Skip to main content
POST
https://api.keyport.sbs
/
api
/
v1
/
validate
Validate a license
curl --request POST \
  --url https://api.keyport.sbs/api/v1/validate \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "license_key": "ABCD-EFGH-IJKL-MNOP"
}
'
{
  "valid": true,
  "status": "active",
  "expires": "2027-01-01T00:00:00.000Z",
  "ip_registered": false,
  "ip_count": 1,
  "max_ips": 1,
  "version": "2.1.0",
  "version_valid": true,
  "custom": {
    "tier": "pro",
    "exports": true
  },
  "signature": null
}
Send a POST request to validate a license key. This is the primary endpoint you call each time your application needs to check whether a license is active and eligible to run.
Use the interactive playground on this page to paste your product API key, send a real request, and inspect the live response without leaving the docs.

Endpoint

POST https://api.keyport.sbs/api/v1/validate

Headers

Authorization: Bearer kp_live_xxxxxxxxxxxxxxxxxxxxxxxxx
Content-Type: application/json

Request body

license_key
string
required
The license key to validate. Must match a key issued under the product associated with your API key.
version
string
The version string of your application (e.g. "2.1.0"). Required if you want the version_valid field populated. Only evaluated when the version module is enabled on the product.
device_id
string
An arbitrary identifier for the device or machine making the request. Used for informational purposes; does not affect validation outcome.

Response fields

valid
boolean
required
true if the license is currently valid and all checks passed. false for any failure, including business-state failures that return HTTP 200.
status
string
required
Machine-readable result string. Use this as the source of truth in your application logic. See status values below.
expires
string | null
ISO 8601 expiry timestamp for the license. null for lifetime licenses or when the license was not found.
ip_registered
boolean | null
Whether the calling IP was newly registered during this request. null when the IP system is disabled or the license was invalid.
ip_count
number | null
Number of unique IPs currently registered to this license. null when the license was not found or the IP system is disabled.
max_ips
number | null
Maximum number of unique IPs allowed for this license. null when the IP system is disabled or the license was not found.
version
string | null
The version string accepted or pinned for this license. Only populated when the version module is enabled on the product; otherwise null.
version_valid
boolean | null
Whether the version you submitted is permitted for this license. Only populated when the version module is enabled and a version was included in the request; otherwise null.
custom
object | null
Custom response payload defined by the product’s custom response module. Only populated when the module is enabled and the template resolves to a non-empty object; otherwise null.
signature
string | null
Cryptographic signature of the response payload. Only populated when signed validation is enabled at both the product and organization level; otherwise null.

Examples

curl --request POST \
  --url https://api.keyport.sbs/api/v1/validate \
  --header 'Authorization: Bearer kp_live_xxxxxxxxxxxxxxxxxxxxxxxxx' \
  --header 'Content-Type: application/json' \
  --data '{
    "license_key": "ABCD-EFGH-IJKL-MNOP",
    "version": "2.1.0",
    "device_id": "desktop-main"
  }'

Status values

Most failures return HTTP 200 with valid: false. Read the status field to determine the cause.
StatusMeaning
activeLicense is valid and all checks passed
license_not_foundNo license exists for the provided key under this product
revokedLicense has been manually revoked
expiredLicense expiry date has passed
ip_blockedThe calling IP is explicitly blocked
ip_limit_reachedThe license has already registered its maximum number of unique IPs
ip_not_registeredIP system is in allow-list mode and this IP is not registered
product_not_foundThe product associated with your API key does not exist
product_archivedThe product has been archived and is no longer accepting validations
product_disabledThe product has been disabled
org_suspendedThe organization account has been suspended
billing_suspendedThe organization’s billing is suspended
invalid_api_keyThe Authorization header is missing or the API key is not valid
rate_limit_exceededThe daily validation limit for this product has been exceeded

HTTP status codes

HTTP statusMeaning
200Request was processed. Check valid and status for the outcome.
401Missing or invalid product API key.
429Daily product request limit exceeded. Check the Retry-After header.
401 and 429 are the only HTTP error codes this endpoint returns. All other failure outcomes — including revoked, expired, and blocked licenses — come back as 200 with valid: false.

Field population notes

  • signature — Only present when signed validation is enabled at both the product and organization level.
  • custom — Only present when the product’s custom response module is enabled and the template or override resolves to a non-empty object.
  • version and version_valid — Only present when the version module is enabled on the product.

Authorizations

Authorization
string
header
required

Use your product API key in the Authorization header.

Body

application/json
license_key
string
required
Example:

"ABCD-EFGH-IJKL-MNOP"

version
string
Example:

"2.1.0"

device_id
string
Example:

"desktop-main"

Response

Validation processed.

valid
boolean
Example:

true

status
string
Example:

"active"

expires
string<date-time> | null
Example:

"2027-01-01T00:00:00.000Z"

ip_registered
boolean | null
Example:

false

ip_count
integer | null
Example:

1

max_ips
integer | null
Example:

1

version
string | null
Example:

"2.1.0"

version_valid
boolean | null
Example:

true

custom
object
Example:
{ "tier": "pro", "exports": true }
signature
string | null
Example:

null