

team_members table

seat added to account

Automated Email Pipeline

Lifecycle Trigger

signup / alert / ticket / payment

→

send-email fn

selects template

→

Resend API

smtp delivery

→

Delivered to inbox

welcome — signup

alert — visitor match

support_ticket — ticket opened

payment_confirmed — charge success

payment_failed — charge failure

team_invite — seat invite

Kopimore Client Portal — Feature Reference

Everything a client can do inside their Kopimore portal. Use this as a reference when onboarding clients, handling support tickets, or explaining what's included in each plan tier.

Portal Pages

Plan Tiers

Edge Functions

Core Intelligence

📊

Dashboard

app.kopimore.com/dashboard

The main command center showing real-time KPIs, identified visitor counts, conversion metrics, and pipeline value generated from web traffic.

Total identified visitors, companies, and leads
Pipeline value estimation from identified traffic
Visitors by channel (organic, paid, direct, referral)
Top identified companies by visit frequency
Goal completion progress widgets
Quick-access links to live feed and leads

📡

Live Feed

app.kopimore.com/live-feed

Real-time stream of identified visitor activity on the client's website. See exactly who is on the site, what pages they're visiting, and when they arrived — as it happens.

Live visitor identification with company & contact info
Page-by-page session trail per visitor
UTM source, medium, and campaign attribution
Time on page and scroll depth indicators
One-click save to CRM or leads list
Filter by company size, industry, or location

📋

Leads

app.kopimore.com/leads

The full identified leads database. Every anonymous visitor that Kopimore has resolved to a company or contact appears here, enriched with firmographic and contact data.

Sortable/filterable lead table with 20+ data columns
Company name, industry, size, revenue, location
Contact names, titles, emails, and LinkedIn profiles
Visit history, first seen / last seen timestamps
Bulk export to CSV, push to CRM or cold email
Lead scoring and qualification status

📈

Analytics

app.kopimore.com/analytics

Deep-dive analytics across visitor behavior, traffic sources, identification rates, and conversion trends. Built for teams that want to prove ROI and optimize campaigns.

Identification rate over time (% of traffic resolved)
Traffic breakdown by source, medium, and campaign
Top landing pages by identified visitor count
Company size and industry distribution charts
Return visitor rate and session depth analysis
Custom date range and comparison periods

🔍

Saved Searches

app.kopimore.com/saved-searches

Save complex lead filter combinations as reusable searches. Teams can build their ICP filter once and re-run it instantly — no re-entering filters each session.

Save any lead filter combination as a named search
One-click re-run to get updated results
Share saved searches across team members
Convert saved search into an alert to get notified of new matches
Pin top searches to the dashboard sidebar

🎯

Segments

app.kopimore.com/segments

Group identified visitors and companies into dynamic or static segments for targeted outreach, reporting, and routing. Segments update automatically as new leads match.

Build segments by industry, company size, geography, or behavior
Dynamic segments auto-refresh as new leads come in
Static segments for specific target account lists
Push entire segment to cold email or CRM
Segment-level analytics and identification rates

Outreach & CRM

🤝

CRM

app.kopimore.com/crm

A lightweight built-in CRM for managing identified accounts and contacts through a sales pipeline. Keeps outreach organized without leaving the Kopimore portal.

Kanban-style pipeline with customizable stages
Contact and account records enriched from lead data
Activity timeline: notes, emails, calls, tasks
Deal value and close probability tracking
Two-way sync with external CRMs (HubSpot, Salesforce)
Assign leads to team members for follow-up

📧

Email Templates

app.kopimore.com/templates

A library of pre-built and custom outreach templates for different industries, use cases, and funnel stages. Teams save templates for reuse across all cold email campaigns.

50+ pre-built templates organized by use case
Save custom templates with merge tags
Template performance stats (open rate, reply rate)
Share templates across team members
AI-assisted template optimization suggestions

📒

Sales Playbook

app.kopimore.com/playbook

A structured guide for reps on how to action Kopimore leads — which signals to prioritize, how to personalize outreach, and what messaging works for each segment.

Step-by-step outreach playbooks per ICP segment
Signal-to-action mapping (e.g. pricing page visit → demo CTA)
Messaging frameworks for high-intent vs. early-stage visitors
Customizable playbook sections per team

📊

Reports

app.kopimore.com/reports

Downloadable and shareable reports for stakeholder presentations. Generate weekly, monthly, or custom-period reports showing pipeline generated from identified web traffic.

Auto-generated weekly and monthly summary reports
Pipeline value and ROI attribution reports
Export to PDF or CSV for stakeholder sharing
Scheduled email delivery to recipients
Custom date range and segment-specific reports

Automation & Tracking

🔔

Alerts

app.kopimore.com/alerts

Real-time notifications triggered when high-value accounts visit the client's site. Alerts fire via email, Slack, or webhook so reps can reach out while the prospect is hot.

Alert when a target account visits the site
Alert on high-intent page visits (pricing, demo, contact)
Alert on return visit from a previously identified company
Delivery via email, Slack webhook, or custom HTTP endpoint
Alert frequency controls (immediate, digest, daily)
Suppress alerts for existing customers or competitors

🎯

Goals

app.kopimore.com/goals

Set measurable conversion goals tied to visitor behavior — page visits, session depth, return visits — and track progress against monthly or quarterly targets.

Define goals by target company count, pipeline value, or lead volume
Track goal progress on the main dashboard
Goal completion alerts via email or Slack
Historical goal performance by quarter
Team-level vs. individual goal tracking

🔗

Webhooks

app.kopimore.com/webhooks

Send identified visitor data to any external system in real time via configurable webhooks. Power custom automations in Zapier, Make, n8n, or directly into internal tools.

Configure outbound webhooks to any HTTPS endpoint
Event triggers: new lead identified, return visit, high-intent signal
Full JSON payload with all enriched lead fields
Webhook delivery logs with retry on failure
HMAC signature verification for security

Pixel Setup & Configuration

📡

Pixel Management

app.kopimore.com/pixel

The tracking pixel hub. Clients install a single JavaScript snippet and Kopimore begins identifying their anonymous visitors. Manage multiple domains from one place.

Generate unique pixel IDs per domain (kp_…)
Copy one-line embed snippet for any CMS or site builder
Pixel status: active, inactive, pending verification
Real-time pixel health check and last-ping timestamp
Multi-domain support (separate pixels per property)

🏢

Agency Dashboard

app.kopimore.com/agency

For agencies managing Kopimore on behalf of multiple clients. View and switch between client accounts, aggregate reporting, and white-label delivery of insights.

Multi-client account switcher in a single login
Aggregate identification stats across all client sites
White-label report generation for client delivery
Agency-specific billing and seat management

Account, Team & Billing

👥

Team Management

app.kopimore.com/team

Invite teammates to the Kopimore portal with role-based permissions. Sales reps get lead access; managers get analytics; admins control settings and billing.

Invite team members by email with seat allocation
Role permissions: Admin, Manager, Member, View-only
Assign specific lead segments to individual reps
Team-level activity and lead claim tracking
Remove or reassign seats without data loss

💳

Billing

app.kopimore.com/billing

Manage subscription plan, view invoices, update payment method, and track usage against plan limits — all within the portal without contacting support.

Current plan, renewal date, and next invoice amount
Upgrade or downgrade plan with immediate effect
Invoice history and downloadable PDFs
Usage metrics vs. plan limits (visitors, seats, pixels)
Cancel or pause subscription self-serve

⚙️

Account Settings

app.kopimore.com/settings

Profile, notification preferences, integrations, API keys, and data retention settings. The control panel for everything account-wide.

