🛡️
LicenseChain

Complete API Reference

Authentication

All API requests require authentication using your API key in the Authorization header:

Authorization Bearer your-api-key

Rate Limiting

API requests are rate limited to ensure fair usage:

  • 1000 requests per hour
  • 100 requests per minute
  • Burst limit: 10 requests per second

Rate limit information is included in response headers:

  • X-RateLimit-Limit-Hourly - Hourly limit
  • X-RateLimit-Remaining-Hourly - Remaining requests this hour
  • X-RateLimit-Reset-Hourly - Unix timestamp when limit resets
  • Similar headers for Minute and Second

Health Check

GET /v1/health

Check API health status. No authentication required.

{
  "status": "ok",
  "timestamp": "2024-01-01T00:00:00.000Z",
  "version": "1.0.0",
  "service": "LicenseChain API"
}

Authentication Endpoints

POST /v1/auth/register

Register a new user account.

Request:

{
  "email": "user@example.com",
  "password": "securepassword",
  "name": "John Doe"
}

Response:

{
  "id": "user_id",
  "email": "user@example.com",
  "name": "John Doe",
  "token": "jwt_token_here"
}

POST /v1/auth/login

Login with email and password.

Request:

{
  "email": "user@example.com",
  "password": "securepassword"
}

Response:

{
  "id": "user_id",
  "email": "user@example.com",
  "name": "John Doe",
  "token": "jwt_token_here"
}

GET /v1/auth/me

Get current authenticated user information.

Requires: Authentication

Response:

{
  "id": "user_id",
  "email": "user@example.com",
  "name": "John Doe",
  "tier": "pro",
  "role": "user"
}

POST /v1/auth/logout

Logout current session.

Requires: Authentication

Response:

{
  "message": "Logged out successfully"
}

Application Management

GET /v1/apps

List all applications for the authenticated user.

Requires: Authentication

Response:

{
  "apps": [
    {
      "id": "app_id",
      "name": "My App",
      "slug": "my-app",
      "description": "App description",
      "apiKey": "api_key_here",
      "createdAt": "2024-01-01T00:00:00.000Z",
      "updatedAt": "2024-01-01T00:00:00.000Z"
    }
  ]
}

GET /v1/apps/:id

Get application details by ID.

Requires: Authentication

POST /v1/apps

Create a new application.

Requires: Authentication

Request:

{
  "name": "My App",
  "slug": "my-app",
  "description": "App description"
}

PUT /v1/apps/:id

Update an application.

Requires: Authentication

DELETE /v1/apps/:id

Delete an application.

Requires: Authentication

License Management

POST /v1/licenses/verify

Verify a license key (public endpoint, no authentication required).

Request:

{
  "key": "LC-XXXXXX-XXXXXX-XXXXXX"
}

Response (Valid):

{
  "valid": true,
  "status": "ACTIVE",
  "expiresAt": "2025-12-31T23:59:59Z",
  "email": "user@example.com",
  "verificationType": "enterprise",
  "metadata": {
    "ipAddress": "192.168.1.1",
    "userAgent": "Mozilla/5.0...",
    "verifiedAt": "2024-01-01T00:00:00.000Z",
    "advancedChecks": true
  }
}

Response (Invalid):

{
  "valid": false,
  "reason": "License key not found",
  "status": "EXPIRED|REVOKED|SUSPENDED"
}

GET /v1/apps/:appId/licenses

List all licenses for an application.

Requires: Authentication

Response:

{
  "licenses": [
    {
      "id": "license_id",
      "appId": "app_id",
      "key": "LC-XXXXXX-XXXXXX-XXXXXX",
      "plan": "PRO",
      "status": "ACTIVE",
      "issuedTo": "John Doe",
      "issuedEmail": "user@example.com",
      "expiresAt": "2025-12-31T23:59:59Z",
      "createdAt": "2024-01-01T00:00:00.000Z",
      "updatedAt": "2024-01-01T00:00:00.000Z"
    }
  ],
  "total": 1
}

POST /v1/apps/:appId/licenses

Create a new license.

Requires: Authentication

Request:

{
  "appId": "app_id",
  "plan": "PRO",
  "issuedTo": "John Doe",
  "issuedEmail": "user@example.com",
  "expiresAt": "2025-12-31T23:59:59Z"
}

GET /v1/licenses/:id

Get license details by ID or license key.

Requires: Authentication

Response:

{
  "id": "license_id",
  "appId": "app_id",
  "key": "LC-XXXXXX-XXXXXX-XXXXXX",
  "licenseKey": "LC-XXXXXX-XXXXXX-XXXXXX",
  "plan": "PRO",
  "status": "ACTIVE",
  "issuedTo": "John Doe",
  "issuedEmail": "user@example.com",
  "email": "user@example.com",
  "expiresAt": "2025-12-31T23:59:59Z",
  "createdAt": "2024-01-01T00:00:00.000Z",
  "updatedAt": "2024-01-01T00:00:00.000Z"
}

PATCH /v1/licenses/:id

Update a license.

Requires: Authentication

Request:

{
  "expiresAt": "2025-12-31T23:59:59Z",
  "status": "ACTIVE"
}

PATCH /v1/licenses/:id/status

Update license status.

Requires: Authentication

Request:

{
  "status": "ACTIVE|INACTIVE|SUSPENDED|REVOKED|EXPIRED"
}

DELETE /v1/licenses/:id

Delete a license.

Requires: Authentication

Webhook Management

POST /v1/webhooks

Create a webhook.

Requires: Authentication

GET /v1/webhooks

List all webhooks.

Requires: Authentication

GET /v1/webhooks/:id

Get webhook details.

Requires: Authentication

PUT /v1/webhooks/:id

Update a webhook.

Requires: Authentication

DELETE /v1/webhooks/:id

Delete a webhook.

Requires: Authentication

POST /v1/webhooks/:id/test

Test a webhook.

Requires: Authentication

Analytics Endpoints

GET /v1/analytics/stats

Get overall statistics (Admin only).

Requires: Authentication, Admin role

GET /v1/analytics/revenue

Get revenue analytics.

Requires: Authentication

GET /v1/analytics/licenses

Get license analytics.

Requires: Authentication

GET /v1/analytics/users

Get user analytics.

Requires: Authentication

Error Responses

All errors follow a consistent format:

{
  "error": "Error message",
  "message": "Detailed error description",
  "code": "ERROR_CODE"
}

Common HTTP Status Codes:

  • 400 - Bad Request (invalid input)
  • 401 - Unauthorized (missing/invalid authentication)
  • 403 - Forbidden (insufficient permissions)
  • 404 - Not Found (resource doesn't exist)
  • 429 - Too Many Requests (rate limit exceeded)
  • 500 - Internal Server Error