Request body
json
{
"license_key": "XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX",
"fingerprint": "abc123-machine-fingerprint",
"metadata": {
"email": "user@example.com",
"platform": "macos"
}
}API Endpoint
POST /activate
Bind a license key to a fingerprint. Usually the first runtime call after key entry.
POST /activate
Endpoint context
Use these endpoints for license lifecycle operations. /generate and /revoke require a generated active server API key. Runtime endpoints use license_key plus fingerprint.
- Checks revoked/expired state and activation limits.
- Creates or confirms an activation for the fingerprint.
- Returns a non-valid status with reason when activation is denied.
bash
curl -X POST http://localhost:8080/activate \
-H "Content-Type: application/json" \
-d '{
"license_key": "XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX",
"fingerprint": "abc123-machine-fingerprint",
"metadata": {
"email": "user@example.com",
"platform": "macos"
}
}'Response body
json
{
"valid": true,
"status": "active",
"license_key": "XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX",
"fingerprint": "abc123-machine-fingerprint",
"expires_at": "2026-10-20T12:00:00Z",
"reason": ""
}Response field types
valid
boolean
Whether activation succeeded for this fingerprint.
status
"inactive" | "active" | "revoked"
License status returned by activation logic.
license_key
string
License key provided in the request.
fingerprint
string
Fingerprint evaluated for activation.
expires_at
string | null
RFC3339 timestamp when the license expires, or null when it does not expire.
reason
string (optional)
Present on denied activations (for example revoked, expired, activation_limit_reached).
Error codes
400
Invalid JSON, missing required fields, or invalid metadata.
404
License not found.
500
Unexpected server or storage error.