Profile info: name, company, website, timezone
Notification preferences: email digests, Slack, in-app
API key management for custom integrations
CRM integration configuration (HubSpot, Salesforce)
Data retention policy and GDPR controls

🔒

Audit Log

app.kopimore.com/audit-log

A full immutable log of every action taken in the account — logins, exports, settings changes, team invites, and pixel installs. Essential for compliance and security reviews.

Timestamped log of all account events
Filter by user, action type, or date range
Export full audit log to CSV
Login history with IP and device info
90-day or 1-year retention depending on plan

💰

Affiliate Program

app.kopimore.com/affiliate

Clients can earn recurring commission by referring new Kopimore customers. Referral links, payout tracking, and commission history all accessible inside the portal.

Unique referral link with click and conversion tracking
30% recurring commission on referred accounts
Real-time payout balance and payment history
Marketing materials: banners, email copy, social cards
Payout via Stripe — no minimum threshold

Learning & Community

🎓

Kopimore Academy

app.kopimore.com/academy

A full training curriculum teaching clients how to maximize Kopimore — from pixel installation through to advanced outreach playbooks and ROI reporting. 63+ lessons across 8 courses.

8 structured courses from beginner to advanced
63 individual lessons with video + text content
Progress tracking and completion certificates
Course: Visitor Identification Fundamentals
Course: Building High-Converting Outreach with Intent Data
Course: Proving ROI with Kopimore Analytics

💬

Community

app.kopimore.com/community

A peer discussion board where Kopimore clients share strategies, outreach templates, ICP tips, and results. Moderated by the Kopimore team with weekly prompts and AMAs.

Discussion threads organized by topic and use case
Share and discover outreach templates
Weekly expert AMAs with Kopimore team
Success stories and case study submissions
Private groups by industry or company size

Kopimore — Complete Platform Infrastructure

Comprehensive technical reference for developers, support engineers, and team members. Covers the full stack: hosting, database, edge functions, integrations, deployment pipeline, and security model. Last updated May 2026.

System Status

Hosting

SiteGroundOperational

kopimore.comLive

SSL / HTTPSActive

SSH Port18765

Supabase

PostgreSQLOperational

Auth ServiceOperational

Edge Functions8 deployed

Project Refaxenuhcpodpktsntdqxy

CI/CD Pipeline

GitHub ActionsActive

Deploy WorkflowAuto on push

AudienceLab PollEvery 5 min

Repokopimore/kopimore-ai

Tech Stack

Frontend

FrameworkPure HTML/CSS/JS — zero build step, zero dependencies

FontsInter (Google Fonts CDN)

ChartsChart.js 4.4 (cdnjs)

Supabase SDK@supabase/supabase-js v2 (CDN)

HostingSiteGround shared hosting (cPanel)

Deploy Methodrsync over SSH → GitHub Actions auto-deploy on push

Domainskopimore.com (marketing) app.kopimore.com (portal) admin.kopimore.com (admin) — all SSL via SiteGround Let's Encrypt

Shared CSSstyles.css (marketing) portal/portal.css (app.kopimore.com)

Backend (Supabase)

DatabasePostgreSQL 15 (Supabase managed)

AuthSupabase Auth — email/password + magic link

Edge FunctionsDeno 1.x runtime — 8 functions deployed

StorageSupabase Storage (reserved, not yet active)

RLSRow-Level Security enabled on all public tables

Service RoleUsed by edge functions — bypasses RLS

Project URLaxenuhcpodpktsntdqxy.supabase.co

Admin Security

Auth MethodShared password via x-admin-password header

Client StoragesessionStorage['kp_admin_pw'] — cleared on tab close

Env VarADMIN_PASSWORD in each edge function secret

JWT BypassDeployed with --no-verify-jwt

Rotate PWSupabase → Edge Functions → Secrets → ADMIN_PASSWORD

Admin URLadmin.kopimore.com (no public link)

Analytics & Tracking

Google AnalyticsG-57CJ77WZL3 — present on all public pages

Admin GASame tag present on admin portal

Visitor ID SourceAudienceLab API (polled every 5 min)

Client PixelsCustom kp_ + 16-char hex IDs per domain

Pixel Embed<script src="kopimore.com/pixel.js" data-pixel="kp_…">

UTM StorageStored in visitor records: source, medium, campaign, term, content

Edge Functions — Complete Reference

admin-stats /functions/v1/admin-stats x-admin-password GET

Returns all aggregated data powering the admin dashboard. No body required — auth via header only. Response includes: MRR, ARR, ARPU, plan distribution, 12-month signup timeline, at-risk free users (on pro plan 30+ days), recent signups (last 30 days), and the full profiles table. Called on every admin login and on manual refresh.

admin-actions /functions/v1/admin-actions x-admin-password POST

All admin mutations in a single function. Dispatch via the action field in the JSON body. Uses Supabase service role to bypass RLS on all operations.

get_client_details change_plan reset_password add_domain remove_domain verify_domain add_pixel remove_pixel toggle_pixel add_note delete_note suspend update_profile delete_account get_support_tickets update_ticket send_ticket_reply get_ticket_replies assign_ticket update_custom_limits update_support_agent list_al_pixels set_datamoon_pixel

datamoon-webhook /functions/v1/datamoon-webhook SUPABASE_SERVICE_ROLE_KEY POST Scheduled · every 5 min

Polls the AudienceLab API for new visitor identification events and writes them to the Supabase database. Triggered by GitHub Actions on a 5-minute cron (*/5 * * * *). Reads the AudienceLab pixel ID and API key from secrets, fetches new visitor events since last poll, upserts enriched visitor records into the database, and returns HTTP 200 on success. Requires DATAMOON_WEBHOOK_SECRETDATAMOON_PIXEL_IDSUPABASE_URL, and SUPABASE_SERVICE_ROLE_KEY secrets.

push-to-crm /functions/v1/push-to-crm Supabase JWT POST

Pushes an identified lead record from Kopimore into the client's connected CRM (HubSpot, Salesforce, or other). Called by the client portal when a user clicks "Push to CRM" on a lead. Reads CRM credentials from crm_settings for the authenticated user, maps Kopimore lead fields to CRM fields, creates or updates the contact/company record, and returns the CRM record ID. Handles OAuth token refresh automatically for connected integrations.

webhook-ingest /functions/v1/webhook-ingest HMAC Signature POST

Receives inbound webhook payloads from third-party integrations (e.g. Zapier, Make, n8n) and processes them into Kopimore's data model. Verifies HMAC-SHA256 signature on all payloads. Writes events to webhook_events table with full JSON payload, source, and processing status. Supports event types: lead.createdlead.updatedcrm.syncedalert.fired.

send-email /functions/v1/send-email Supabase JWT POST

Sends transactional emails via Resend. Dispatched via the template field in the JSON body. All emails render branded HTML with gradient header, badge system, and callout blocks. From address: kopimore@kopimore.com. Requires RESEND_API_KEY secret.

welcome alert_fired team_invite weekly_digest payment_confirmed payment_failed trial_expiry support_ticket suspension_notice

stripe-checkout /functions/v1/stripe-checkout Supabase JWT POST

Handles all Stripe billing operations for the client portal. Gets or creates a Stripe customer on demand (deduplication by email). Uses inline price_data — no pre-created Stripe products required. Stores stripe_customer_id in profiles. Requires STRIPE_SECRET_KEY secret.

