linkYour Keygen Account
In order to make requests to our licensing API, you will need to use your
Keygen account's unique ID, or its slug
that you chose during sign up.
Every API request will utilize your account's ID or slug within the URL
path, i.e. /v1/accounts/{ID}
or /v1/accounts/{SLUG}
. Your account's
ID and slug can be used interchangeably as URL params.
Account Permissions
By default, your Keygen account will allow public user registration, user token generation (authentication), and will also allow users to create their own licenses and machines while authenticated. This is referred to as an "unprotected" account, allowing client-side resource management (i.e. by your users), while you respond to those events using webhooks.
For example, you can allow users to create and delete their licenses and machine activations, while you respond to those events to handle billing, e.g. charge them for new licenses, update their subscription to match their license and machine count, etc.
If you do not want your users to be able to create and manage their own licenses and machines client-side (which may necessitate listening for webhook events) then you should set your account to "protected", which will require admin authentication to create and manage all resources, aside from machine activation and deactivation.
Setting your account to "protected" is the recommended approach when using Keygen 100% server-side. You can change your account permissions from your account settings page.
See the security section for more tips.