Open, source-available — the new KeygenStar us on GitHub arrow_right_alt

Changelog

An RSS feed of our changelog is available.

2024

FEB

  • CHANGE We now cull dead machines and processes every 2 minutes, instead of what used to be, in most cases, instantly. This is for performance and scalability reasons.
    For healthy machines and processes sending heartbeats at appropriate intervals, you should see no change in behavior.

JAN

  • FEATURE Add renewal basis to policies, to configure how a license's expiry is extended during renewal.
    This is useful in cases where you want to renew from the current time, not the expiry.

2023

NOV

  • FEATURE Add support for prefer query parameter for artifact downloads and other distribution-related endpoints.
    This is useful in cases where providing a Prefer header is not an option.

OCT

v1.5

This changes the current API version from v1.4 to v1.5. With this, a small backwards-compatible breaking change has been introduced.

For current API consumers of v1.4 or earlier, nothing will change, thanks to version pinning. Please see our versioning strategy for more info.

  • CHANGE Fix casing of nested metadata keys from snake case to camel case.
  • FIX Fix issue where dead machines in a NOT_STARTED state would not be culled when their policy is later updated to require heartbeats.

SEP

v1.4

This changes the current API version from v1.3 to v1.4. With this, a couple small backwards-compatible breaking changes have been introduced.

For current API consumers of v1.3 or earlier, nothing will change, thanks to version pinning. Please see our versioning strategy for more info.

  • CHANGE Rename fingerprintUniquenessStrategy to machineUniquenessStrategy for policies.
  • CHANGE Rename fingerprintMatchingStrategy to machineMatchingStrategy for policies.
  • FEATURE Add machine components for managing a machine's hardware components.
  • FEATURE Add components scope requirement to policies, to control whether license validations require a components scope.
    The components scope can be used to assert a machine has a given set of hardware components.
  • FEATURE Add MATCH_TWO machine matching strategy to policies.
  • FEATURE Add component uniqueness strategies to policies.
  • FEATURE Add component matching strategies to policies.
  • FEATURE Add components validation scope, to assert that a machine has a given set of components during validation.
  • FEATURE Add components include option to machine checkouts.

AUG

  • FEATURE Add second factors for managing a user's 2FA.
  • FIX Fix breaking change causing some request bodies to be ignored when sent without a content-type header.
    Ideally, integrations should specify a JSON content type when sending data to our API. Unfortunately, sometimes that is missed, and as such, some integrations relied on this erroneous behavior. We "fixed" this behavior by being more strict i.r.t the content-type header, but eventually rolled the change back once we realized this impacted a handful of customer integrations that were sending JSON with e.g. a text/plain content type.
  • FEATURE Add support for Tauri engine.

JUL

  • FEATURE Add packages for managing and grouping a product's releases (e.g. sub-products, plugins, add-ons, packages).
  • FEATURE Add engines for managing a package's supported registries.
  • FEATURE Add support for PyPI engine.

JUN

  • LAUNCH Keygen goes open source. 🥳
  • FEATURE Add version scope requirement to policies, to control whether license validations require a version scope. Version scopes are useful for tracking a license's current version.
  • FEATURE Add version scope to license validations, in addition to new validations codes: VERSION_SCOPE_REQUIRED and VERSION_SCOPE_MISMATCH.
  • FEATURE Add checksum scope requirement to policies, to control whether license validations require a checksum scope. Checksum scopes are useful for asserting that the end-user has not modified the application.
  • FEATURE Add checksum scope to license validations, in addition to new validations codes: CHECKSUM_SCOPE_REQUIRED and CHECKSUM_SCOPE_MISMATCH.
  • FEATURE Add version attribute to licenses, indicating the release version of a license's last validation.

MAY

  • FIX Fix issue where searches on request logs by ID failed with an unsupported query error.

APR

  • FEATURE Add environments for managing sandbox and production environments.

MAR

  • FEATURE Add MAINTAIN_ACCESS expiration strategy to policies.

FEB

v1.3

This changes the current API version from v1.2 to v1.3. With this, a small backwards-compatible breaking change has been introduced.

For current API consumers of v1.2 or earlier, nothing will change, thanks to version pinning. Please see our versioning strategy for more info.

  • FEATURE When a machine which requires a heartbeat is activated, its heartbeat is now automatically started at time of activation. This resolves an issue where a zombie machine would occur if the underlying application crashed in between a machine being activated and its first heartbeat being sent.
    A machine "requires a heartbeat" when its license's policy is configured to require heartbeats.
  • CHANGE When a machine which requires a heartbeat is activated, its initial heartbeat is now ALIVE instead of NOT_STARTED.
    In addition, it will have its last heartbeat set to a non-null value.
  • FEATURE Add heartbeat basis to policies, to override the above behavior.
  • FIX Fix issue where dead machines could fail to resurrect when the license policy's resurrection strategy was ALWAYS_REVIVE.