create_checkout customer_portal list_invoices

stripe-webhook /functions/v1/stripe-webhook HMAC Stripe-Signature POST Stripe → Supabase sync

Receives and verifies Stripe webhook events. Syncs subscription state back to profiles table — updates plansubscription_statusstripe_subscription_id, and subscription_current_period_end. Webhook endpoint registered in Stripe as we_1TTOcdCuhgHJrtUSoJ8O2EeI. Requires STRIPE_WEBHOOK_SECRET secret for signature verification.

customer.subscription.created customer.subscription.updated customer.subscription.deleted invoice.payment_succeeded invoice.payment_failed

Database Schema — All Tables (public.*)

Table	Key Columns	Purpose & Notes
profiles	id, name, email, company, website, phone, industry, timezone, plan, subscription_status, stripe_customer_id, stripe_subscription_id, subscription_current_period_end, suspended, suspended_at, pixel_id, datamoon_pixel_id, custom_limits (jsonb), support_agent, created_at, updated_at	One row per user. Mirrors auth.users. plan drives billing tier (free/spark/launch/starter/growth/scale/pro). stripe_customer_id links to Stripe; synced by stripe-webhook. suspended = true blocks portal login and bans in Supabase Auth. pixel_id = Kopimore tracking code (kp_ prefix). datamoon_pixel_id = per-client AudienceLab pixel. custom_limits = admin overrides for plan limits (max_leads, max_alerts, etc.). support_agent = assigned support team member name.
client_domains	id, user_id, domain, verified, added_by, created_at	Domains registered per client. Admin can add, verify, or remove. Clients read their own via RLS. Used for pixel domain validation and multi-site support.
client_pixels	id, user_id, pixel_domain, pixel_id, status (active/inactive/pending), created_at	Pixel configs per client domain. pixel_id auto-generated as kp_ + 16 random hex chars. status controls whether the pixel is actively collecting data.
admin_notes	id, user_id, note, created_by, created_at	Internal admin-only notes about clients. Never exposed to clients. No RLS policy — service role access only. Used by Client Support tab in this admin.
webhook_events	id, user_id, event_type, payload (jsonb), source, status, processed_at, created_at	All inbound and outbound webhook events. Full JSON payload stored for debugging and replay. status: pending, processed, failed. Added user_id in migration 20260430000001.
crm_settings	id, user_id, crm_type (hubspot/salesforce/other), credentials (jsonb), field_mapping (jsonb), enabled, created_at, updated_at	CRM integration config per client. credentials stores OAuth tokens (encrypted). field_mapping maps Kopimore lead fields to CRM fields. Read by push-to-crm edge function.
visitor_events (AudienceLab)	id, user_id, pixel_id, company_name, company_domain, industry, size, location, contact_name, contact_email, contact_title, pages_visited (jsonb), first_seen, last_seen, visit_count, utm_source, utm_medium, utm_campaign, utm_term, utm_content	Core identification data from AudienceLab. Populated by datamoon-webhook every 5 minutes. UTM columns added in migration 20260501. One row per identified visitor session per client pixel.
support_tickets	id, user_id, email, company, subject, description, category, status, priority, assigned_to, created_at, updated_at	Client support tickets. Created by clients via the portal support page or by admin on their behalf. status: open, in_progress, waiting_on_customer, resolved, closed. priority: urgent, high, normal, low. assigned_to = support agent name. RLS: clients see only their own tickets. Added in migration 20260503_admin_support_tables; agent/priority columns added in 20260505_support_enhancements.
ticket_replies	id, ticket_id, message, author, is_admin, created_at	Threaded replies on support tickets. ticket_id foreign key cascades on delete. is_admin = true for replies sent by the support team. RLS: clients can read/write replies on their own tickets. Added in migration 20260503_admin_support_tables.
audit_events	id, user_id, event_type, description, metadata (jsonb), created_at	Client-facing activity audit trail. Surfaced in app.kopimore.com/audit-log.html. Records login events, plan changes, domain adds, pixel events, and CRM syncs. Added in migration 20260504_audit_events.
referrals	id, referrer_id, referred_email, status, reward_amount, created_at, converted_at	Affiliate/referral tracking. Each client has a unique referral code tied to their pixel_id. Surfaced in app.kopimore.com/affiliate.html. Added in migration 20260504_referrals.

Authentication Flow — Full Detail

Step	Detail
1. Signup	User submits /signup.html form. Supabase Auth creates row in auth.users. DB trigger (or portal onboarding) creates matching row in public.profiles with plan = 'free'. Auto-generates pixel_id.
2. Email confirmation	Supabase sends confirmation email with magic link. User must verify before portal login is allowed.
3. Portal login	Client portal at app.kopimore.com/login.html uses Supabase JS SDK. Session JWT stored in localStorage. On load, calls auth.getUser(), then checks profiles.suspended — redirects to error if true.
4. Password reset (client-initiated)	app.kopimore.com/reset-password.html — client enters email, Supabase sends recovery link. User clicks link, sets new password via the recovery page.
5. Password reset (admin-initiated)	Admin → Client Support → select client → Support Tools → Send Password Reset. Calls admin-actions → reset_password. Triggers Supabase to send recovery email to client.
6. Admin access	admin.kopimore.com uses a shared admin password stored in sessionStorage['kp_admin_pw']. Sent as x-admin-password header on every API call. No JWT issued — admin functions deployed with --no-verify-jwt.
7. Suspension	Admin sets suspended = true in profiles AND calls auth.admin.updateUserById with ban_duration: '876000h' (~100 years). Portal login check catches suspended flag. Unsuspend reverses both operations.
8. Token refresh	Supabase JS SDK handles JWT refresh automatically. Token TTL is 1 hour; refresh token TTL is 7 days. If refresh token expires, user must re-login.

CI/CD Pipeline (GitHub Actions)

Deploy to SiteGround Workflow

TriggerPush to main branch

Runnerubuntu-latest

StepsCheckout → SSH key setup → SSH test → rsync deploy

Commandrsync --archive --compress --checksum --delete

Excludes.git/ .github/ .DS_Store node_modules/ deploy.config.sh *.sh

Target 1kopimore.com — marketing site root (REMOTE_PATH)

Target 2app.kopimore.com — portal files from portal/ (PORTAL_REMOTE_PATH)

Target 3admin.kopimore.com — admin files from admin/ (ADMIN_REMOTE_PATH)

Avg Runtime~10 seconds

AudienceLab Poll Workflow

TriggerCron: */5 * * * * (every 5 min)

AlsoManual trigger from GitHub Actions UI

ActionPOST to datamoon-webhook edge function

Timeout10 minutes per run

FailureNon-200 response → workflow fails → GitHub notifies

Avg Runtime~46 seconds

GitHub Actions Secrets

SSH_PRIVATE_KEYRSA/Ed25519 private key matching the public key installed on SiteGround. Used for rsync deploy.Deploy

SSH_HOSTSiteGround server IP address (e.g. 198.54.x.x). Found in cPanel → SSH Keys Manager.Deploy

SSH_PORTSiteGround SSH port — default 18765.Deploy

SSH_USERcPanel username for SiteGround account.Deploy

REMOTE_PATHMarketing site remote path, e.g. /home/USERNAME/public_html/ (kopimore.com root)Deploy

PORTAL_REMOTE_PATHPortal subdomain remote path, e.g. /home/USERNAME/public_html/app.kopimore.com/ — receives portal/ directory contentsDeploy

