Changelog

An RSS feed of our changelog is available.

2024

NOV

FEATURE Add support for Rubygems engine, e.g. rubygems.pkg.keygen.sh.
FIX Fix rare race-condition where some dead machines that have been resurrected would not be culled even after subsequent death.
FEATURE Add support for npm engine, e.g. npm.pkg.keygen.sh.

OCT

FEATURE Release tags are now unique per-product and per-package, rather than globally, allowing for simplified release management.
Previously, only 1 release could use the "latest" tag across all products and packages, but now there can be multiple "latest" tags across products and packages.
FEATURE Add FROM_NOW_IF_EXPIRED renewal basis to policies, to conditionally renew from the current time if the license is expired, otherwise renew from the license's expiry.
This is useful in cases where you renew licenses ahead of time.
FEATURE Add code identifier to products, to allow products to be looked up via a human-readable identifier.
FEATURE Add support for Raw engine, e.g. raw.pkg.keygen.sh.
FEATURE Add activity filter to licenses list endpoint, allowing querying for e.g. licenses without any activity in the past 30 days.

AUG

LAUNCH Keygen goes Fair Source. 🥳

MAY

v1.7

This changes the current API version from v1.6 to v1.7. With this, backwards-compatible breaking changes have been introduced, mostly around splitting a policy's leasing strategy into 2 distinct attributes.

For current API consumers of v1.6 or earlier, nothing will change, thanks to version pinning. Please see our versioning strategy for more info.

CHANGE Split a policy's leasing strategy into 2 distinct attributes: machine leasing strategy, and process leasing strategy.
Previously, the leasing strategy only applied to processes, but we also introduced similar functionality for machines, so we thought it best to separate them.
FEATURE Add a per-user leasing strategy to policies, to control how many machines and processes can be leased per-user.
Previously, the leasing strategy only applied to processes.
FEATURE Add a max users limit to policies, to control how many users can be associated to a given license. To be used with multi-user licenses.
This behaves similarly to the existing max machine and process limits.
FEATURE Add user count to license payloads via /relationships/users/meta/count.
FIX Fix issue where release and artifact endpoints could unexpectedly result in a 403 error when the requestor has an expired license.
This was due to an incorrect object scope that would cause an eventual authorization error.

APR

v1.6

This changes the current API version from v1.5 to v1.6. With this, backwards-compatible breaking changes have been introduced, mostly around implementing multi-user licenses, coming from single-user licenses.

For current API consumers of v1.5 or earlier, nothing will change, thanks to version pinning. Please see our versioning strategy for more info.

CHANGE Rename singular user relationship for licenses to owner.
CHANGE Remove singular user relationship from machines.
FEATURE Add plural users relationship to licenses. Users can now be attached to a license to model multi-user licenses.
FEATURE Add owner relationship to machines. Users can now be associated to a machine, giving the user permission to manage the machine.
Previous behavior allowed the license owner to manage machines. Current behavior is the same, but also allows the machine owner to manage the machine in the case of multi-user licenses.
FIX Fix issue where active users could be included in the list of inactive users when filtering users by status.
This would occur when a user had both active licenses and inactive licenses.
FIX Fix issue where license.expiring-soon and license.expired webhook events could be delivered twice for the same event.

FEB

CHANGE We now cull dead machines and processes every 2 minutes, instead of what used to be, in most cases, instantly. This is for performance and scalability reasons.
For healthy machines and processes sending heartbeats at appropriate intervals, you should see no change in behavior.

JAN

FEATURE Add renewal basis to policies, to configure how a license's expiry is extended during renewal.
This is useful in cases where you want to renew from the current time, not the expiry.

2023

NOV

FEATURE Add support for prefer query parameter for artifact downloads and other distribution-related endpoints.
This is useful in cases where providing a Prefer header is not an option.

OCT

v1.5

This changes the current API version from v1.4 to v1.5. With this, a small backwards-compatible breaking change has been introduced.

For current API consumers of v1.4 or earlier, nothing will change, thanks to version pinning. Please see our versioning strategy for more info.

CHANGE Fix casing of nested metadata keys from snake case to camel case.
FIX Fix issue where dead machines in a NOT_STARTED state would not be culled when their policy is later updated to require heartbeats.

