How do I validate a license key with ValidonX?

Send a POST request to /api/v1/integration/licenses/{licenseKey}/validate with your X-API-Key header. The response includes valid (boolean), license status, expiry date, and entitlements as a flexible JSON key-value object.

ValidonX is a multi-tenant SaaS licensing platform that provides license key validation, device activation tracking, entitlement enforcement, and usage metering via a REST API. Software vendors use it to manage licensing for their products.

How do ValidonX entitlements work?

Entitlements are a flexible JSON key-value store on each license. You define whatever keys make sense for your product (e.g., {"plan": "pro", "domains": 5, "api.access": true}). They are returned in the license validation response and can also be checked via the /entitlements/check endpoint.

What programming languages does ValidonX support?

ValidonX provides a REST API that works with any language. Official SDK examples and copy-paste client classes are provided for PHP, JavaScript/Node.js, Python, and cURL. The API uses standard JSON over HTTPS.

How much does ValidonX cost?

ValidonX offers a free Starter tier (1 product, 10 license keys, 10,000 API calls/month), a Pro tier at $49/month (3 products, 1,000 license keys, 300,000 API calls/month), a Business tier at $149/month (10 products, 5,000 license keys, 1,000,000 API calls/month), and custom Enterprise pricing with unlimited everything and a dedicated database.

API Endpoints

A complete, plain-HTML reference of every ValidonX API endpoint (80 operations), generated from the OpenAPI 3.1 specification. To try requests interactively in your browser, use the API Explorer. For request/response schemas and examples, see the OpenAPI spec.

Base URL: https://api.validonx.com/api — prepend it to each path below.

Integration

License validation, activation, entitlements, and usage recording (X-API-Key auth)

Method	Endpoint	Auth	Description
`POST`	`/v1/integration/licenses/{licenseKey}/validate`	`X-API-Key` header	Validate a license key
`POST`	`/v1/integration/activations`	`X-API-Key` header	Create an activation
`POST`	`/v1/integration/activations/{activationId}/validate`	`X-API-Key` header	Validate an activation
`POST`	`/v1/integration/entitlements/check`	`X-API-Key` header	Check entitlements
`POST`	`/v1/integration/usage/record`	`X-API-Key` header	Record a usage event

Auth

Admin login, logout, and profile

Method	Endpoint	Auth	Description
`POST`	`/auth/login`	None	Admin login
`POST`	`/auth/logout`	Bearer token	Admin logout
`GET`	`/auth/me`	Bearer token	Get admin profile

Onboarding

Self-service registration, email verification, plan selection, checkout, provisioning

Method	Endpoint	Auth	Description
`POST`	`/v1/auth/register`	None	Register a new user account
`POST`	`/v1/auth/forgot-password`	None	Request password reset link
`POST`	`/v1/auth/reset-password`	None	Reset password with token
`POST`	`/v1/auth/email/verify`	Bearer token	Verify email address
`POST`	`/v1/auth/email/resend`	Bearer token	Resend verification email
`GET`	`/v1/plans`	None	List available subscription plans
`POST`	`/v1/onboarding/checkout-session`	Bearer token	Create Stripe Checkout session for paid plan
`POST`	`/v1/onboarding/provision`	Bearer token	Provision a new tenant workspace

Account

Authenticated user self-service — profile, password, email change, 2FA, GDPR data export/deletion

Method	Endpoint	Auth	Description
`GET`	`/v1/account/tenants`	Bearer token	List tenants the authenticated user can access
`GET`	`/v1/account/profile`	Bearer token	Get the current user's profile
`PUT`	`/v1/account/profile`	Bearer token	Update the current user's profile
`POST`	`/v1/account/change-password`	Bearer token	Change the current user's password
`POST`	`/v1/account/email/change`	Bearer token	Request an email change (sends verification link to new address)
`POST`	`/v1/account/email/confirm-change`	None	Confirm a pending email change via signed link
`POST`	`/v1/account/email/cancel-change`	Bearer token	Cancel a pending email change
`GET`	`/v1/account/two-factor`	Bearer token	Get current 2FA status
`POST`	`/v1/account/two-factor/enable`	Bearer token	Start 2FA enrollment (returns QR code + secret)
`POST`	`/v1/account/two-factor/confirm`	Bearer token	Confirm and activate 2FA enrollment
`POST`	`/v1/account/two-factor/disable`	Bearer token	Disable 2FA on the current account
`POST`	`/v1/account/two-factor/recovery-codes`	Bearer token	Regenerate recovery codes
`GET`	`/v1/account/data-export`	Bearer token	Export all personal data (GDPR Art. 15/20)
`POST`	`/v1/account/delete`	Bearer token	Request account deletion (GDPR Art. 17)
`POST`	`/v1/account/cancel-deletion`	Bearer token	Cancel pending account deletion

User Auth

Dashboard user login, logout, profile, and 2FA challenge (separate from admin auth)