ADMIN_REMOTE_PATHAdmin subdomain remote path, e.g. /home/USERNAME/public_html/admin.kopimore.com/ — receives admin/ directory contentsDeploy

SUPABASE_URLFull Supabase project URL: https://axenuhcpodpktsntdqxy.supabase.coPoll

SUPABASE_SERVICE_ROLE_KEYService role JWT — bypasses RLS. Found in Supabase → Project Settings → API. Never expose client-side.Poll

Supabase Edge Function Secrets

ADMIN_PASSWORDShared admin password. Set in admin-stats AND admin-actions. Rotate both simultaneously.admin-stats / actions

DATAMOON_WEBHOOK_SECRETDatamoon webhook shared secret for validating incoming identification webhooks.datamoon-webhook

DATAMOON_PIXEL_IDDatamoon pixel/site ID (if required by Datamoon configuration).datamoon-webhook

SUPABASE_URLSupabase project URL — automatically injected into edge functions by Supabase runtime.All Functions

SUPABASE_SERVICE_ROLE_KEYService role key — injected by runtime. Used by all functions to bypass RLS for admin operations.All Functions

WEBHOOK_OWNER_EMAILOptional admin email for owner resolution when pixel_id is unknown.datamoon-webhook

RESEND_API_KEYResend.com API key for sending transactional emails. Required by send-email. Get from resend.com/api-keys.send-email

STRIPE_SECRET_KEYStripe secret key (sk_test_... for sandboxsk_live_... for production). Required by stripe-checkout. Never expose client-side.stripe-checkout

STRIPE_WEBHOOK_SECRETStripe webhook signing secret (whsec_...) from Stripe Dashboard → Webhooks. Used to verify webhook payload authenticity in stripe-webhook.stripe-webhook

Database Migration History

20260430000000_webhook_events.sql Created webhook_events table for inbound/outbound webhook event storage with full JSON payload Applied

20260430000001_webhook_events_user_id.sql Added user_id column to webhook_events for per-client webhook scoping Applied

20260430_audiencelab_columns.sql Added AudienceLab visitor enrichment columns: company, industry, size, contact info, pages visited (jsonb) Applied

20260430_crm_settings.sql Created crm_settings table for per-client CRM integration credentials and field mapping config Applied

20260501_utm_columns.sql Added UTM tracking columns to visitor events: utm_source, utm_medium, utm_campaign, utm_term, utm_content Applied

20260503_admin_support_tables.sql Created support_ticketsticket_replies, and admin_notes tables with RLS policies for client ticket access Applied

20260504000000_team_invites.sql Created team_invites table for multi-seat team member invitation flow with token-based acceptance Applied

20260504000001_profile_extra_columns.sql Added phoneindustrytimezonesuspended_at columns to profiles for enriched client context Applied

20260504_audiencelab_pixel.sql Added datamoon_pixel_id column to profiles for per-client pixel assignment (legacy column name) Applied

20260504_crm_connections.sql Extended crm_settings with connection status tracking and last-sync timestamp columns Applied

20260504_audit_events.sql Created audit_events table for client-facing activity audit trail with event type, description, and metadata columns Applied

20260504_referrals.sql Created referrals table for affiliate/referral program tracking: referrer, referred email, status, reward amount, conversion timestamp Applied

20260504_stripe_profile_columns.sql Added Stripe billing columns to profiles: stripe_customer_idstripe_subscription_idsubscription_statussubscription_current_period_end + indexes Applied

20260505_support_enhancements.sql Added custom_limits (jsonb) and support_agent to profiles; added assigned_to and priority columns to support_tickets for agent assignment and SLA tracking Applied

AudienceLab Integration

How It Works

ProviderAudienceLab — B2B visitor identification network

Poll FrequencyEvery 5 minutes via GitHub Actions cron

Data FlowAudienceLab API → datamoon-webhook fn → Supabase DB

Pixel IDRegistered with AudienceLab as DATAMOON_PIXEL_ID

IdentificationCompany name, domain, size, industry, location

Contact DataName, title, email, LinkedIn (where available)

Debugging Polls

Manual TriggerGitHub → Actions → Poll AudienceLab → Run workflow

View LogsSupabase Edge Function logs (no polling — webhook-driven)

Fn LogsSupabase Dashboard → Edge Functions → datamoon-webhook → Logs

Failure AlertGitHub emails repo owner on workflow failure

Verify DataSupabase → Table Editor → visitor_events → check created_at

Complete File Structure

kopimore-ai/ ← GitHub repo: kopimore/kopimore-ai ├── admin/ ← Deploys to: admin.kopimore.com/public_html/admin/ │ ├── index.html ← Admin SPA (this file) │ └── .htaccess ← Basic auth / access control ├── portal/ ← Deploys to: app.kopimore.com/public_html/ (23 client portal pages) │ ├── login.html ← Portal auth │ ├── dashboard.html ← Main KPI dashboard │ ├── live-feed.html ← Real-time visitor stream │ ├── leads.html ← Full leads database │ ├── crm.html ← Built-in CRM │ ├── analytics.html ← Analytics deep-dive │ ├── alerts.html ← Intent-based alerts │ ├── goals.html ← Conversion goal tracking │ ├── saved-searches.html ← Reusable lead filters │ ├── segments.html ← Dynamic audience segments │ ├── onboarding.html ← Post-signup onboarding wizard │ ├── support.html ← Client support ticket submission & history │ ├── templates.html ← Email template library │ ├── playbook.html ← Sales playbook │ ├── reports.html ← Downloadable reports │ ├── pixel.html ← Pixel management │ ├── team.html ← Team & seat management │ ├── billing.html ← Subscription & invoices │ ├── settings.html ← Account settings │ ├── audit-log.html ← Activity audit trail │ ├── agency.html ← Agency multi-client view │ ├── academy.html ← Training hub │ ├── community.html ← Peer discussion board │ ├── affiliate.html ← Referral program │ ├── reset-password.html ← Password recovery │ ├── portal-nav.js ← Shared portal navigation JS │ └── portal.css ← Shared portal styles ├── supabase/ │ ├── functions/ │ │ ├── admin-stats/ index.ts ← Dashboard stats │ │ ├── admin-actions/ index.ts ← Admin mutations │ │ ├── datamoon-webhook/ index.ts ← Datamoon webhook receiver │ │ ├── push-to-crm/ index.ts ← CRM push integration │ │ ├── webhook-ingest/ index.ts ← Inbound webhook handler │ │ ├── send-email/ index.ts ← Transactional email via Resend │ │ ├── stripe-checkout/ index.ts ← Stripe billing (checkout, portal, invoices) │ │ └── stripe-webhook/ index.ts ← Stripe events → profiles sync │ └── migrations/ │ ├── 20260430000000_webhook_events.sql │ ├── 20260430000001_webhook_events_user_id.sql │ ├── 20260430_audiencelab_columns.sql │ ├── 20260430_crm_settings.sql │ ├── 20260501_utm_columns.sql │ ├── 20260503_admin_support_tables.sql │ ├── 20260504000000_team_invites.sql │ ├── 20260504000001_profile_extra_columns.sql │ ├── 20260504_audiencelab_pixel.sql │ ├── 20260504_audit_events.sql │ ├── 20260504_crm_connections.sql │ ├── 20260504_referrals.sql │ ├── 20260504_stripe_profile_columns.sql │ └── 20260505_support_enhancements.sql ├── .github/workflows/ │ ├── deploy.yml ← Auto-deploy to SiteGround on push │ └── poll-audiencelab.yml ← DEPRECATED: AudienceLab polling removed ├── blog/ ← 100+ blog post pages ├── lp/ ← 35 landing pages ├── academy/ ← 63+ standalone academy lesson pages ├── glossary/ ← Glossary term pages ├── compare/ ← Competitor comparison pages ├── integrations/ ← Integration-specific pages ├── solutions/ ← Solution pages by use case ├── features/ ← Feature detail pages ├── best/ ← Best-of list pages (SEO) ├── local/ ← Local market pages (SEO) ├── switch/ ← Competitor switch pages ├── guides/ ← Long-form guide pages ├── case-studies/ ← Client case study pages ├── index.html ← Marketing homepage ├── styles.css ← Global marketing styles ├── components.js ← Shared JS components ├── pixel.js ← Client tracking pixel script (embed via <script src="kopimore.com/pixel.js" data-pixel="kp_…">) ├── cookie-consent.js ← GDPR cookie consent banner (auto-included by pixel.js) ├── sitemap.xml ← 323+ URLs ├── robots.txt ← SEO robots rules ├── deploy.sh ← Manual rsync deploy script ├── deploy.config.sh ← SSH credentials (never committed) └── watch.sh ← Local file watcher for dev