SEP

v1.4

This changes the current API version from v1.3 to v1.4. With this, a couple small backwards-compatible breaking changes have been introduced.

For current API consumers of v1.3 or earlier, nothing will change, thanks to version pinning. Please see our versioning strategy for more info.

CHANGE Rename fingerprintUniquenessStrategy to machineUniquenessStrategy for policies.
CHANGE Rename fingerprintMatchingStrategy to machineMatchingStrategy for policies.
FEATURE Add machine components for managing a machine's hardware components.
FEATURE Add components scope requirement to policies, to control whether license validations require a components scope.
The components scope can be used to assert a machine has a given set of hardware components.
FEATURE Add MATCH_TWO machine matching strategy to policies.
FEATURE Add component uniqueness strategies to policies.
FEATURE Add component matching strategies to policies.
FEATURE Add components validation scope, to assert that a machine has a given set of components during validation.
FEATURE Add components include option to machine checkouts.

AUG

FEATURE Add second factors for managing a user's 2FA.
FIX Fix breaking change causing some request bodies to be ignored when sent without a content-type header.
Ideally, integrations should specify a JSON content type when sending data to our API. Unfortunately, sometimes that is missed, and as such, some integrations relied on this erroneous behavior. We "fixed" this behavior by being more strict i.r.t the content-type header, but eventually rolled the change back once we realized this impacted a handful of customer integrations that were sending JSON with e.g. a text/plain content type.
FEATURE Add support for Tauri engine.

JUL

FEATURE Add packages for managing and grouping a product's releases (e.g. sub-products, plugins, add-ons, packages).
FEATURE Add engines for managing a package's supported registries.
FEATURE Add support for PyPI engine.

JUN

LAUNCH Keygen goes source-available. 🥳
FEATURE Add version scope requirement to policies, to control whether license validations require a version scope. Version scopes are useful for tracking a license's current version.
FEATURE Add version scope to license validations, in addition to new validations codes: VERSION_SCOPE_REQUIRED and VERSION_SCOPE_MISMATCH.
FEATURE Add checksum scope requirement to policies, to control whether license validations require a checksum scope. Checksum scopes are useful for asserting that the end-user has not modified the application.
FEATURE Add checksum scope to license validations, in addition to new validations codes: CHECKSUM_SCOPE_REQUIRED and CHECKSUM_SCOPE_MISMATCH.
FEATURE Add version attribute to licenses, indicating the release version of a license's last validation.

MAY

FIX Fix issue where searches on request logs by ID failed with an unsupported query error.

APR

FEATURE Add environments for managing sandbox and production environments.

MAR

FEATURE Add MAINTAIN_ACCESS expiration strategy to policies.

FEB

v1.3

This changes the current API version from v1.2 to v1.3. With this, a small backwards-compatible breaking change has been introduced.

For current API consumers of v1.2 or earlier, nothing will change, thanks to version pinning. Please see our versioning strategy for more info.

FEATURE When a machine which requires a heartbeat is activated, its heartbeat is now automatically started at time of activation. This resolves an issue where a zombie machine would occur if the underlying application crashed in between a machine being activated and its first heartbeat being sent.
A machine "requires a heartbeat" when its license's policy is configured to require heartbeats.
CHANGE When a machine which requires a heartbeat is activated, its initial heartbeat is now ALIVE instead of NOT_STARTED.
In addition, it will have its last heartbeat set to a non-null value.
FEATURE Add heartbeat basis to policies, to override the above behavior.
FIX Fix issue where dead machines could fail to resurrect when the license policy's resurrection strategy was ALWAYS_REVIVE.

2022

NOV

FEATURE Add last checkout timestamps to licenses and machines.
FIX Fix issue causing 403 responses for certain requestors when listing releases or artifacts with entitlement constraints.
In some cases, when the requestor lacked entitlements, the request would be rejected. We now correctly scope these objects so that they are not shown to unentitled requestors.

OCT

FEATURE Add permission system for Ent customers, allowing fine-grained permissions for roles and tokens.

SEP

FEATURE Add name attribute to tokens, for easier token identification at a glance.

