In order to make requests to our licensing API, you will need to use your
Keygen account's unique ID, or its
slug that you chose during sign up.
Every API request will utilize your account's ID or slug within the URL
/v1/accounts/<slug>. Your account's
ID and slug can be used interchangeably as URL params.
Protected vs unprotected
An unprotected Keygen account will allow public user registration, user token generation (authentication), and will also allow users to create their own licenses and machines while authenticated. This is referred to as an "unprotected" account, allowing client-side resource management (i.e. by your users), while you respond to those events using webhooks.
For example, you can allow users to create and delete their own licenses and machines, while you handle to those events for billing purposes, e.g. charge them for new licenses, update their subscription to match their license and machine count, etc.
If you do not want your users to be able to create and manage their own licenses and machines client-side (which may necessitate listening for webhook events) then you should set your account to "protected", which will require admin authentication to create and manage all resources, aside from machine activation and deactivation.
By default, your account is set to protected. You can change that from your account settings page.
See the security section for more tips.