2022

NOV

  • FEATURE Add last checkout timestamps to licenses and machines.
  • FIX Fix issue causing 403 responses for certain requestors when listing releases or artifacts with entitlement constraints.
    In some cases, when the requestor lacked entitlements, the request would be rejected. We now correctly scope these objects so that they are not shown to unentitled requestors.

OCT

  • FEATURE Add permission system for Ent customers, allowing fine-grained permissions for roles and tokens.

SEP

  • FEATURE Add name attribute to tokens, for easier token identification at a glance.

AUG

  • FEATURE Add ALLOW_1_25X_OVERAGE overage strategy option to policies.

JUL

v1.2

This changes the current API version from v1.1 to v1.2. With this, a number of backwards-compatible breaking changes have been introduced.

For current API consumers of v1.1 or earlier, nothing will change, thanks to version pinning. Please see our versioning strategy for more info.

  • CHANGE Rename meta.constant to meta.code for license validations.
  • CHANGE Replace concurrent with overage strategy for policies. The default overage strategy for new policies is NO_OVERAGE, which behaves like concurrent=false. Set overage strategy to ALWAYS_ALLOW_OVERAGE for concurrent=true behavior, which was the previous default for policies. Existing policies will continue to behave the same.
  • CHANGE Remove concurrent from policies.
  • CHANGE Remove concurrent from licenses.
  • FEATURE Add ALLOW_ACCESS expiration strategy to policies.

JUN

v1.1

This changes the current API version from v1.0 to v1.1. With this, a number of backwards-compatible breaking changes have been introduced, detailed below. For current API consumers of v1.0, nothing will change, thanks to version pinning. Please see our versioning strategy for more information about these types of changes.

Essentially, the gist of the change set here is around refactoring releases to be more like a versioned "bucket" for artifacts, rather than a one-to-one relationship between a release and artifact, introducing support for multiple artifacts per-release.

For tips on migrating from v1.0 to v1.1, see our migration guide.

  • CHANGE Change the release object's has-one artifact relationship to a has-many artifacts relationship. The endpoint(s) for the has-one artifact relationship has been deprecated, replaced with the has-many relationship.
  • CHANGE Move the following attributes from the release object to the artifact object: filename, filetype, filesize, platform, signature, and checksum.
  • CHANGE Change default status for releases to draft. Moving forward, releases must be explicitly published once all artifacts have been uploaded.
  • CHANGE Rename release NOT_PUBLISHED status to DRAFT.
  • DEPRECATE Deprecate upserting releases. Use the create endpoint instead. Since upserting was performed by filename, this is no longer needed.
  • DEPRECATE Deprecate release upgrade actions. Use the upgrade release endpoint instead.
  • FEATURE Add create, update and delete endpoints for artifacts. Artifacts are now managed like most other resources.
  • FEATURE Add status attribute to artifacts. New artifacts will default to a waiting state and will move to an uploaded state once a file is uploaded.
  • FEATURE Add arch resource, representing supported architectures (similar to the platform resource).
  • FEATURE Add upgrade relationship to releases. This replaces the release's upgrade actions.
  • FEATURE Add tag attribute to releases, for easier named lookups.
  • FEATURE Add publish action to releases.
  • FEATURE Add yank action to releases.
  • FEATURE Add expires filter to licenses list endpoint, allowing querying for, e.g. licenses expiring within the next 30 days.

APR

  • FEATURE Add action for checking out a cryptographic offline license file.
  • FEATURE Add action for checking out a cryptographic offline machine file.
  • DEPRECATE Deprecate machine proofs. We recommend checking out a machine file moving forward.
  • FEATURE Add ability to transfer licenses to policies with a less strict fingerprint matching strategy, e.g. UNIQUE_PER_POLICY to UNIQUE_PER_LICENSE.
  • FEATURE Add ability to transfer licenses to policies for another product, i.e. across products.
  • FEATURE Add process resource, to control application/instance concurrency across machines.
  • FEATURE Add leasing strategy to policies, to control how process instances are counted.
  • FEATURE Add max processes to policies, to control application concurrency.
  • FEATURE Add max processes to licenses, to override a policy's max processes.