AUG

FEATURE Add ALLOW_1_25X_OVERAGE overage strategy option to policies.

JUL

v1.2

This changes the current API version from v1.1 to v1.2. With this, a number of backwards-compatible breaking changes have been introduced.

For current API consumers of v1.1 or earlier, nothing will change, thanks to version pinning. Please see our versioning strategy for more info.

CHANGE Rename meta.constant to meta.code for license validations.
CHANGE Replace concurrent with overage strategy for policies. The default overage strategy for new policies is NO_OVERAGE, which behaves like concurrent=false. Set overage strategy to ALWAYS_ALLOW_OVERAGE for concurrent=true behavior, which was the previous default for policies. Existing policies will continue to behave the same.
CHANGE Remove concurrent from policies.
CHANGE Remove concurrent from licenses.
FEATURE Add ALLOW_ACCESS expiration strategy to policies.

JUN

v1.1

This changes the current API version from v1.0 to v1.1. With this, a number of backwards-compatible breaking changes have been introduced, detailed below. Essentially, the gist of the change set here is around refactoring releases to be more like a versioned "bucket" for artifacts, rather than a one-to-one relationship between a release and artifact, introducing support for multiple artifacts per-release.

For current API consumers of v1.0, nothing will change, thanks to version pinning. Please see our versioning strategy for more information about these types of changes.

For tips on migrating from v1.0 to v1.1, see our migration guide.

CHANGE Change the release object's has-one artifact relationship to a has-many artifacts relationship. The endpoint(s) for the has-one artifact relationship has been deprecated, replaced with the has-many relationship.
CHANGE Move the following attributes from the release object to the artifact object: filename, filetype, filesize, platform, signature, and checksum.
CHANGE Change default status for releases to draft. Moving forward, releases must be explicitly published once all artifacts have been uploaded.
CHANGE Rename release NOT_PUBLISHED status to DRAFT.
DEPRECATE Deprecate upserting releases. Use the create endpoint instead. Since upserting was performed by filename, this is no longer needed.
DEPRECATE Deprecate release upgrade actions. Use the upgrade release endpoint instead.
FEATURE Add create, update and delete endpoints for artifacts. Artifacts are now managed like most other resources.
FEATURE Add status attribute to artifacts. New artifacts will default to a waiting state and will move to an uploaded state once a file is uploaded.
FEATURE Add arch resource, representing supported architectures (similar to the platform resource).
FEATURE Add upgrade relationship to releases. This replaces the release's upgrade actions.
FEATURE Add tag attribute to releases, for easier named lookups.
FEATURE Add publish action to releases.
FEATURE Add yank action to releases.
FEATURE Add expires filter to licenses list endpoint, allowing querying for, e.g. licenses expiring within the next 30 days.

APR

FEATURE Add action for checking out a cryptographic offline license file.
FEATURE Add action for checking out a cryptographic offline machine file.
DEPRECATE Deprecate machine proofs. We recommend checking out a machine file moving forward.
FEATURE Add ability to transfer licenses to policies with a less strict fingerprint matching strategy, e.g. UNIQUE_PER_POLICY to UNIQUE_PER_LICENSE.
FEATURE Add ability to transfer licenses to policies for another product, i.e. across products.
FEATURE Add process resource, to control application/instance concurrency across machines.
FEATURE Add leasing strategy to policies, to control how process instances are counted.
FEATURE Add max processes to policies, to control application concurrency.
FEATURE Add max processes to licenses, to override a policy's max processes.

MAR

FEATURE Add user scope requirement to policies, to control whether license validations require a user scope. User scopes are great for user-locked licensing models.
FEATURE Add user scope to license validations, in addition to new validations codes: USER_SCOPE_REQUIRED and USER_SCOPE_MISMATCH.
FEATURE Add group resource, for grouping resources together e.g. under a company or team, and for setting collective group limits.
FEATURE Add group relationship to users.
FEATURE Add group relationship to licenses.
FEATURE Add group relationship to machines.
FIX Fix issue causing some paginated requests to not contain a links property in the response.

