đ Authenticate License
Authenticate a user's license key with TKI Auth API.
Endpointâ
POST /api/license/auth
Headersâ
| Name | Type | Required | Description |
|---|---|---|---|
Authorization | string | Yes | Your API Key from config |
Content-Type | string | Yes | Must be application/json |
User-Agent | string | No | Client information (logged for analytics) |
Request Bodyâ
{
"data": {
"product": "string",
"version": "string",
"licensekey": "string",
"ip": "string",
"hwid": "string"
}
}
Parametersâ
| Parameter | Type | Required | Description |
|---|---|---|---|
data.product | string | Yes | Name of the product to authenticate for |
data.version | string | Yes | Version of the product |
data.licensekey | string | Yes | The license key to authenticate |
data.ip | string | Yes | Client's IP address |
data.hwid | string | Conditional | Hardware ID (required if RequireHWID is enabled in config) |
Responseâ
Success Response (200)â
{
"status_msg": "Successful Authentication!",
"status_overview": "success",
"status_code": 200,
"version": "1.0.0",
"discord_id": "123456789012345678",
"discord_username": "john_doe",
"discord_tag": "@john_doe#0001",
"expire_date": "12/31/2024",
"staff_license": false
}
Error Responsesâ
- 401 - Unauthorized
- 403 - Forbidden
- 400 - Bad Request
- 404 - Not Found
- 429 - Rate Limited
{
"message": "Authorization header is missing",
"status_overview": "failed"
}
Causes:
- Missing Authorization header
{
"message": "Invalid API Key",
"status_overview": "failed"
}
Or:
{
"message": "Your IP is blacklisted!",
"status_overview": "failed"
}
Or:
{
"message": "Your HWID is blacklisted!",
"status_overview": "failed"
}
Or:
{
"message": "Your License is blacklisted at the moment!",
"status_overview": "failed"
}
Causes:
- Invalid API key
- IP address is blacklisted
- HWID is blacklisted
- License key is blacklisted
{
"message": "Missing required fields: data.ip, data.hwid, data.product, data.version, or data.licensekey",
"status_overview": "failed"
}
Or:
{
"message": "This Version does not exist!",
"status_overview": "failed"
}
Or:
{
"message": "License key does not match the requested product.",
"status_overview": "failed"
}
Or:
{
"message": "License has expired!",
"status_overview": "failed"
}
Or:
{
"message": "Max Amount of IP's reached!",
"status_overview": "failed"
}
Or:
{
"message": "Max Amount of HWIDs reached!",
"status_overview": "failed"
}
Causes:
- Missing required fields in request body
- Product version doesn't exist
- License doesn't match the requested product
- License has expired
- Maximum IP limit reached for license
- Maximum HWID limit reached for license
{
"message": "Invalid or non-existent license key.",
"status_overview": "failed"
}
Or:
{
"message": "This product does not exist!",
"status_overview": "failed"
}
Causes:
- License key not found in database
- Product doesn't exist in system
{
"message": "You have been ratelimited! Try again in 3 Minutes!",
"status_overview": "failed"
}
Causes:
- Too many requests within rate limit window (if enabled)
Code Examplesâ
- JavaScript
- Python
- C#
- cURL
const response = await fetch('https://your-domain.com/api/license/auth', {
method: 'POST',
headers: {
'Authorization': 'your-api-key-here',
'Content-Type': 'application/json',
'User-Agent': 'MyApp/1.0.0'
},
body: JSON.stringify({
data: {
product: 'MyProduct',
version: '1.0.0',
licensekey: 'TKI-XXXXX-XXXXX',
ip: '192.168.1.1',
hwid: 'unique-hardware-id'
}
})
});
const result = await response.json();
if (result.status_overview === 'success') {
console.log('Authentication successful!');
console.log('User:', result.discord_username);
console.log('Expires:', result.expire_date);
} else {
console.error('Authentication failed:', result.message);
}
import requests
import json
url = 'https://your-domain.com/api/license/auth'
headers = {
'Authorization': 'your-api-key-here',
'Content-Type': 'application/json',
'User-Agent': 'MyApp/1.0.0'
}
data = {
'data': {
'product': 'MyProduct',
'version': '1.0.0',
'licensekey': 'TKI-XXXXX-XXXXX',
'ip': '192.168.1.1',
'hwid': 'unique-hardware-id'
}
}
response = requests.post(url, headers=headers, json=data)
result = response.json()
if result.get('status_overview') == 'success':
print('Authentication successful!')