Plan Pricing Reference

Plan	MRR	ARR	Notes
free	$0	$0	Default on signup. Feature-limited. Converts via upgrade prompt. No pixel data.
spark	$99/mo	$1,188	Entry point paid. 500 visitors/mo, 1 seat. Basic visitor ID and leads.
launch	$249/mo	$2,988	Small teams. Basic visitor ID, leads, alerts.
starter	$749/mo	$8,988	Small teams. Adds analytics, CRM, saved searches.
growth	$1,999/mo	$23,988	Most popular. Adds team seats, segments, webhooks, reports, audit log.
scale	$3,999/mo	$47,988	High-volume. Higher visitor ID limits, advanced analytics.
pro	$6,499/mo	$77,988	Enterprise-adjacent self-serve. Full feature access.
enterprise	$7,500+/mo	$90,000+	Custom pricing. Dedicated CSM, white-glove onboarding, SLA.

Deploy & Operations Runbook

Task	Command / Steps
Deploy website (auto)	Push any commit to main branch — GitHub Actions runs deploy.yml and rsync's to SiteGround automatically in ~10s.
Deploy website (manual)	Configure deploy.config.sh with your SSH credentials, then run ./deploy.sh locally.
Deploy edge function	supabase functions deploy admin-stats --no-verify-jwt --project-ref axenuhcpodpktsntdqxy supabase functions deploy admin-actions --no-verify-jwt --project-ref axenuhcpodpktsntdqxy supabase functions deploy datamoon-webhook --no-verify-jwt --project-ref axenuhcpodpktsntdqxy supabase functions deploy send-email --project-ref axenuhcpodpktsntdqxy supabase functions deploy stripe-checkout --project-ref axenuhcpodpktsntdqxy supabase functions deploy stripe-webhook --project-ref axenuhcpodpktsntdqxy
Run SQL migration	Supabase Dashboard → SQL Editor → New Query → paste migration SQL → Run. Check for errors in the output panel.
Rotate admin password	Supabase Dashboard → Edge Functions → admin-stats → Secrets → update ADMIN_PASSWORD. Repeat for admin-actions. Re-deploy both functions. Update your session.
View function logs	Supabase Dashboard → Edge Functions → select function → Logs tab. Filter by time range and severity.
Trigger manual AudienceLab poll	GitHub repo → Actions → Poll AudienceLab → Run workflow → Run. Check run logs for HTTP status and response body.
Local dev (edge functions)	supabase start → supabase functions serve — Deno runtime locally with local Postgres. Set secrets in .env.local.
Check deployment status	GitHub repo → Actions tab → look for green ✅ on "Deploy to SiteGround" workflow for latest commit.
Roll back a deploy	GitHub → Actions → re-run a previous successful deploy workflow, OR push a revert commit to main.

Common Admin Tasks

Task	Where / How
Change a client's plan	Client Support → select client → Billing & Plan → choose plan → Save Plan
Add a domain for a client	Client Support → select client → Domains → enter domain → Add Domain
Generate a pixel for a client	Client Support → select client → Pixel Tracking → enter domain → Add Pixel → copy embed code
Reset a client's password	Client Support → select client → Support Tools → Send Password Reset Email
Suspend a client	Client Support → select client → Danger Zone → Suspend Account (bans in DB + Supabase Auth)
Unsuspend a client	Client Support → select client → Danger Zone → Unsuspend Account (reverses both)
Add an internal note	Client Support → select client → Internal Notes → type note → Add Note
Update client profile	Client Support → select client → Support Tools → edit name/company/website → Save Profile
Find a user by email	Dashboard → search bar. Or Client Support sidebar search box.
See all free users at risk	Dashboard → "At-Risk Free Users" panel — users on pro plan 30+ days
Filter dashboard by plan	Dashboard → All Users table → click a plan filter chip
Export user list	Dashboard → All Users → use browser developer tools to access window.allUsers array
View & manage support tickets	Client Support → Ticket Inbox tab. Filter by status, priority, agent, or search by subject/email. Click a ticket to view thread, reply, change status/priority, or assign to an agent.
Assign a ticket to an agent	Client Support → Ticket Inbox → open ticket → Assign Agent dropdown → save. Agent must first be added in Support Settings.
Set custom plan limits for a client	Client Support → select client → Account tab → Custom Plan Limits → enter override values for leads/alerts/pixels/seats/CRM/retention → Save Limits. Leave blank to use plan defaults.
Assign a support agent to a client	Client Support → select client → Account tab → Support Agent dropdown → Save Agent. Assigns a named agent as the primary contact for that account.
View support analytics	Client Support → Analytics tab. Shows 6 KPI cards (open tickets, urgent, waiting, SLA breaches, closed this week, resolution rate) and 4 charts: tickets by category, by status, by plan, and top clients by volume. Agent workload bars show per-agent open ticket counts.
Configure SLA thresholds	Client Support → Settings tab → SLA Thresholds. Set response time targets (hours) for each priority level. Saved to localStorage, used by Analytics breach counter.
Add / manage support agents	Client Support → Settings tab → Support Agents. Add agents with name and email. Agents appear in ticket assignment dropdowns and the Analytics workload section.
Add / manage canned responses	Client Support → Settings tab → Canned Responses. Add shortcut labels and response text. Available in the ticket reply box via the Canned Response dropdown.

