Licensing API
DRAFT — Internal Developer Use Only
This API reference is for internal development teams.
Overview
What it is: The Licensing API provides complete license lifecycle management for Hydden Discovery, including reading license status, creating and activating licenses, managing license registrations, generating one-time passwords for activation, and retrieving license server information.
Source: src/license/rest/rest.go
Base Path
/internal/v1/licenseAuthentication
All endpoints require JWT cookie or API token authentication.
Endpoints
| Method | Path | Description |
|---|---|---|
GET | /internal/v1/license | Get current license information |
POST | /internal/v1/license | Create/register a new license |
PATCH | /internal/v1/license | Update/patch an existing license |
POST | /internal/v1/license/store | Store/persist a license token |
GET | /internal/v1/license/otp | Get license OTP (current tenant) |
GET | /internal/v1/license/otp/:tid | Get license OTP for a specific tenant |
GET | /internal/v1/license/record | Get license record information |
DELETE | /internal/v1/license/record | Delete the license record |
GET | /internal/v1/license/server | Get license server address |
POST | /internal/v1/license/registration | Create a new license registration |
PATCH | /internal/v1/license/registration | Refresh an existing license registration |
GET | /internal/v1/license/request | Generate a new license request |
GET /internal/v1/license
Get the current license status and details. Returns a trial license if no valid license is found.
Request:
GET /internal/v1/license
Authorization: Bearer <token>Response (200):
{
"status": "active",
"plan": "enterprise",
"expiresAt": "2027-02-12T00:00:00Z",
"features": ["ai-assistant", "attestation", "automation", "universal-collector"],
"limits": {
"maxAccounts": 100000,
"maxDataSources": 200
}
}Fallback: If the stored license cannot be parsed, a trial license is returned instead.
POST /internal/v1/license
Create or register a new license from a license registration string.
Request:
POST /internal/v1/license
Content-Type: application/json
Authorization: Bearer <token>"license-registration-string"Note: The request body is a plain JSON string (quoted), not a JSON object.
Response (200): Raw license bytes (binary token).
PATCH /internal/v1/license
Update or patch an existing license.
Request:
PATCH /internal/v1/license
Content-Type: application/json
Authorization: Bearer <token>"updated-license-string"Response (200): Raw license bytes (binary token).
POST /internal/v1/license/store
Persist a license token to the registry storage.
Request:
POST /internal/v1/license/store
Content-Type: application/json
Authorization: Bearer <token>Request body contains the license token string.
Response (200): License token bytes confirming storage.
GET /internal/v1/license/otp/:tid
Get a one-time password for license activation. The OTP is used during the initial license registration handshake.
Request:
GET /internal/v1/license/otp/:tid
Authorization: Bearer <token>Path parameters:
| Parameter | Description |
|---|---|
tid | Tenant ID (optional — use /otp without the parameter for current tenant) |
Response (200):
{
"otp": "ABC123-DEF456",
"expiresAt": "2026-02-12T01:00:00Z"
}GET /internal/v1/license/record
Get the license record containing registration and activation metadata.
Request:
GET /internal/v1/license/record
Authorization: Bearer <token>Query parameters:
| Parameter | Type | Description |
|---|---|---|
tenant | string | Optional tenant ID override |
Response (200):
{
"id": "record-uuid",
"tenantId": "tenant-uuid",
"registrationDate": "2026-01-15T00:00:00Z",
"lastRefresh": "2026-02-12T00:00:00Z"
}DELETE /internal/v1/license/record
Delete the license record. This effectively deactivates the license for the tenant.
Request:
DELETE /internal/v1/license/record
Authorization: Bearer <token>Response (200): Returns the deleted LicenseRecord.
GET /internal/v1/license/server
Get the configured license server address.
Request:
GET /internal/v1/license/server
Authorization: Bearer <token>Response (200): Plain text string containing the license server URL.
https://license.hydden.comPOST /internal/v1/license/registration
Create a new license registration with the license server.
Request:
POST /internal/v1/license/registration
Content-Type: application/json
Authorization: Bearer <token>{
"tenantId": "tenant-uuid",
"registrationCode": "REG-CODE-123"
}Response (200): Raw response bytes from the license server.
PATCH /internal/v1/license/registration
Refresh an existing license registration to renew or update the license.
Request:
PATCH /internal/v1/license/registration
Authorization: Bearer <token>No request body required.
Response (200): Raw response bytes from the license server.
GET /internal/v1/license/request
Generate a new license request that can be submitted to the license server for offline activation.
Request:
GET /internal/v1/license/request
Authorization: Bearer <token>Response (200): Raw license request bytes (for offline submission).
Error Responses
| Status | Description |
|---|---|
400 | Invalid license string or registration data |
403 | Authentication failed or insufficient permissions |
404 | License or license record not found |
500 | Internal server error or license server unreachable |
Related Topics
- Authentication API — API authentication and token management
- Registry API — Node and platform user management