print(f"User: {result['discord_username']}")
print(f"Expires: {result['expire_date']}")
else:
print(f"Authentication failed: {result['message']}")
using System;
using System.Net.Http;
using System.Text;
using System.Threading.Tasks;
using Newtonsoft.Json;
public class AuthRequest
{
public AuthData data { get; set; }
}
public class AuthData
{
public string product { get; set; }
public string version { get; set; }
public string licensekey { get; set; }
public string ip { get; set; }
public string hwid { get; set; }
}
public class AuthResponse
{
public string status_msg { get; set; }
public string status_overview { get; set; }
public int status_code { get; set; }
public string version { get; set; }
public string discord_id { get; set; }
public string discord_username { get; set; }
public string discord_tag { get; set; }
public string expire_date { get; set; }
public bool staff_license { get; set; }
public string message { get; set; }
}
public async Task<AuthResponse> AuthenticateLicense()
{
using (var client = new HttpClient())
{
client.DefaultRequestHeaders.Add("Authorization", "your-api-key-here");
client.DefaultRequestHeaders.Add("User-Agent", "MyApp/1.0.0");
var requestData = new AuthRequest
{
data = new AuthData
{
product = "MyProduct",
version = "1.0.0",
licensekey = "TKI-XXXXX-XXXXX",
ip = "192.168.1.1",
hwid = "unique-hardware-id"
}
};
var json = JsonConvert.SerializeObject(requestData);
var content = new StringContent(json, Encoding.UTF8, "application/json");
var response = await client.PostAsync("https://your-domain.com/api/license/auth", content);
var responseString = await response.Content.ReadAsStringAsync();
return JsonConvert.DeserializeObject<AuthResponse>(responseString);
}
}
curl -X POST https://your-domain.com/api/license/auth \
-H "Authorization: your-api-key-here" \
-H "Content-Type: application/json" \
-H "User-Agent: MyApp/1.0.0" \
-d '{
"data": {
"product": "MyProduct",
"version": "1.0.0",
"licensekey": "TKI-XXXXX-XXXXX",
"ip": "192.168.1.1",
"hwid": "unique-hardware-id"
}
}'
Special Featuresâ
Staff Licensesâ
Staff licenses bypass product validation and can authenticate against any product in your system. When a staff license is used:
- Product and version validation is skipped
- The requested product name is returned in the response
staff_licensefield in response will betrue
Rate Limitingâ
If rate limiting is enabled in your config, requests are limited per IP address. The limit resets every minute.
Advanced Loggingâ
All authentication attempts are logged to Discord channels (if configured) and stored in the database for analytics. Failed attempts include detailed error information for debugging.
Blacklist Protectionâ
The system automatically checks for blacklisted:
- IP addresses
- Hardware IDs (HWID)
- License keys
Blacklisted items are automatically blocked and connection attempts are counted.
Response Fields Explainedâ
| Field | Description |
|---|---|
status_msg | Human-readable status message |
status_overview | Either "success" or "failed" |
status_code | HTTP status code |
version | Product version (from database or requested version for staff licenses) |
discord_id | Discord user ID associated with the license |
discord_username | Discord username |
discord_tag | Full Discord tag with @ prefix |
expire_date | License expiration date in MM/DD/YYYY format |
staff_license | Boolean indicating if this is a staff license |
Important Notesâ
IP and HWID Tracking
The first time a license is used from a new IP or HWID, it will be automatically added to the license's allowed lists (up to the configured limits).
Staff License Behavior
Staff licenses can authenticate against any product and bypass normal product/version validation. Use them carefully for administrative access.
Error Handling
Always check the status_overview field first to determine if the request was successful before processing other response data.