How do I validate a license key with ValidonX?

Send a POST request to /api/v1/integration/licenses/{licenseKey}/validate with your X-API-Key header. The response includes valid (boolean), license status, expiry date, and entitlements as a flexible JSON key-value object.

ValidonX is a multi-tenant SaaS licensing platform that provides license key validation, device activation tracking, entitlement enforcement, and usage metering via a REST API. Software vendors use it to manage licensing for their products.

How do ValidonX entitlements work?

Entitlements are a flexible JSON key-value store on each license. You define whatever keys make sense for your product (e.g., {"plan": "pro", "domains": 5, "api.access": true}). They are returned in the license validation response and can also be checked via the /entitlements/check endpoint.

What programming languages does ValidonX support?

ValidonX provides a REST API that works with any language. Official SDK examples and copy-paste client classes are provided for PHP, JavaScript/Node.js, Python, and cURL. The API uses standard JSON over HTTPS.

How much does ValidonX cost?

ValidonX offers a free Starter tier (1 product, 100 license keys, 10,000 API calls/month), a Pro tier at $49/month (5 products, unlimited keys, 100,000 API calls/month), and custom Enterprise pricing with unlimited everything and dedicated database.

Activation Lifecycle

Activations represent a license key being used on a specific device or environment. ValidonX tracks activations to enforce per-license limits and provide usage visibility.

Lifecycle States

License Issued → Activation Created → Activation Validated → (Activation Revoked)

Creating an Activation

Endpoint: POST /v1/integration/activations

bash

curl -X POST https://api.validonx.com/api/v1/integration/activations \
  -H "X-API-Key: VX-your-api-key" \
  -H "Content-Type: application/json" \
  -d '{
    "license_key": "VALIDONX-XXXX-XXXX-XXXX-XXXX",
    "fingerprint": "device-unique-identifier",
    "metadata": {
      "os": "Windows 11",
      "app_version": "2.1.0",
      "hostname": "workstation-01"
    }
  }'

Response (201):

json

{
  "data": {
    "activation_id": "uuid",
    "license_key": "VALIDONX-XXXX-XXXX-XXXX-XXXX",
    "fingerprint": "device-unique-identifier",
    "status": "active",
    "created_at": "2026-04-03T10:00:00Z"
  },
  "meta": { "request_id": "uuid", "api_version": "1" }
}

Validating an Activation

Endpoint: POST /v1/integration/activations/{activationId}/validate

Use this to verify an activation is still valid (not revoked, license not expired).

bash

curl -X POST https://api.validonx.com/api/v1/integration/activations/{id}/validate \
  -H "X-API-Key: VX-your-api-key"

Idempotency

Creating an activation with the same license_key + fingerprint combination returns the existing activation rather than creating a duplicate. This makes the endpoint safe to retry.

Activation Limits

Each license has a maximum number of activations (configurable, default 10). When the limit is reached, new activation requests return 403 ACTIVATION.LIMIT_EXCEEDED.

Plan	Default Max Activations
Starter	10 per license
Pro	50 per license
Enterprise	Configurable

Best Practices

Generate stable fingerprints: Use a combination of hardware identifiers (CPU ID, disk serial, MAC address) hashed together
Validate on startup: Check activation validity when your application starts
Handle gracefully: If activation fails, show a user-friendly message with instructions
Include metadata: OS, app version, and hostname help with debugging and analytics

Activation Lifecycle ​

Lifecycle States ​

Creating an Activation ​

Validating an Activation ​

Idempotency ​

Activation Limits ​

Best Practices ​