Skip to main content
These are the core objects you create and interact with when using KeyPort.
An organization is your workspace inside KeyPort. It owns your products, licenses, members, billing state, webhook endpoints, and custom roles. You can belong to multiple organizations and invite other members to collaborate using custom roles.
A product represents a single software product, plugin, or service you want to protect. Each product has its own API key and its own daily validation quota, so usage and access are isolated per product.
A license belongs to one product and one customer identity. It can be active, revoked, expired, or blocked by IP policy — either directly or indirectly through product, organization, or billing state. You control lifetime vs. expiry and optional IP restrictions when creating a license.
The product API key is the bearer token your application sends to the public validation API. Keys are scoped to a single product, not to the whole organization. KeyPort shows you the full key once at creation; after that, only the prefix is visible in the dashboard.
KeyPort tracks which IP addresses have been seen for each license and can enforce per-license IP limits using the max_ips setting. At validate time, the IP of the calling request is evaluated against the registered IPs and any IP policy configured for the product.
Webhooks let KeyPort push license lifecycle events to your own systems in real time. You configure webhook endpoints on your organization, and KeyPort delivers signed payloads when events like license creation, revocation, or expiry occur.