Request body
json
{} (no request body; use optional query parameters page, page_size, q, and status)API Endpoint
GET /management/licenses
List issued licenses with pagination, search, status filtering, and aggregate status counts.
GET /management/licenses
Endpoint context
Use these endpoints from internal tooling or your frontend backend to inspect licenses, manage slug policy templates, provisioning API keys, webhook endpoint configuration/logs, and offline JWT signing keys. Management routes require the management bootstrap key configured via MANAGEMENT_API_KEYS or MANAGEMENT_API_KEY.
- Requires management API key auth.
- Supports optional query parameters: page, page_size, q, and status.
- page defaults to 1; page_size defaults to 10 and is capped at 100.
- status may be inactive, active, revoked, or expired.
- q searches license key, slug name, and metadata text; max length is 256 characters.
- active_seats is derived from active activation rows at request time.
- last_validated_at is the latest validation timestamp across this license's activations.
bash
curl -sS "http://localhost:8080/management/licenses?page=1&page_size=10&q=user@example.com&status=active" -H "Authorization: Bearer management_key_dev_123456"Response body
json
{
"licenses": [
{
"id": "2f4d7c2c-9e2f-4d7e-932c-b2e5c1d92f01",
"license_key": "XXXXXX-XXXXXX-XXXXXX-XXXXXX-XXXXXX",
"slug": "pro-monthly",
"status": "active",
"metadata": {
"email": "user@example.com",
"external_customer_id": "cus_123"
},
"max_activations": 3,
"active_seats": 1,
"offline_enabled": true,
"offline_token_lifetime_hours": 24,
"expires_at": "2026-10-20T12:00:00Z",
"created_at": "2026-04-20T12:00:00Z",
"activated_at": "2026-04-21T09:30:00Z",
"last_validated_at": "2026-04-21T10:45:00Z",
"revoked_at": null
}
],
"pagination": {
"page": 1,
"page_size": 10,
"total": 1,
"total_pages": 1
},
"counts": {
"total": 1,
"active": 1,
"inactive": 0,
"revoked": 0,
"expired": 0
}
}Response field types
licenses
array
Page of issued license records.
licenses[].id
string
Stable internal license id.
licenses[].license_key
string
Issued license key.
licenses[].slug
string
Slug used when the license was generated.
licenses[].status
"inactive" | "active" | "revoked" | "expired"
Display status. Expired is derived from expires_at for non-revoked licenses.
licenses[].metadata
object
Metadata stored on the license.
licenses[].max_activations
number
Seat limit snapshotted from the slug at generation time.
licenses[].active_seats
number
Current active activation count.
licenses[].offline_enabled
boolean
Whether the license's slug currently allows offline token issuance.
licenses[].offline_token_lifetime_hours
number
Current offline JWT lifetime configured on the license slug, in hours.
licenses[].expires_at
string | null
RFC3339 expiration timestamp, or null when the license does not expire.
licenses[].created_at
string
RFC3339 creation timestamp.
licenses[].activated_at
string | null
RFC3339 timestamp when the license first became active.
licenses[].last_validated_at
string | null
Most recent activation validation timestamp for this license.
licenses[].revoked_at
string | null
RFC3339 timestamp when the license was revoked.
pagination
object
Current page, page_size, total result count, and total_pages.
counts
object
Aggregate counts for total, active, inactive, revoked, and expired licenses.
Error codes
400
Invalid page, page_size, search length, or status filter.
401
Missing or invalid management API key.
500
Unexpected server or storage error.