🛡️
LicenseChain

License Verification Guide

Learn how to implement secure license verification in your application with best practices and examples.

Overview

License verification is the process of validating that a user has a valid license to use your software. This guide covers everything you need to know to implement secure, reliable license verification.

What You'll Learn

Implementation

  • Basic license verification setup
  • Online vs offline verification
  • Error handling and retry logic
  • Performance optimization

Security

  • Server-side verification
  • Client-side security measures
  • Anti-tampering techniques
  • Rate limiting and abuse prevention

Basic Implementation

1. Install the SDK

Start by installing the LicenseChain SDK for your preferred programming language. 

# JavaScript/TypeScript
npm install @licensechain/sdk

# Python
pip install licensechain

# PHP
composer require licensechain/sdk

2. Initialize the Client

Set up the LicenseChain client with your API credentials. 

// Import LicenseChain SDK
// Initialize client with API credentials
// Ready to verify licenses

3. Verify a License

Implement basic license verification with proper error handling. 

// Verify license function
// Check if license is valid
// Handle success and error cases
// Return verification result

Verification Types

LicenseChain provides three levels of verification based on your account tier. Each tier offers different security features and validation capabilities.

Basic Verification

Free Tier

Simple status and expiration checks. Perfect for basic license validation needs.

  • ✓ License status validation
  • ✓ Expiration date checking
  • ✓ Basic security checks

Advanced Verification

Pro Tier

Enhanced security with rate limiting, device fingerprinting, and usage tracking.

  • ✓ All basic checks
  • ✓ Rate limiting (100/hour per license)
  • ✓ Device fingerprinting
  • ✓ IP and user agent logging
  • ✓ Usage tracking

Enterprise Verification

Business/Enterprise Tier

Maximum security with custom verification rules, IP/domain whitelisting, and advanced logging.

  • ✓ All advanced checks
  • ✓ IP address whitelisting
  • ✓ Domain whitelisting
  • ✓ Custom validation rules
  • ✓ Detailed metadata and logging

Custom Verification Rules (Enterprise)

Enterprise tier users can create custom verification rules to enforce additional security:

IP Whitelist Rules

Restrict license verification to specific IP addresses. Only requests from whitelisted IPs will be accepted.

Domain Whitelist Rules

Restrict license verification to specific domains. Only requests from whitelisted domains will be accepted.

Custom Validation Functions

Create custom validation logic for advanced use cases. Rules can be app-specific or global.

Security Best Practices

Server-Side Verification

  • Always verify licenses on your server, not just the client
  • Use HTTPS for all API communications
  • Implement proper authentication and authorization
  • Log all verification attempts for auditing
  • Use rate limiting to prevent abuse

Client-Side Security

  • Obfuscate license verification code
  • Use code signing to prevent tampering
  • Implement anti-debugging measures
  • Validate license data integrity
  • Use secure storage for cached license data

Anti-Tampering

  • Use device fingerprinting to prevent license sharing
  • Implement hardware-based licensing when possible
  • Monitor for suspicious usage patterns
  • Use encrypted communication channels
  • Implement license revocation mechanisms