Simple. Powerful. Tamper-proof.
Automate, integrate, and validate — all with cryptographic certainty
###
Cryptographic security
RSA-2048 digital signatures ensure each key is tamper-proof and verifiable — even in fully offline or air-gapped apps.
->>
Automated via Stripe
Webhook-driven license generation that supports subscriptions, trials, and one-time purchases — no manual intervention required.
-<<
Automated via API
Create licenses on demand for enterprise plans, demos, or internal tools. Full control over expiration, metadata, and activation rules.
~@
Flexible license types
Subscription, perpetual, term-based (e.g., 90 days), trials, and floating models — all supported natively.
>>
Device activations
Each license supports device-level activation with secure APIs to activate, deactivate, and manage devices.
Licensing, ready to roll
Keyspark gives you full control over licensing, without infrastructure overhead
[.]
Works everywhere
JavaScript-ready and self-validating. Perfect for browser extensions, Electron apps, CLI tools, mobile apps, or on-prem deployments.
=!=
Offline validation
Keys include everything required for local verification. No server calls — just a public key.
One key. All the context.
Your license includes user info, access rules, device limits, and more — all securely signed
{
"payload": {
"user": {
"email": "user@example.com",
"name": "John Doe"
},
"license": {
"type": "subscription",
"maxActivations": 5,
"expiresAt": 1752899034
},
"metadata": {
"features": ["advanced-analytics"],
"limits": {
"apiCallsPerMonth": 10000
},
"tier": "Pro"
}
},
"signature": "hex-encoded-signature"
}Two powerful ways to issue keys
Generate licenses automatically via Stripe or directly via API
Stripe integration
- Trigger
- Stripe webhooks (
checkout.session.completed) - License types
- Subscription, perpetual, term
- Activation logic
quantity × activationFactor
Direct API
- Trigger
POST /v1/licensesAPI call- License types
- All types, plus trials and internal use
- Activation logic
plan.activationFactor × quantity
Unlimited flexibility with signed JSON metadata
Add feature flags, quotas, branding, and more — no server required
#?
Use cases
- -> Feature toggles
- -> API usage limits
- -> Custom UI branding
- -> App version restrictions
- -> Enterprise compliance settings
- -> Regional licensing
- -> On-prem or white-label configuration
&&&
Benefits
- -> Cryptographically signed
- -> Readable client-side
- -> Enforced without server calls
- -> Fully customizable per license to tier
Example:
{
"features": ["export", "analytics"],
"limits": { "apiCalls": 10000, "storageGB": 50 },
"branding": {
"company": "Acme Corp",
"primaryColor": "#1a365d"
}
}Validates anywhere code runs
From air-gapped laptops to edge CDNs, licenses verify instantly
- Offline desktop apps
- --> Validate on launch with no internet access.
- Mobile apps
- --> Bundle the public key and validate instantly.
- Edge/CDN environments
- --> Use Workers or Lambdas to validate at the edge.
- Enterprise on-prem
- --> Ship a signed license file and public key config.
- Browser-based apps
- --> Add license verification in React, Vue, or vanilla JS.
- Microservices
- --> Each service can verify licenses independently — no shared state required.
Security isn't optional
Keyspark uses public-key cryptography to enforce authenticity and isolation
=>
Key properties:
- -> RSA-2048 signatures with SHA-256
- -> Tamper-proof: any modification breaks validation
- -> Verify offline using a public key
>]
Endpoints:
- ->
POST /v1/licenses→ Create license - ->
POST /v1/licenses/validate→ Validate license - ->
POST /v1/licenses/activate→ Activate device
Control how licenses are used
Built-in device management with activation limits and deactivation
- Multi-device activations
- --> Limit how many times a license can be used (e.g. 3 devices)
- Device tracking
- --> View, name, and manage devices per license
- Revocation & renewal
- --> Replace or revoke license keys securely
- Deactivation endpoints
- --> Customers can release activations (e.g. during uninstall)