Third-Party Integrations

Service	Purpose	How Connected	Status
AudienceLab	B2B visitor identification — resolves anonymous site traffic to company and contact data	REST API polled every 5 min via datamoon-webhook edge function + GitHub Actions cron	Active
Google Analytics	Marketing site and portal traffic analytics, conversion tracking	GA4 tag G-57CJ77WZL3 injected in all page <head> via inline script	Active
Supabase	Database, auth, edge functions, real-time subscriptions, storage	Supabase JS SDK client-side; service role key server-side in edge functions	Active
GitHub Actions	CI/CD — auto-deploy on push + scheduled AudienceLab polling	2 workflow files in .github/workflows/; secrets stored in repo Settings → Secrets	Active
HubSpot	Client-side CRM sync — clients push identified leads to their HubSpot	OAuth via crm_settings table + push-to-crm edge function	Per-client
Salesforce	Client-side CRM sync — enterprise clients push leads to Salesforce	Same as HubSpot — crm_type = 'salesforce' in crm_settings	Per-client
Zapier / Make / n8n	Clients automate lead workflows via outbound webhooks	Clients configure endpoints in app.kopimore.com/webhooks.html; webhook-ingest handles inbound	Per-client
Google Fonts	Inter typeface across all pages	CDN link in every <head>	Active
Stripe	Subscription billing — checkout sessions, customer portal, invoice history, webhook events	stripe-checkout + stripe-webhook edge functions. Sandbox keys active; swap to sk_live_... for production. Customer Portal: bpc_1TTOPcCuhgHJrtUShqbMnVSq. Webhook: we_1TTOcdCuhgHJrtUSoJ8O2EeI	Sandbox
Resend	Transactional email delivery — 9 branded templates for lifecycle emails	send-email edge function. API key in RESEND_API_KEY secret. Domain kopimore.com verified — DKIM, SPF, MX all live.	Active
Chart.js	Admin dashboard charts (bar, doughnut)	cdnjs CDN in admin <head>	Active

Security Model

Layer	Mechanism	Notes
Client portal auth	Supabase JWT (email/password)	1-hour token, 7-day refresh. Sessions in localStorage. suspended flag checked on every load.
Admin portal auth	Shared password via HTTP header	Password stored in sessionStorage (clears on tab close). Validated server-side in each edge function.
Database access	Row-Level Security (RLS)	All public.* tables have RLS enabled. Clients can only read/write their own rows. Edge functions use service role to bypass.
Edge function auth	x-admin-password header (admin); JWT Bearer (client)	Admin functions deployed --no-verify-jwt. Client functions verify Supabase JWT.
Webhook signatures	HMAC-SHA256	webhook-ingest verifies signature on all inbound payloads before processing.
Sensitive data	Supabase Edge Function Secrets	API keys, service role key, admin password — never in source code. Injected at runtime.
GitHub secrets	Encrypted repository secrets	SSH credentials, Supabase keys — stored encrypted, only exposed to Actions runners.
CRM credentials	Encrypted jsonb in crm_settings	OAuth tokens stored server-side, never exposed to client JS.
Account suspension	DB flag + Supabase Auth ban	Dual-layer: profiles.suspended checked by portal; ban_duration: '876000h' blocks token issuance at Auth level.

Launch Checklist

Every task needed before Kopimore goes live — tech, GHL / CRM, marketing, legal, and ops.

0 of 0 complete

🔍

Sort by:

Status:

Launch Docs

Audit findings + drafted launch deliverables, ready to read inline

Section:

Core Platform

Service StatusLatencyHTTP

Edge Functions

Function StatusLatencyHTTP

External Integrations

Integration StatusLatencyHTTP

Portal Pages

Page StatusLatencyHTTP

Active Subscriptions

—

Past Due

—

Cancelled (30d)

—

Est. MRR

—

⚠ Issues — Past Due & Unpaid

Account	Plan	Status	Stripe Customer	Action
Loading…

All Paying Accounts

Account	Plan	Status	Team Seats	Stripe
Loading…

Churned Users

—

Churn Rate

—

At Risk

—

Trial Expiring

—

⚠ At-Risk Accounts — Past Due / Unpaid

Account	Plan	Status	Action
Loading…

All Accounts — Retention Overview

Account	Plan	Status	Joined	Action
Loading…

Email Templates

Total Pixels

—

Clients w/ Pixel

—

AL Pixels

—

Unassigned

—

All Client Pixels

Client	Pixel Name	AL Pixel ID	Domain	Status	Created	Actions
Loading…

AudienceLab Account Pixels

All pixels provisioned in your AudienceLab account — assign any to a client.

AL Pixel ID	Name	URL	Assigned To	Action
Loading…

Total Referrals

—

Pending

—

Converted

—

Conversion Rate

—

All Referrals

Referred By	Referral Code	Referred User	Status	Created
Loading…

Admin Audit Log

Tracks admin actions performed in this portal (stored locally)

Time	Action	Target	Detail
No admin actions recorded yet in this session

SEO Tracker — kopimore.com

All front-facing pages audited for title length, meta description, and canonical URL

Show:

How Kopimore Works — Plain English Guide

This page explains every technical piece of Kopimore in plain language — no coding knowledge required. Think of it as a map of all the moving parts, what they do, and what would break if one stopped working.

🗺️ The Big Picture

Kopimore is made up of three separate websites that all work together:

🌐

kopimore.com

The marketing website. Public-facing pages where potential customers learn about the product, read blog posts, compare pricing, and sign up. No login required.

🔐

app.kopimore.com

The customer portal. The private dashboard where paying clients log in to see their visitor data, set up alerts, connect their CRM, and manage their account.

⚙️

admin.kopimore.com

This admin dashboard (the page you're on now). Only you can access this. It's for managing customers, monitoring the system, reviewing the launch checklist, and tracking SEO.

All three are static HTML files hosted on SiteGround and deployed automatically from GitHub whenever a change is made. Behind the scenes, they all talk to the same Supabase database and the same set of edge functions.

🏠 Hosting — SiteGround & GitHub

🏠

SiteGround

Where the files live

SiteGround is the web host — think of it as a storage unit on the internet. All of Kopimore's HTML pages, images, and scripts are stored there. When someone visits kopimore.com, SiteGround sends them those files instantly.

If this goes down: The entire website becomes unreachable. Nobody can view any page.

🔄

GitHub & Auto-Deploy

How changes go live

GitHub is where all the website's code is stored and version-tracked — like a Google Docs revision history for code. Whenever a change is saved to GitHub, a robot (called a "GitHub Action") automatically copies those files to SiteGround within about 2 minutes. This is why changes go live without anyone having to manually upload files.

If this breaks: Changes stop going live. The site still works — it just shows the old version.

🗄️ The Database — Supabase

🗄️

Supabase — The Brain

Stores everything: accounts, visitor data, alerts, tickets, referrals, billing info

Supabase is the database. Think of it as a giant, cloud-based spreadsheet that the entire application reads from and writes to. Every time a customer creates an account, configures an alert, connects their CRM, or a visitor gets identified — that information goes into Supabase.

STORES

Customer accounts & passwords, billing plan, company info, pixel IDs, alert rules, CRM connection details, team members, support tickets, visitor events

HANDLES LOGIN

Supabase also manages the login system. When a customer types their email and password on the signup/login page, Supabase checks if it's correct and issues a secure session token.

SECURITY (RLS)

Each customer can only see their own data — never another customer's — because of "Row Level Security." It's like a padlock on each row of data that only the owner can open.

If Supabase goes down: Customers can't log in, the dashboard shows no data, payments stop processing, and no visitor data is saved. It is the most critical dependency in the entire stack.

⚡ Edge Functions — The Workers

Edge functions are small programs that run in the cloud and do specific jobs when called upon. Think of each one as a specialist on staff — you call them up, they do one task, then hang up. They live inside Supabase and run on demand. Kopimore has the following edge functions:

💳

stripe-checkout

Called when a customer clicks "Upgrade Plan." It asks Stripe to create a secure checkout page for the chosen plan, then sends the customer there. It also handles requests to open the billing portal (where customers manage their subscription).

🔔

stripe-webhook

Stripe calls this function automatically whenever something happens with a payment — subscription activated, payment failed, subscription cancelled, etc. It updates the customer's plan in Supabase and triggers the appropriate email (e.g. "payment failed" warning). Without this, payments would succeed in Stripe but the customer's account in Kopimore would never update.