MAR

  • FEATURE Add user scope requirement to policies, to control whether license validations require a user scope. User scopes are great for user-locked licensing models.
  • FEATURE Add user scope to license validations, in addition to new validations codes: USER_SCOPE_REQUIRED and USER_SCOPE_MISMATCH.
  • FEATURE Add group resource, for grouping resources together e.g. under a company or team, and for setting collective group limits.
  • FEATURE Add group relationship to users.
  • FEATURE Add group relationship to licenses.
  • FEATURE Add group relationship to machines.
  • FIX Fix issue causing some paginated requests to not contain a links property in the response.

FEB

  • FEATURE Add heartbeat cull strategy to policies, to control whether to automatically deactivate dead machines i.e. a machine that fails to maintain a heartbeat.
  • FEATURE Add template variable support, e.g. {{created}} and {{expiry}}, to signed license keys.
  • FIX Fix race condition which caused some dead machines to not be culled when very frequent heartbeat pings were being sent (e.g. every few seconds).
  • FEATURE Add heartbeat resurrection strategy to policies, to control whether to revive dead machines within a short window from their death.
  • FEATURE Add ability for policies to require that their machines maintain a heartbeat.
  • FEATURE Add transfer strategy to policies, to control whether license expirations are reset when transferred to a different policy.
  • FEATURE Update users to support null passwords, i.e. passwordless users. (Users without a password cannot login.)
  • FEATURE Add ability for admins to generate tokens on a user's behalf, via the user's tokens relationship.
  • FEATURE Add actions for banning users. Banned users cannot authenticate with the API, and all their licenses will be invalidated.

JAN

  • FEATURE Add authentication strategy to policies, to control how licenses are allowed to authenticate with the API. This feature allows for requests to authenticate using a license key (!!), rather than using a license token. By default, policies use a token authentication strategy i.e. behavior is unchanged.
  • FEATURE Add expiration basis to policies, to control when a license's initial expiry is set. By default, a license's expiry is set from creation.

2021

DEC

  • FEATURE Update release platform and filetype attributes to be nullable. (Setting either of these to null will exclude the release from upgrade functionality.)

NOV

  • FEATURE Add product distribution strategies, to control access to releases. Releases can now be publicly distributed to users without a license, which opens up use cases for freemium business models, as well as for open source apps. Previous behavior of distributing only to licensed users remains the default.
  • FEATURE Add signature, checksum and description attributes to releases.
  • FEATURE Add status attribute to licenses.
  • FEATURE Add status attribute to releases.
  • LAUNCH Launch the official keygen CLI for signing and publishing software releases. Integrate with our SDKs for secure automatic upgrades.

OCT

  • LAUNCH Launch our official Go SDK for quickly implementing license activation and self-updating functionality into any Go program.
  • FEATURE Add policy expiration strategies, to control how expired licenses should be validated and permissions for release access.

SEP

  • FEATURE Add support for defining per-license overrides for maxMachines, maxCores and maxUses properties.

AUG

  • INTEGRATE Add official Keygen Dist v2 release publisher and update provider integration for electron-builder.

JUL

  • LAUNCH Launch Keygen Dist v2, a new version of our software distribution API that is now fully integrated into our licensing API.
  • DEPRECATE Deprecate Keygen Dist v1 in favor of v2. We will continue to maintain v1, but we recommend upgrading to v2.

JUN

  • FEATURE Add Keygen-Signature header to all API responses (signed using Ed25519 cryptography).
  • FEATURE Add Keygen-Signature header to webhook event delivery requests.
  • DEPRECATE Deprecate X-Signature header in favor of Keygen-Signature for new accounts. (Existing accounts will continue to receive the X-Signature header.)
  • FIX We accidentally broke metadata filtering for boolean and number query types. Because HTTP querystrings are string values, our search queried the metadata as if they were string values, when they were supposed to be booleans, integers or floats. This issue has been resolved and earlier search queries should now work as they did before the performance improvements.

MAY

  • FEATURE Add new license key signing scheme: ED25519_SIGN.

APR

  • FEATURE Add entitlement resources. Entitlements can be attached to policies and licenses to implement licensing models such as robust feature licenses.

MAR

  • FEATURE Add additional request log information to the Dashboard, including new charts such as top licenses by volume, top URLs by volume and top IPs by volume.
  • BILLING Add yearly billing options.
  • FEATURE Add a default embedded dataset when creating a license with a cryptographic scheme.
  • FEATURE Add permission for license tokens to generate offline machine activation proofs.
  • FEATURE Add maximum CPU core enforcement to policies, and core counts to licenses and machines.

