esc close · switch
One pipe in. None out.

We connect to one thing, on purpose.

A deliberately small surface — one OAuth into Google Ads, plus the operational connections required to run a SaaS. And a clean list of everything we don't touch. If you came here looking for an integrations marketplace, this is the wrong page on the wrong website.

Inbound · the one that matters Google Ads OAuth Read your campaigns, ad groups, keywords, conversions, Quality Score, PMax assets. Write bids, budgets, and negative keywords — only when you turn auto-apply on.
Operational · what runs the SaaS Stripe · Anthropic · OpenAI · Email Billing, the AI providers behind the agent, and transactional email. None of these touch your ad data; none of them are user-facing integrations to brag about.
Outbound to your stack Nothing. No GTM. No GA4. No Microsoft Ads, Meta, Amazon. No Search Console. We don't pretend a marketplace exists where one doesn't.
02 · Real, shipped, in production

What Lyra actually connects to.

Six connections. One does the work — Google Ads. Five run the company. Each one is named, scoped, and explained in plain language. Sub-labels are mono so you can scan; descriptions are sentences because trust isn't a checklist.

01 · The one that matters OAUTH 2.0 · READ + WRITE (OPT-IN)

Google Ads

The only meaningful pipe in. You grant per-account access through Google's standard OAuth flow; we hold a refresh token and read campaign data on a schedule. Writes are off by default, opt-in per account, and reversible from the change-history feed inside the app.

Per-account scope Refresh token · encrypted at rest Revocable from Google

We read

  • Campaigns, ad groups, ads
  • Keywords + search-term reports
  • Conversion data (incl. imported)
  • Quality Score components
  • Performance Max asset performance
  • Bid history + change log
  • Account-level budget pacing

We write

  • Bid adjustments
  • Daily budgets
  • Negative keywords
  • Campaign + ad-group status
Only when auto-apply is enabled per account. Every write is logged in the customer-facing change history and can be rolled back from there.
What we do NOT do

We don't download or store creative assets. We don't make campaign-level structural changes — we won't rename, restructure, or merge your campaigns. We don't create new campaigns, period. If a workflow would require any of those, the agent stops and asks you to do it.

Google Sub-MCC

Agency · read
OAuth · Manager account

Lets agency users link a manager account so all sub-accounts show up in Lyra without re-OAuthing each one. Cross-account feed and reporting; no write permissions at the manager level.

Auth · OAuth 2.0 (manager-level grant)

Stripe

Billing · webhooks
Checkout · Customer portal

Hosted checkout for the trial signup, customer portal for plan changes and card updates, webhook events for trial-active / trial-end / payment state. Card numbers never touch our servers.

Auth · Stripe API key (secret, server-side)

Anthropic Claude

LLM · outbound
Primary · Claude Sonnet 4.6

Primary LLM for the Lyra Agent — recommendations, chat, pattern extraction, classification. Lyra-side API key. We pay for the AI; you pay for Lyra. User keys not supported, on purpose.

Auth · Anthropic API key (Lyra's, not yours)

OpenAI

LLM · fallback
GPT-5 · Text-Embedding-3-Small

Fallback LLM when Claude is unavailable, plus embeddings for similarity search via pgvector. Same arrangement: Lyra-side key, no bring-your-own.

Auth · OpenAI API key (Lyra's, not yours)

Transactional email

Outbound · operational
Signup · Trial · Digest · Reset

Signup confirmations, trial-ending reminders (day 7 / 12 / 14), daily digests, password resets. Operational only — no marketing emails are sent through this channel.

Auth · Provider API key (server-side)

That's the whole list.

Six connections · total

No marketplace. No partner directory. No "supported integrations" tab in the dashboard. Six pipes, one of which actually touches your ad data, and we just told you which.

End · of · list
03 · Commonly assumed, not actual

What Lyra doesn't connect to.

The bug in the old /integration/ page was listing GTM, GA4, and Slack as "integrations." None of them are. Here's the truthful list — every row is something a prospect or customer has asked us about, and every clarification is the actual reality.