📧

send-email

Sends transactional emails via Resend. There are 9 email templates it can send: welcome email, alert fired, team invite, weekly digest, payment confirmed, payment failed, trial expiry warning, support ticket confirmation, and account suspension notice. Called by other functions and portal pages whenever an email needs to go out.

👥

crm-connect & crm-push

crm-connect handles the one-time setup when a customer connects their CRM (HubSpot, GoHighLevel, or Zapier). For HubSpot, it exchanges a temporary authorization code for a permanent access token and saves it securely. crm-push does the actual work of sending identified visitor data from Kopimore into the customer's CRM as a new contact or lead.

🔍

leads-api

This is the bridge to AudienceLab — the third-party service that actually identifies which companies are visiting a website. When a customer opens their dashboard, leads page, or analytics page, this function is called to fetch their latest visitor data from AudienceLab's servers and return it in Kopimore's format. It requires the DATAMOON_WEBHOOK_SECRET secret to be set.

🪝

webhook-ingest

Receives raw visitor event data (page views, session data) sent by the pixel.js script on customer websites and stores it in Supabase's visitor_events table. Think of it as the receiving dock where all incoming visitor data gets logged.

🛠️

admin-actions

A secure function that this admin dashboard uses to perform sensitive operations that shouldn't be done directly from the browser — things like deleting a customer account, suspending an account, changing a plan manually, sending a one-off email to a user, and reading pixel health data. Only requests from an authenticated admin session are accepted.

💳 Payments — Stripe

💳

Stripe — Handles All Payments

The industry standard for SaaS billing. Used by millions of companies.

Stripe is the payments company. Kopimore never sees or stores a customer's credit card number — that's handled entirely by Stripe's secure checkout page. Kopimore just tells Stripe "this customer wants to subscribe to the Growth plan" and Stripe handles the rest: collecting the card, charging it monthly, managing refunds, and sending receipts.

🔑 Two Sets of Keys

Stripe has sandbox (test) keys for development — fake money, fake cards — and production (live) keys for real money. Kopimore is currently on sandbox keys. Before launch, the live keys must be set in Supabase's secrets manager. It's like flipping a single switch.

🔔 Webhooks

After a customer pays, Stripe needs to tell Kopimore "the payment worked." It does this by calling Kopimore's stripe-webhook edge function. This is what activates a customer's plan. Without the webhook, Stripe would take money but the customer's account would never upgrade.

Currently blocked: The Stripe sandbox keys must be swapped to production keys before any real customer can pay. This requires logging into the Stripe dashboard, getting the live keys, and adding them to Supabase Secrets.

🔭 Visitor Intelligence — AudienceLab

🔭

AudienceLab — The Core Data Provider

The third-party service that actually identifies which companies are visiting a website

Kopimore's core product promise is "identify anonymous website visitors." AudienceLab is the company that actually makes that identification possible. They maintain a database of 200+ million company profiles matched to IP address ranges. When Kopimore asks "who visited this website?", AudienceLab cross-references the visitor's IP address against their database and returns the company name, industry, employee count, and other firmographic details.

How the data flows:

Visitor hits client's site → pixel.js captures their IP → Sent to AudienceLab → Company name returned → Shows up in customer's dashboard

Critical dependency: Without the DATAMOON_WEBHOOK_SECRET secret set in Supabase, no visitor data appears anywhere in the customer portal. The API key must be obtained from the AudienceLab account and added before launch.

📡 The Tracking Script — pixel.js

📡

pixel.js — The Client's Tracking Code

A small piece of code customers paste into their own website

Every Kopimore customer installs a small snippet of code on their website (similar to how you'd install Google Analytics). This code is the pixel.js script. When a real visitor loads that customer's website, pixel.js silently runs in the background, records the visit (page URL, session duration, referral source, screen size, UTM parameters), and sends all of that information to Kopimore's servers. This is what creates the raw visitor log that AudienceLab then enriches with company data.

📋 WHAT IT COLLECTS

Page URL visited, time spent on page, where they came from (Google, direct, email, social), their screen size, browser language, timezone, and whether they've visited before. It does NOT collect names, emails, or any personal details — just behavioral signals.

🔗 HOW IT'S INSTALLED

Customers copy a 3-line HTML snippet from their Pixel Install page and paste it into their website's code, just before the closing </body> tag. The snippet includes their unique Pixel ID so Kopimore knows which customer's account to credit the visitor to.

📬 Email Delivery — Resend

Resend is the email delivery service. When Kopimore needs to send an email (welcome email after signup, payment confirmation, team invite, weekly report), it uses Resend to actually deliver those emails to the recipient's inbox. Resend ensures emails don't end up in spam, handles retries if delivery fails, and provides delivery reports.

Resend has been configured to send from @kopimore.com addresses with domain verification already completed. The 9 email templates (welcome, alert, invite, digest, payment confirmed/failed, trial expiry, support ticket, suspension) are built into the send-email edge function.

If Resend goes down: Customers still get access, payments still work, and visitor data still flows — but all email notifications stop. New signups won't get a welcome email, payment failures won't send a warning, and team invites won't arrive.

🔗 CRM Integrations — HubSpot, GoHighLevel, Zapier

Kopimore lets customers automatically push their identified visitors into their existing CRM (Customer Relationship Management) tool — the software they use to track sales leads. Three CRMs are supported:

🟠 HubSpot

Uses OAuth — a secure login flow where the customer clicks "Connect" and gets redirected to HubSpot's website to approve the connection. Once approved, Kopimore receives a token it can use to create contacts in HubSpot automatically.

⬛ GoHighLevel

Uses an API key — the customer copies a key from their GoHighLevel account and pastes it into Kopimore's CRM settings. Simpler than OAuth. Kopimore then uses that key to push visitor leads directly into their GoHighLevel pipeline.

⚡ Zapier

A universal connector. Instead of pushing to a specific CRM, Kopimore sends visitor data to a Zapier webhook URL, and Zapier can route it to hundreds of apps (Salesforce, Pipedrive, Notion, Slack, etc.). The customer sets up the Zapier automation on their end.

Note: HubSpot requires one additional setup step before launch — the OAuth redirect URL in the HubSpot developer app must be updated from a localhost URL to https://app.kopimore.com/crm.html. Until this is done, HubSpot connections will fail.

🔧 Configuration Files

📄 supabase-config.js

This file contains two pieces of information needed to connect to the Supabase database: the Project URL (the unique address of Kopimore's database) and the Anonymous Key (a public credential that allows read-only access to data you're allowed to see). Every page in the portal loads this file to know where the database is. It's safe to have these in the code — they're designed to be public; the actual security comes from Supabase's row-level rules.

📄 portal-nav.js

This file powers the sidebar navigation that appears on every portal page. Rather than copying and pasting the same navigation HTML into 29 different pages, it's defined once in portal-nav.js and injected automatically. It also contains the kpGate() function — the feature gating system that checks if a customer's plan allows a specific action, and shows an upgrade prompt if not. It also handles the session check (redirecting to login if the user isn't authenticated).

📄 cookie-consent.js

This file creates the cookie consent banner that appears at the bottom of every marketing page — the "Accept / Decline" bar that GDPR and CCPA laws require for any website that tracks visitors in the EU or California. It records the visitor's choice in their browser's localStorage so it doesn't keep reappearing. It's deployed to all 395+ public marketing pages.