FEB

  • FEATURE Add search support and other improvements to request logs, including recording data such as the request and response body, response signature, the requestor, and other information.

2020

DEC

  • FEATURE Add fingerprint uniqueness strategy to policies, allowing prevention of duplicate machine fingerprints across a variety of scopes.
  • FEATURE Add Python code examples to API reference.
  • FEATURE Add meta.scope.fingerprints scope to license validations, allowing multiple machine fingerprints to be validated at once.
  • FEATURE Add fingerprint matching strategy to policies to match any, some, or all provided machine fingerprints (if multiple are provided).

OCT

  • FEATURE Add new license key signing schemes: RSA_2048_PKCS1_SIGN_V2 and RSA_2048_PKCS1_PSS_SIGN_V2.
  • FEATURE Add cryptographic proofs for offline machine activations.
  • FEATURE Add account recovery flow to recover a lost account ID.
  • FEATURE Add ability to override the filename of a download using Keygen Dist via a filename query parameter.
  • FEATURE Add two-factor authentication to the Keygen Dashboard.

SEP

  • FEATURE Update autogenerated license key format to v3, allowing for much shorter and more human-legible license keys. This does not effect existing license keys, only new license keys.
  • FEATURE Update license token format to v3, allowing for much shorter and more human-legible license tokens.
  • FEATURE Update API token format to v3, allowing for much easier identification of a token's type.
  • FEATURE Add ability to specify a custom machine heartbeat monitor window.

AUG

  • FEATURE Add new administrative roles with limited permission subsets: support-agent, sales-agent, developer.
  • FEATURE Add invoice history and management to account billing.

MAR

  • FIX Fix issue causing some pagination cases to respond with a next page link even when a next page is not available, resulting in a possible infinite loop when traversing pagination when expecting a null next page value.

FEB

  • FEATURE Add expiry attribute to user and admin token generation endpoint, allowing you to specify when/if a given token expires.

2019

DEC

  • FEATURE Update license token permissions to be able to increment license usage (useful for incrementing usage in a client-side environment without an intermediary server).
  • FEATURE Add unassigned filter to licenses list endpoint.
  • FEATURE Add meta.tokenId to profile endpoint, containing the ID of the API token being used for the request.
  • FEATURE Add "whoami" headers to all responses: X-Keygen-Account-Id, X-Keygen-Bearer-Id, X-Keygen-Token-Id, representing the current account, the current user making the request, and the user's API token being used for the request, respectively.

NOV

  • FEATURE Add nonce parameter to license validation endpoints (which is then echoed back within the signed response body).

JUL

  • FEATURE Add additional rate limit headers: X-RateLimit-Window for the closest rate limiting window to being reached, X-RateLimit-Count for the request count within the current rate limiting window.
  • FIX Fix issue where machine deactivation was queued and performed asynchronously, which sometimes caused subsequent requests to the machines list endpoint to include the aforementioned deactivated machine (due to the deactivation process being async).

JUN

  • FIX Fix issue where the expired filter for the license list endpoint would not include licenses without an expiry when expired=false.
  • FEATURE Add ability to use a machine's fingerprint attribute within URL params in place of its ID (granted the fingerprint is a valid URL param).

MAY

  • FEATURE Add machine heartbeat system.
  • FEATURE Add active filter to users list endpoint.

APR

  • FEATURE Add license validation meta, which includes the validation result, to payloads of license.validation.* webhook events.
  • FEATURE Add expired filter to licenses list endpoint.

MAR

  • FEATURE Add ability for admins to manually update a user's password.
  • FEATURE Add total pages and resource count to pagination meta.

2018

DEC

  • FEATURE Add current timestamp to validation response: meta.ts.
  • FEATURE Add /v1/ping endpoint. Useful for testing if the Keygen API is reachable, e.g. firewall issues, lack of internet access, etc.
  • FEATURE Add support for webhook endpoints to subscribe to specific webhook events.

NOV

  • FEATURE Add request logging.

OCT

  • FEATURE Add support for named licenses.

SEP

  • FEATURE Add support for offline licensing using cryptographically signed/encrypted license keys.
  • FIX Fix issue causing some Accept headers to result in an HTTP 400 Bad Request response code.
  • FEATURE Add helpful error response and specific error code for requests containing: invalid JSON, invalid tokens, invalid encodings.
  • FIX Fix issue where machines without a user associated with it could contain invalid relationships.user linkage.
  • FEATURE Add ip and hostname filters to machines list endpoint.

AUG

  • FEATURE Add "protected" permission system to licenses.
  • FEATURE Add better debugging tools for webhook event delivery failures.