FEB

FEATURE Add heartbeat cull strategy to policies, to control whether to automatically deactivate dead machines i.e. a machine that fails to maintain a heartbeat.
FEATURE Add template variable support, e.g. {{created}} and {{expiry}}, to signed license keys.
FIX Fix race condition which caused some dead machines to not be culled when very frequent heartbeat pings were being sent (e.g. every few seconds).
FEATURE Add heartbeat resurrection strategy to policies, to control whether to revive dead machines within a short window from their death.
FEATURE Add ability for policies to require that their machines maintain a heartbeat.
FEATURE Add transfer strategy to policies, to control whether license expirations are reset when transferred to a different policy.
FEATURE Update users to support null passwords, i.e. passwordless users. (Users without a password cannot login.)
FEATURE Add ability for admins to generate tokens on a user's behalf, via the user's tokens relationship.
FEATURE Add actions for banning users. Banned users cannot authenticate with the API, and all their licenses will be invalidated.

JAN

FEATURE Add authentication strategy to policies, to control how licenses are allowed to authenticate with the API. This feature allows for requests to authenticate using a license key (!!), rather than using a license token. By default, policies use a token authentication strategy i.e. behavior is unchanged.
FEATURE Add expiration basis to policies, to control when a license's initial expiry is set. By default, a license's expiry is set from creation.

2021

DEC

FEATURE Update release platform and filetype attributes to be nullable. (Setting either of these to null will exclude the release from upgrade functionality.)

NOV

FEATURE Add product distribution strategies, to control access to releases. Releases can now be publicly distributed to users without a license, which opens up use cases for freemium business models, as well as for open source apps. Previous behavior of distributing only to licensed users remains the default.
FEATURE Add signature, checksum and description attributes to releases.
FEATURE Add status attribute to licenses.
FEATURE Add status attribute to releases.
LAUNCH Launch the official keygen CLI for signing and publishing software releases. Integrate with our SDKs for secure automatic upgrades.

OCT

LAUNCH Launch our official Go SDK for quickly implementing license activation and self-updating functionality into any Go program.
FEATURE Add policy expiration strategies, to control how expired licenses should be validated and permissions for release access.

SEP

FEATURE Add support for defining per-license overrides for maxMachines, maxCores and maxUses properties.

AUG

INTEGRATE Add official Keygen Dist v2 release publisher and update provider integration for electron-builder.

JUL

LAUNCH Launch Keygen Dist v2, a new version of our software distribution API that is now fully integrated into our licensing API.
DEPRECATE Deprecate Keygen Dist v1 in favor of v2. We will continue to maintain v1, but we recommend upgrading to v2.

JUN

FEATURE Add Keygen-Signature header to all API responses (signed using Ed25519 cryptography).
FEATURE Add Keygen-Signature header to webhook event delivery requests.
DEPRECATE Deprecate X-Signature header in favor of Keygen-Signature for new accounts. (Existing accounts will continue to receive the X-Signature header.)
FIX We accidentally broke metadata filtering for boolean and number query types. Because HTTP querystrings are string values, our search queried the metadata as if they were string values, when they were supposed to be booleans, integers or floats. This issue has been resolved and earlier search queries should now work as they did before the performance improvements.

MAY

FEATURE Add new license key signing scheme: ED25519_SIGN.

APR

FEATURE Add entitlement resources. Entitlements can be attached to policies and licenses to implement licensing models such as robust feature licenses.

MAR

FEATURE Add additional request log information to the Dashboard, including new charts such as top licenses by volume, top URLs by volume and top IPs by volume.
BILLING Add yearly billing options.
FEATURE Add a default embedded dataset when creating a license with a cryptographic scheme.
FEATURE Add permission for license tokens to generate offline machine activation proofs.
FEATURE Add maximum CPU core enforcement to policies, and core counts to licenses and machines.

FEB

FEATURE Add search support and other improvements to request logs, including recording data such as the request and response body, response signature, the requestor, and other information.

2020

DEC

FEATURE Add fingerprint uniqueness strategy to policies, allowing prevention of duplicate machine fingerprints across a variety of scopes.
FEATURE Add Python code examples to API reference.
FEATURE Add meta.scope.fingerprints scope to license validations, allowing multiple machine fingerprints to be validated at once.
FEATURE Add fingerprint matching strategy to policies to match any, some, or all provided machine fingerprints (if multiple are provided).

