LicenseKit Overview
Use this section to understand where LicenseKit fits before you wire it into your product, billing flow, or CRM.
Who This Is For
- developers evaluating LicenseKit for desktop, on-prem, edge, installable, plugin, firmware, model, or data products
- teams connecting Stripe, HubSpot, Pipedrive, Zoho CRM, or a custom commerce workflow to license fulfillment
- AI coding agents wiring licensing into an application
- operators who need runtime enforcement plus customer/order visibility, reporting, and exports
When To Use This
Start here if you need to understand the product shape before picking a deeper guide.
The current product posture is suitable for active development and live trial usage. Do not describe it as broadly production-proven at scale without new evidence.
Positioning
LicenseKit is the post-sale access layer for software and digital IP.
The commercial system closes the deal or payment. LicenseKit creates the access state, enforces it at runtime, and preserves the evidence needed by support, customer success, finance, and compliance workflows.
The normal loop is:
- define what you sell as products, policies, features, seats, device limits, versions, and usage rules
- connect the system where the sale happens, such as Stripe, HubSpot, Pipedrive, Zoho CRM, or your own API workflow
- create customer, order, subscription, and license records linked to that external source
- validate access from the protected product
- inspect activity, customer summaries, license audits, usage ledgers, settlement views, and frozen exports
How It Works
LicenseKit is an API-first licensing, fulfillment, and reporting backend with three distinct auth surfaces:
| Surface | Header | Use it for | Success envelope |
|---|---|---|---|
| Management | Authorization: Bearer <token> | products, policies, customers, orders, subscriptions, licenses, devices, events, webhooks, reporting | {data, meta} |
| Runtime | Authorization: License <license-key> | activation, validation, check, consume, deactivate, offline issuance, floating leases | {data, signature, meta} |
| System | none | /health, /healthz, /readyz, /metrics, /api/v1/system/public-keys | endpoint-specific |
The shortest path to a direct API integration is:
- create or load a management key with the minimum scopes required for setup
- create a product and policy
- issue a license
- validate or check that license from the protected application
- verify the runtime signature against
GET /api/v1/system/public-keys
Use these pages next:
- Quickstart for the fastest end-to-end path
- CRM And Commerce Integrations if license issuance starts from Stripe, HubSpot, Pipedrive, or Zoho CRM
- Agent Quickstart for automation and AI-agent workflows
- Auth And Scopes before creating scoped API keys
- Runtime Verification before shipping an in-app runtime integration
- Licensing Models to choose the right policy shape
- SDK Overview to pick a first-party client library
Example
This is the minimum runtime shape to keep in mind:
import {
PublicKeyStore,
RuntimeClient,
SystemClient,
verifyRuntimeResult
} from "@licensekit/sdk";
const baseUrl = "https://api.licensekit.dev";
const runtime = new RuntimeClient({
baseUrl,
licenseKey: process.env.LICENSE_KEY!
});
const system = new SystemClient({ baseUrl });
const result = await runtime.validateLicense({
body: { fingerprint: "host-123" }
});
const publicKeys = await system.listPublicKeys();
const verification = await verifyRuntimeResult(
result,
new PublicKeyStore(publicKeys.data)
);
if (!verification.ok) {
throw new Error("runtime signature verification failed");
}Common Mistakes
- sending a management bearer token to runtime routes
- treating runtime signature verification as optional
- guessing required scopes instead of reading
x-required-scopesfromapi/openapi.yaml - describing reporting exports as live reruns instead of frozen artifacts
- treating orders and subscriptions as a billing engine instead of linked external records
- treating a CRM deal or Stripe payment as the license itself instead of the source event that creates license state