Method	Endpoint	Auth	Description
`POST`	`/v1/auth/login`	None	Dashboard user login
`POST`	`/v1/auth/login/challenge`	None	Complete 2FA login challenge
`POST`	`/v1/auth/logout`	Bearer token	Revoke the current user bearer token
`GET`	`/v1/auth/me`	Bearer token	Get the authenticated user profile

Tenant

Tenant management API — license/API key/webhook CRUD, settings, audit logs, notifications (Bearer token with tenant ability)

Method	Endpoint	Auth	Description
`GET`	`/v1/tenant/products`	Bearer token	List catalog products
`GET`	`/v1/tenant/products/{id}`	Bearer token	Get a single product
`GET`	`/v1/tenant/licenses`	Bearer token	List licenses
`POST`	`/v1/tenant/licenses`	Bearer token	Issue a new license
`GET`	`/v1/tenant/licenses/{id}`	Bearer token	Get a single license
`PUT`	`/v1/tenant/licenses/{id}`	Bearer token	Update a license
`DELETE`	`/v1/tenant/licenses/{id}`	Bearer token	Delete a license
`GET`	`/v1/tenant/activations`	Bearer token	List activations across all licenses
`GET`	`/v1/tenant/entitlements`	Bearer token	List computed entitlements for the active subscription
`GET`	`/v1/tenant/api-keys`	Bearer token	List API keys
`POST`	`/v1/tenant/api-keys`	Bearer token	Issue a new API key
`DELETE`	`/v1/tenant/api-keys/{id}`	Bearer token	Revoke an API key
`GET`	`/v1/tenant/settings`	Bearer token	Get tenant settings
`PUT`	`/v1/tenant/settings`	Bearer token	Update tenant settings
`GET`	`/v1/tenant/audit-logs`	Bearer token	List audit log entries
`GET`	`/v1/tenant/webhooks`	Bearer token	List webhook endpoints
`POST`	`/v1/tenant/webhooks`	Bearer token	Register a webhook endpoint
`PUT`	`/v1/tenant/webhooks/{id}`	Bearer token	Update a webhook endpoint
`DELETE`	`/v1/tenant/webhooks/{id}`	Bearer token	Delete a webhook endpoint
`GET`	`/v1/tenant/webhook-deliveries`	Bearer token	List webhook delivery attempts
`GET`	`/v1/tenant/notifications`	Bearer token	List in-app notifications
`POST`	`/v1/tenant/notifications/{id}/read`	Bearer token	Mark a notification as read
`POST`	`/v1/tenant/notifications/read-all`	Bearer token	Mark all in-app notifications as read
`GET`	`/v1/tenant/dev-tools/snapshot`	Bearer token	Developer Tools snapshot

Billing

Customer billing portal (invoices, subscription, payment methods, notification preferences)

Method	Endpoint	Auth	Description
`GET`	`/v1/billing/invoices`	Bearer token	List invoices for the active tenant
`GET`	`/v1/billing/invoices/{id}`	Bearer token	Get a single invoice
`GET`	`/v1/billing/invoices/{id}/pdf`	Bearer token	Download an invoice PDF
`GET`	`/v1/billing/invoices/export`	Bearer token	Export invoices as CSV
`GET`	`/v1/billing/subscription`	Bearer token	Get the active subscription
`GET`	`/v1/billing/payment-methods`	Bearer token	List payment methods (sanitised)
`GET`	`/v1/billing/billing-portal-url`	Bearer token	Generate a Stripe billing portal redirect URL
`GET`	`/v1/billing/history`	Bearer token	Get combined billing history (invoices + events)
`GET`	`/v1/billing/settings`	Bearer token	Get billing contact and address settings
`PUT`	`/v1/billing/settings`	Bearer token	Update billing contact and address settings
`GET`	`/v1/billing/notifications`	Bearer token	Get billing email notification preferences
`PUT`	`/v1/billing/notifications`	Bearer token	Update billing email notification preferences
`GET`	`/v1/billing/activity`	Bearer token	List billing activity (paginated, filtered)

Marketing

Newsletter subscription

Method	Endpoint	Auth	Description
`POST`	`/v1/marketing/subscribe`	None	Subscribe to newsletter (double opt-in)
`POST`	`/v1/marketing/unsubscribe`	None	Unsubscribe from newsletter
`GET`	`/v1/marketing/confirm`	None	Confirm newsletter subscription (double opt-in)
`POST`	`/v1/marketing/contact`	None	Submit the public contact form
`POST`	`/v1/consent/record`	None	Record a GDPR consent event (server-side audit trail)

Monitoring

Health checks and Prometheus metrics

Method	Endpoint	Auth	Description
`GET`	`/health`	None	Basic health check (DB + cache)
`GET`	`/health/detailed`	Bearer token	Detailed health check (admin-only)
`GET`	`/metrics`	None	Prometheus metrics

API Endpoints ​

Integration ​

Auth ​

Onboarding ​

Account ​

User Auth ​

Tenant ​

Billing ​

Marketing ​

Monitoring ​