OCT

FEATURE Add new license key signing schemes: RSA_2048_PKCS1_SIGN_V2 and RSA_2048_PKCS1_PSS_SIGN_V2.
FEATURE Add cryptographic proofs for offline machine activations.
FEATURE Add account recovery flow to recover a lost account ID.
FEATURE Add ability to override the filename of a download using Keygen Dist via a filename query parameter.
FEATURE Add two-factor authentication to the Keygen Dashboard.

SEP

FEATURE Update autogenerated license key format to v3, allowing for much shorter and more human-legible license keys. This does not effect existing license keys, only new license keys.
FEATURE Update license token format to v3, allowing for much shorter and more human-legible license tokens.
FEATURE Update API token format to v3, allowing for much easier identification of a token's type.
FEATURE Add ability to specify a custom machine heartbeat monitor window.

AUG

FEATURE Add new administrative roles with limited permission subsets: support-agent, sales-agent, developer.
FEATURE Add invoice history and management to account billing.

MAR

FIX Fix issue causing some pagination cases to respond with a next page link even when a next page is not available, resulting in a possible infinite loop when traversing pagination when expecting a null next page value.

FEB

FEATURE Add expiry attribute to user and admin token generation endpoint, allowing you to specify when/if a given token expires.

2019

DEC

FEATURE Update license token permissions to be able to increment license usage (useful for incrementing usage in a client-side environment without an intermediary server).
FEATURE Add unassigned filter to licenses list endpoint.
FEATURE Add meta.tokenId to profile endpoint, containing the ID of the API token being used for the request.
FEATURE Add "whoami" headers to all responses: X-Keygen-Account-Id, X-Keygen-Bearer-Id, X-Keygen-Token-Id, representing the current account, the current user making the request, and the user's API token being used for the request, respectively.

NOV

FEATURE Add nonce parameter to license validation endpoints (which is then echoed back within the signed response body).

JUL

FEATURE Add additional rate limit headers: X-RateLimit-Window for the closest rate limiting window to being reached, X-RateLimit-Count for the request count within the current rate limiting window.
FIX Fix issue where machine deactivation was queued and performed asynchronously, which sometimes caused subsequent requests to the machines list endpoint to include the aforementioned deactivated machine (due to the deactivation process being async).

JUN

FIX Fix issue where the expired filter for the license list endpoint would not include licenses without an expiry when expired=false.
FEATURE Add ability to use a machine's fingerprint attribute within URL params in place of its ID (granted the fingerprint is a valid URL param).

MAY

FEATURE Add machine heartbeat system.
FEATURE Add active filter to users list endpoint.

APR

FEATURE Add license validation meta, which includes the validation result, to payloads of license.validation.* webhook events.
FEATURE Add expired filter to licenses list endpoint.

MAR

FEATURE Add ability for admins to manually update a user's password.
FEATURE Add total pages and resource count to pagination meta.

2018

DEC

FEATURE Add current timestamp to validation response: meta.ts.
FEATURE Add /v1/ping endpoint. Useful for testing if the Keygen API is reachable, e.g. firewall issues, lack of internet access, etc.
FEATURE Add support for webhook endpoints to subscribe to specific webhook events.

NOV

FEATURE Add request logging.

OCT

FEATURE Add support for named licenses.

SEP

FEATURE Add support for offline licensing using cryptographically signed/encrypted license keys.
FIX Fix issue causing some Accept headers to result in an HTTP 400 Bad Request response code.
FEATURE Add helpful error response and specific error code for requests containing: invalid JSON, invalid tokens, invalid encodings.
FIX Fix issue where machines without a user associated with it could contain invalid relationships.user linkage.
FEATURE Add ip and hostname filters to machines list endpoint.

AUG

FEATURE Add "protected" permission system to licenses.
FEATURE Add better debugging tools for webhook event delivery failures.

JUL

FIX Update license validation precedences, resolving an issue where machine-related validation-result codes would sometimes take precedence over invalid license state, such as the license being expired or suspended.
FEATURE Add policy filter to machines list endpoint.
FEATURE Add machine count to license payloads via /relationships/machines/meta/count.

