Licenses

Licenses are the core of LicenseChain. Each license represents a valid permission for a user to use your software.

What are Licenses?

A License in LicenseChain is a digital permission that grants a user the right to use your software. Each license contains information about the user, the plan they have, when it expires, and what features they can access.

Licenses are cryptographically secure and can be verified in real-time through our API. They support various license types including perpetual, subscription-based, and trial licenses.

License Structure

Core Properties

License Key - Unique identifier
Plan - License tier (FREE, PRO, BUSINESS, ENTERPRISE)
Verification Type - Verification level (basic, advanced, enterprise)
Status - Current state (ACTIVE, EXPIRED, SUSPENDED)
Expiration - When the license expires

User Information

Issued To - Customer name or company
Email - Customer email address
Features - Available features and capabilities
Metadata - Custom data and tags

License Types

Perpetual Licenses

One-time purchase licenses that never expire. Perfect for desktop applications.

No expiration date
One-time payment
Lifetime access
Perfect for desktop apps

Subscription Licenses

Recurring licenses that require periodic renewal. Ideal for SaaS applications.

Monthly/yearly renewal
Automatic expiration
Recurring billing
Perfect for SaaS apps

Trial Licenses

Time-limited licenses for evaluation purposes. Great for try-before-you-buy.

Limited duration (7-30 days)
Full feature access
Automatic conversion
Perfect for demos

License Verification

Real-time Verification

Verify licenses in real-time with sub-100ms response times. Use POST /v1/licenses/verify with body { "key": "LICENSE-KEY" }. Optional hwuid (or hardwareId) enables hardware binding: when the license has bound device(s), the provided hwuid must match or the response is valid: false with reason: "hardware_id_mismatch".

// License verification example
// Verify license key with client
// Check if license is valid and handle accordingly

Hardware binding (HWUID)

Optional hardware/device binding (HWUID) limits a license to specific devices. Send hwuid in POST /v1/licenses/verify (e.g. from your SDK’s getHardwareId()). If the license has no bound device yet, the first successful verify with a hwuid performs a first-use bind. Use POST /v1/licenses/bind-hardware (authenticated) to bind explicitly, and POST /v1/licenses/validate-hardware to validate key + hardware ID. All official SDKs support optional hwuid in verify and use HMAC-SHA256 with constant-time comparison for webhook signature verification.

License assertion token (offline verification)

After an online POST /v1/licenses/verify, the Core API may return license_token (RS256 JWT), license_token_expires_at, and license_jwks_uri when signing keys are configured on the API. Store the token securely, verify its signature using GET /v1/licenses/jwks, require token_use === "licensechain_license_v1", validate exp and (when you issue per-app licenses) that aud matches your app id. Refresh by calling verify again before expiry; tier affects TTL (lc_vt: basic / advanced / custom). See the Security guide for asymmetric verification and JWKS caching.

Best Practices

Security

Always verify licenses on your server, not just the client
Use HTTPS for all API communications
Implement proper rate limiting to prevent abuse
Log all license verification attempts for auditing
Use device fingerprinting to prevent license sharing

Performance

Cache license verification results when appropriate
Use offline verification for better user experience
Implement proper error handling and retry logic
Monitor API usage and set up alerts
Use bulk operations for multiple license management

User Experience

Provide clear error messages for invalid licenses
Implement graceful degradation for network issues
Show license expiration warnings before they expire
Provide easy license renewal and upgrade paths
Support multiple license types for different use cases