📄 components.js

Similar to portal-nav.js but for the marketing site. It injects the standard site header (logo, navigation links) and footer (links, legal, social) into every marketing page automatically, so there's one place to update them instead of editing hundreds of files. If you ever need to change a footer link or add a nav item site-wide, this is where you'd do it.

🌐 Domain & Subdomains

A domain name like kopimore.com is like the address on an envelope. DNS (Domain Name System) is the postal service that figures out which server to actually deliver requests to. Kopimore uses several subdomains, each pointing to a different server or service:

kopimore.com The main marketing website — hosted on SiteGround, deployed via GitHub Actions

app.kopimore.com The customer portal — same SiteGround hosting, the portal/ folder in the repo

admin.kopimore.com This admin dashboard — same SiteGround hosting, the admin/ folder in the repo

docs.kopimore.com Documentation site — ✓ DNS configured May 13, 2026

status.kopimore.com Uptime/status page — ✓ DNS configured May 13, 2026

sales.kopimore.com Sales portal for outbound team — its own folder in the repo

🔑 Login & Authentication

Authentication is the system that checks who you are when you log in. Kopimore uses Supabase Auth, which handles this entirely. Here's exactly what happens when a customer logs in:

Customer types their email and password on the login page.

The login page sends those credentials to Supabase. Supabase checks the password (which is stored as a scrambled hash — never plain text) and either approves or rejects the login.

If approved, Supabase returns a session token — a long string of characters that acts as a temporary badge proving identity. This token is saved in the browser.

Every portal page checks for this token when it loads (via portal-nav.js). If found and valid, the page loads normally. If missing or expired, the customer is redirected to the login page.

When they log out, the token is deleted from the browser and Supabase invalidates it. Nobody else can use it.

Passwords are never stored in readable form — not even in the database. If a password is forgotten, Supabase sends a reset email and generates a new password hash. Even Kopimore employees cannot see a customer's password.

🔒 Secrets & API Keys

An API key is like a password that lets one service talk to another. Kopimore's edge functions need several of these to communicate with external services. They're stored in Supabase's "Secrets" vault — a secure area separate from the code, so they can't accidentally be published to GitHub. The key secrets are:

STRIPE_SECRET_KEY

Lets Kopimore create checkout sessions and read billing status in Stripe

⚠ Switch to live key

STRIPE_WEBHOOK_SECRET

Verifies that incoming payment notifications actually came from Stripe, not an impersonator

⚠ Re-register for prod

DATAMOON_WEBHOOK_SECRET

Required for every request to AudienceLab's visitor identification service. Without this, no visitor data loads anywhere.

✓ Set

RESEND_API_KEY

Authenticates with Resend's email delivery service when sending any transactional email

✓ Set

HUBSPOT_CLIENT_ID / HUBSPOT_CLIENT_SECRET

Credentials for the HubSpot developer app that powers the OAuth connection flow for customers

✓ Set (redirect URL needed)

Secrets are managed at: Supabase Dashboard → Project Settings → Edge Functions → Secrets. Never paste secrets into code files or send them over email or Slack — they should only ever live in the Secrets vault.

📖 Quick Glossary

HTML file

The raw document that makes up a web page. Like a Word document, but for websites. All of Kopimore's pages are HTML files.

Database

An organised storage system for data — like many spreadsheets linked together. Kopimore's database (Supabase) stores all user accounts, settings, and visitor events.

API

A way for two pieces of software to talk to each other. When Kopimore asks AudienceLab "who visited this site?", it does so via AudienceLab's API.

API Key

A long password that proves to an external service (Stripe, AudienceLab, Resend) that the request is coming from Kopimore and not someone else.

Webhook

A notification sent automatically by one service to another when something happens. Stripe sends Kopimore a webhook when a payment succeeds. It's like a text message between servers.

OAuth

A secure way to let Kopimore access a customer's HubSpot account without knowing their HubSpot password. The customer clicks "Allow" in HubSpot, and HubSpot gives Kopimore a token it can use.

DNS

The internet's address book. When someone types "kopimore.com", DNS translates that name into the actual server address where the files are stored.

Row Level Security (RLS)

A database rule that means each customer can only see their own rows of data, never another customer's. Even if two customers use the same database table, RLS acts as a wall between them.

Edge Function

A small program that runs in the cloud on-demand. Cheaper and faster than running a full server 24/7. Kopimore uses them for tasks like processing payments, sending emails, and pushing data to CRMs.

Session Token

A temporary digital badge that proves you're logged in. Created when you sign in, saved in your browser, checked on every portal page load, and deleted when you sign out.

localStorage

A small storage area inside your web browser. Data saved here stays on that specific device and that specific browser — it's not synced to the server. Clearing browser data wipes it.

Deployment

The process of taking updated code and making it live on the internet. Kopimore deploys automatically via GitHub Actions — push a change to GitHub, and it's live on the website within ~2 minutes.

Estimated Company Valuation

—

Based on current ARR × revenue multiples

MRR basis:

Updated: —

Gross MRR

—

At-Risk MRR

—

Net New MRR

—

Churn Rate

—

Paid Customers

—

MRR by Plan —

Plan	Customers	MRR	% of Total
Loading…

Assumptions & Overrides

Paid Customers from live data

MoM Growth Rate from live data

Monthly Churn Rate from live data

Effective MRR for valuation

—

ARR

Annual ARPU

—

Implied LTV

—

LTV / CAC Ratio

—

ARR Multiple Scenarios

Scenario	Multiple	Valuation
Loading live data…

12-Month MRR Projection

Based on current growth rate

Fundraising Milestones Track progress toward key valuation thresholds

Valuation History

No snapshots yet — save one above

P&L Summary

Monthly Operating Costs

Revenue vs. Cost (Lifetime)

Total Revenue (MRR × months)Calculating…

Stripe Processing Fees (~3%)—

Fixed Costs (est.)—

Gross Margin—

Runway Estimate

Current MRRLoading…

Monthly Burn (fixed)—

Cash RunwayCalculating…

Break-even Threshold—

Customer Activation Checklist

Customer	Plan	Pixel Installed	First Lead	CRM Connected	Billing Active	Health
Loading customer data…

Traffic by Channel

Organic Search

65%

Direct

18%

Referral

10%

Social

Paid Ads

💡 Connect Google Analytics 4 to see live traffic data. Above shows placeholder data.

Campaign Tracker

Campaign	Channel	Status	Leads
Blog SEO — Visitor Intelligence	Organic	Active	—
Competitor Compare Pages	Organic	Active	—
Product Hunt Launch	Social	Planned	—

Page	Type	Est. Visits/mo	Conversion
/	Homepage	—	—
/blog/	Blog index (104 posts)	—	—
/compare/	Competitor pages	—	—
/solutions/	Industry verticals	—	—

Customer	Type	Records	Notes	Submitted	Status
Loading…

Intent Search Request

GHL API Key

Location ID

Loading GHL stats…

Recent Transactions

Contact	Amount	Status	Date
Loading…

Customers

Name	Email	Phone	Tags / Status	Added
Loading contacts…

Abandoned Checkouts

Orders started but not completed

Contact	Product	Amount	Status	Date
Loading…

Subscriptions

Contact	Plan	Status	Amount
Loading…

Transaction History

Contact	Amount	Status	Date
Loading…

Launch Checklist

How Kopimore Works — Plain English Guide

Workflows

Intent Search Request

Recent Transactions

Customers

Abandoned Checkouts

Subscriptions

Transaction History