Google Tag Manager
Not connected

We don't read or write container tags. If your conversion tracking lives in GTM, it ends up in Google Ads as a conversion — and we read it from there.

Google Analytics 4
Not connected

We never touch GA4 sessions, audiences, or events directly. GA4 conversions imported into Google Ads are visible to Lyra via the Google Ads API — that's the only path.

Microsoft Ads · Meta · Amazon Ads
Not supported

Google Ads only, on purpose. The product is built around one channel's quirks and we'd rather be excellent on one than mediocre on four.

Google Search Console
Not connected

Not connected today, not on the near roadmap. If you want SEO insight blended with paid, we're not your tool.

Your own LLM API key
Not supported

The AI provider is Lyra-side. Lyra pays for the AI; you pay for Lyra. Bring-your-own-keys is a different product shape and we're not building it.

A public Lyra API
Doesn't exist

There is no Lyra API for your team to integrate with. If a feature on a comparison page implied otherwise, the comparison page was wrong.

! If you came here looking for an integrations marketplace, we're the wrong vendor — and we'd rather you knew now.
04 · In staging, gated honestly

Soon, not yet.

Two things are scaffolded in the codebase but aren't shipped to customers. Listing them so you can plan, with no date attached. Every forward-looking item gets an IN STAGING chip — never a "Coming soon."

In staging Scaffolded · not shipped

Slack notifications

Wired up in the backend, not yet exposed to customers. When it lands, it'll surface daily-digest summaries and trial-end alerts into a Slack channel of your choice. We're not promising a date because we don't have one.

Backend · ✓ · Webhook handshake · ✓ · Customer-facing UI · pending
Partial · shipping in stages Phase 1 live

Agency cross-account reporting

Recommendations feed is live across sub-accounts. Cross-account budget pacing and consolidated health scoring are in flight — usable in private beta, not in the marketing surface yet.

Recs feed · ✓ · Budget pacing · in beta · Health roll-up · pending
05 · Trust-tail

Security & data.

The exact rules for how OAuth tokens are stored, what leaves your account, where the database lives, and what happens when you delete. Short by design. Anything aspirational has been cut.

01 · Token storage

Encrypted at rest. Per-user, per-account.

OAuth refresh tokens live in Postgres, encrypted at rest. Each token is scoped to the user that granted it and the Google Ads account it was granted for — no shared keys, no global service accounts.

Revocable from Lyra settings, or directly from your Google account
02 · What leaves your account

Read-only by default. Writes are opt-in and logged.

Reads are scheduled and cached. Writes — bid changes, negative keywords, status flips — happen only when you've enabled auto-apply, are recorded in the customer-facing change history, and can be rolled back from there.

Every write · logged · reversible · attributable
03 · Data residency

Database on Railway. AI calls go out from there.

Postgres + pgvector run on Railway. AI provider calls go to Anthropic and OpenAI. We don't ship customer data to any other vendor — no analytics warehouses, no enrichment services, no third-party CRMs.

Zero third-party data brokers in the chain
04 · Deletion

Cancel + delete. 30 days. Done.

When you cancel and request deletion, all OAuth tokens are revoked and account data is purged within 30 days. Stripe retains its customer record per its own retention policy — that's a Stripe concern, not ours, and we've separated it on purpose.

30 days · purge window · token revocation · immediate
// Security claims on this page are lossless against the running production system as of v.2.6.0. If anything changes, this page changes first — before the changelog, before the docs.
Read the privacy policy Email security@lyrappc.com
14-day free trial · No credit card · Cancel in one click

Run the audit.
Keep the findings.

Connect your account and let Lyra run its 18 tools for 14 days. If the projected waste recovery isn't worth at least 10× the $49, don't pay. You keep every insight either way.

Start 14-day free trial

Read-only connect · write access opt-in per tool · SOC 2 in progress · GDPR + CCPA compliant