JUN

FEATURE Add permission for license tokens to read machines of the license it belongs to.
FEATURE Add permission for license tokens to validate the license it belongs to.
FIX Fix issue where password reset expiration date was incorrect within the email delivered to the user.

MAY

FIX Fix issue where regenerated tokens had an incorrect expiry value (was adding 2 weeks to the current expiry, when it should have been adding 2 weeks from the current datetime).
FIX Fix issue where license expiry could not be removed.
FEATURE Add ability to limit machine activation and deactivation counts for license tokens.
FEATURE Update API token algorithm to v2.
FEATURE Add support for more detailed error pointers for resource relationship-related errors.
FIX Fix issue where a machine could be activated even after reaching the license token's activation limit.
FIX Fix issue where nextCheckIn would display a non-null value for non-check-in licenses.

APR

FEATURE Add license token support, allowing client-side machine activation workflows.
FEATURE Add search feature to the Dashboard.
FEATURE Add ability to delete webhook events for compliance.
FEATURE Add last response body and code to webhook events to aid in developer debugging.
FEATURE Add additional error codes to failed webhook events, e.g. DNS issues, request timeout, etc. to aid in developer debugging.
FEATURE Add ability to use a user's email attribute within URL params in place of their ID.

MAR

FEATURE Add X-Signature header to all API responses (signed using RSA cryptography).
FEATURE Add X-Signature header to webhook event delivery requests.
FEATURE Add webhook events for license expiration lifecycle: license.expiring-soon, license.expired.
FEATURE Add license usage count system.
FEATURE Add meta.increment and meta.decrement params for adjusting increment/decrement amount.
FEATURE Add ability for a license to transfer between users.

JAN

FEATURE Update behavior around Accept header to respond with a application/json content-type when requested, rather than always responding with application/vnd.api+json.
FEATURE Add ability for a license to transfer between policies.
FEATURE Add concurrent license support.
LAUNCH Add our distribution API, Keygen Dist, to the interwebs. 🎊

2017

DEC

FEATURE Add support for meta.scope to license validation endpoints.
FEATURE Add ability to use a license's key attribute within URL params in place of its ID (granted the key is a valid URL param).

NOV

FEATURE Add webhook event for password resets (for manual fulfillment).

OCT

FEATURE Add maxMachines attribute to license payload.
FEATURE Add validation result code to license validation payload meta.

MAY

FEATURE Add license check-in system.
FEATURE Add webhook events for license validations: license.validation.succeeded, license.validation.failed.

APR

FIX Fix issue where a duplicate license key could be created for an account (i.e. 2 licenses with the same key).
FEATURE Update product token permissions to read all users and webhook events to aid in server-side integrations.
FEATURE Add strict attribute to policies to remove the "hard" machine limit.
FEATURE Update floating attribute default value to false for policies.
FEATURE Update maxMachines attribute default value to 1 for policies.
FEATURE Add "protected" permission system to policies.

FEB

FEATURE Add validation detail message to license validation payload meta.
FEATURE Add events[] filter to webhook events list endpoint.

JAN

FEATURE Add action to suspend and reinstate licenses.
FEATURE Add suspended filter to licenses list endpoint.
FEATURE Add account-related webhook events, e.g. account.updated, account.billing.updated, etc.
FEATURE Add JSON-API linkage to singular relationships within response payloads.
FIX Fix issue where rate limited response used incorrect JSON content type.
FEATURE Add product filter to keys list endpoint.
FEATURE Allow user metadata attribute to be specified during user creation for non-authenticated requests.
FEATURE Add support for specifying your own license key attribute during license creation.
FEATURE Add v1 version suffix to API tokens.
FEATURE Add "protected" permission system to accounts.
LAUNCH Add the Keygen Dashboard to the interwebs. 🍻

2016

DEC

FEATURE Add idempotency token to webhook events.
FEATURE Add status to webhook events.

NOV

FEATURE Add webhook system.

OCT

LAUNCH Add our licensing API, Keygen, to the interwebs. 🎉