API Authentication
The Licenz API uses API keys for authentication. All requests must include your API key in the header.
API Keys
Generate API keys from the Dashboard → Settings → API Keys.
Keep your API keys secure
Never commit API keys to source control. Use environment variables or secrets management.
Authentication Header
Include your API key in the Authorization header:
curl https://api.licenz.io/v1/licenses \
-H "Authorization: Bearer YOUR_API_KEY"API Key Types
| Type | Permissions | Use Case |
|---|---|---|
| Admin | Full access | Dashboard, management scripts |
| Read-only | Read licenses, products | Reporting, monitoring |
| Verify-only | Verify licenses only | Client applications |
Base URL
| Environment | URL |
|---|---|
| Production | https://api.licenz.io/v1 |
| Self-hosted | https://your-domain.com/api/v1 |
Request Format
All requests should:
- Use HTTPS (HTTP requests will be rejected)
- Send JSON bodies with
Content-Type: application/json - Include the
Authorizationheader
curl -X POST https://api.licenz.io/v1/licenses \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"product_id": "prod_abc123",
"email": "customer@example.com",
"type": "subscription"
}'Response Format
All responses are JSON with consistent structure:
Success Response
{
"data": {
"id": "lic_xyz789",
"key": "LIC-XXXXX-XXXXX-XXXXX",
"product_id": "prod_abc123",
"status": "active",
"created_at": "2024-01-15T10:30:00Z"
}
}Error Response
{
"error": {
"code": "invalid_api_key",
"message": "The API key provided is invalid or expired",
"status": 401
}
}Error Codes
| HTTP Status | Code | Description |
|---|---|---|
| 400 | bad_request | Invalid request body or parameters |
| 401 | unauthorized | Missing or invalid API key |
| 403 | forbidden | API key lacks required permissions |
| 404 | not_found | Resource not found |
| 429 | rate_limited | Too many requests |
| 500 | internal_error | Server error |
Rate Limits
| Plan | Rate Limit |
|---|---|
| Free | 100 requests/minute |
| Starter | 500 requests/minute |
| Growth | 2,000 requests/minute |
| Business | 10,000 requests/minute |
| Enterprise | Unlimited |
Rate limit headers are included in all responses:
X-RateLimit-Limit: 500
X-RateLimit-Remaining: 498
X-RateLimit-Reset: 1705319400SDK Examples
Rust
use licenz_sdk::Client;
let client = Client::new("YOUR_API_KEY");
let licenses = client.licenses().list().await?;cURL
curl https://api.licenz.io/v1/licenses \
-H "Authorization: Bearer YOUR_API_KEY"