API Reference

License API

These endpoints cover license issuance and runtime lifecycle checks. Use this section for generate, revoke, activate, validate, and deactivate behavior.

Need operator routes instead? See the dedicated Management API page.

Use these endpoints for license lifecycle operations. /generate and /revoke require a generated active server API key. Runtime endpoints use license_key plus fingerprint.

POST/generate

Create a new license for a slug. Intended for trusted backend systems after payment success.

Requires a generated active server API key.
Supports Idempotency-Key for safe webhook retries.
Resolves slug expiration policy at generation time and stores expires_at on the license.

Open full endpoint page

bash

curl -X POST http://localhost:8080/generate \
  -H "Authorization: Bearer <generated_server_api_key>" \
  -H "Idempotency-Key: evt_123" \
  -H "Content-Type: application/json" \
  -d '{
    "slug": "default",
    "metadata": {
      "email": "user@example.com",
      "external_customer_id": "cus_123",
      "external_order_id": "ord_456"
    }
  }'