Validating activation on server-side

Hello,

I am considering to use LimeLM to protect my software. User with valid license should be able to access functionality which involves interaction with server-side. My question is is there way for me on server to verify that request is coming from the activated software? I feel like this should be common problem but I can't find information on how to do this properly.

Best Regards, Alex

Hey Alex,

If you give me more specifics about what you're actually trying to do server-side, then I'll be able to give you a more specific answer (or a different answer altogether).

But, with the information you've give me, the best thing to do is to pass the product key along with any request to your servers. And on your servers use the LimeLM web API to verify that the key (a) exists (b) is not revoked and (c) is activated. And if all those conditions are true, then do something on your servers.

Like I said, if you give me more information then I'll be able to better help you.

On server-side I will use some third party API to retrieve some data and send it back to user. Using this third party API is not free that is why I want to make sure that request is coming from activated copy of software. I was also thinking about sending product key over https and validating it on server using LimeLM web api. But the problem is that it will be possible to make requests outside of app as long as someone knows product key.

Well, the way to solve that is to limit the number of requests to that pay-for API, and/or somehow bill your customers for the usage of the API.

Reply
Discard post