JUL

  • FIX Update license validation precedences, resolving an issue where machine-related validation-result codes would sometimes take precedence over invalid license state, such as the license being expired or suspended.
  • FEATURE Add policy filter to machines list endpoint.
  • FEATURE Add machine count to license payloads: relationships.machines.meta.count.

JUN

  • FEATURE Add permission for license tokens to read machines of the license it belongs to.
  • FEATURE Add permission for license tokens to validate the license it belongs to.
  • FIX Fix issue where password reset expiration date was incorrect within the email delivered to the user.

MAY

  • FIX Fix issue where regenerated tokens had an incorrect expiry value (was adding 2 weeks to the current expiry, when it should have been adding 2 weeks from the current datetime).
  • FIX Fix issue where license expiry could not be removed.
  • FEATURE Add ability to limit machine activation and deactivation counts for license tokens.
  • FEATURE Update API token algorithm to v2.
  • FEATURE Add support for more detailed error pointers for resource relationship-related errors.
  • FIX Fix issue where a machine could be activated even after reaching the license token's activation limit.
  • FIX Fix issue where nextCheckIn would display a non-null value for non-check-in licenses.

APR

  • FEATURE Add license token support, allowing client-side machine activation workflows.
  • FEATURE Add search feature to the Dashboard.
  • FEATURE Add ability to delete webhook events for compliance.
  • FEATURE Add last response body and code to webhook events to aid in developer debugging.
  • FEATURE Add additional error codes to failed webhook events, e.g. DNS issues, request timeout, etc. to aid in developer debugging.
  • FEATURE Add ability to use a user's email attribute within URL params in place of their ID.

MAR

  • FEATURE Add X-Signature header to all API responses (signed using RSA cryptography).
  • FEATURE Add X-Signature header to webhook event delivery requests.
  • FEATURE Add webhook events for license expiration lifecycle: license.expiring-soon, license.expired.
  • FEATURE Add license usage count system.
  • FEATURE Add meta.increment and meta.decrement params for adjusting increment/decrement amount.
  • FEATURE Add ability for a license to transfer between users.

JAN

  • FEATURE Update behavior around Accept header to respond with a application/json content-type when requested, rather than always responding with application/vnd.api+json.
  • FEATURE Add ability for a license to transfer between policies.
  • FEATURE Add concurrent license support.
  • LAUNCH Add our distribution API, Keygen Dist, to the interwebs. 🎊

2017

DEC

  • FEATURE Add support for meta.scope to license validation endpoints.
  • FEATURE Add ability to use a license's key attribute within URL params in place of its ID (granted the key is a valid URL param).

NOV

  • FEATURE Add webhook event for password resets (for manual fulfillment).

OCT

  • FEATURE Add maxMachines attribute to license payload.
  • FEATURE Add validation result code to license validation payload meta.

MAY

  • FEATURE Add license check-in system.
  • FEATURE Add webhook events for license validations: license.validation.succeeded, license.validation.failed.

APR

  • FIX Fix issue where a duplicate license key could be created for an account (i.e. 2 licenses with the same key).
  • FEATURE Update product token permissions to read all users and webhook events to aid in server-side integrations.
  • FEATURE Add strict attribute to policies to remove the "hard" machine limit.
  • FEATURE Update floating attribute default value to false for policies.
  • FEATURE Update maxMachines attribute default value to 1 for policies.
  • FEATURE Add "protected" permission system to policies.

FEB

  • FEATURE Add validation detail message to license validation payload meta.
  • FEATURE Add events[] filter to webhook events list endpoint.

JAN

  • FEATURE Add action to suspend and reinstate licenses.
  • FEATURE Add suspended filter to licenses list endpoint.
  • FEATURE Add account-related webhook events, e.g. account.updated, account.billing.updated, etc.
  • FEATURE Add JSON-API linkage to singular relationships within response payloads.
  • FIX Fix issue where rate limited response used incorrect JSON content type.
  • FEATURE Add product filter to keys list endpoint.
  • FEATURE Allow user metadata attribute to be specified during user creation for non-authenticated requests.
  • FEATURE Add support for specifying your own license key attribute during license creation.
  • FEATURE Add v1 version suffix to API tokens.
  • FEATURE Add "protected" permission system to accounts.
  • LAUNCH Add the Keygen Dashboard to the interwebs. 🍻

2016

DEC

  • FEATURE Add idempotency token to webhook events.
  • FEATURE Add status to webhook events.

NOV

  • FEATURE Add webhook system.

OCT

  • LAUNCH Add our licensing API, Keygen, to the interwebs. 🎉