🔍Basic License Validation

Now that you’ve created a project and issued your first license, it’s time for the real moment: validating that license inside your application.

This single step is what locks down your product, ensures paid users get access, blocks unauthorized copies, delivers injectables, and makes DevPayr… well, DevPayr.

Don’t worry — validation is simple. No complex ceremony. No mystical knowledge. Just a single call to the SDK or API, and you're done.

Let’s walk through everything properly.

🧠 How License Validation Works (In Plain English)

Every time your application starts (or on whatever schedule you choose):

Your app sends the license key to DevPayr
DevPayr checks:
- Is the license valid?
- Has it expired?
- Is the domain allowed?
- Has the usage limit been exceeded?
- Is the environment correct?
- Is the project fully paid?
DevPayr responds with:
- has_paid: true/false
- injectables (if paid)
- metadata
- any restrictions

If everything checks out → the app continues normally. If not → DevPayr triggers your chosen behavior (modal, redirect, log, silent).

That’s the entire magic.

🎯 Two Ways to Validate a License

There are two possible approaches:

1. License Key Only (most common)

Perfect for:

Frontend apps
Themes/plugins
Client dashboards
SaaS boot-time checks
Templates or installable software

No API key required.

2. License Key + API Key (advanced)

This unlocks:

Project management
Domain modifications
License creation/suspension
Payment checks
Injectable uploads
Admin-like access from your backend

Use this ONLY on a secure backend — never in frontend code.

🧪 OPTION 1 — Validate Using License Key Only

This is the simplest and most common method. Examples below for Node.js, PHP, Python, and Browser (Frontend).

🟦 Node.js Example

import { DevPayr } from '@xultech/devpayr';

DevPayr.bootstrap({
  license: 'YOUR-LICENSE-KEY',
  secret: 'YOUR-SHARED-SECRET', // for injectables
  base_url: 'https://api.devpayr.com',
  action: 'boot',
  injectables: true,

  onReady: (response) => {
    console.log("✅ License Valid:", response);
  },

  invalidBehavior: 'modal' // or 'redirect', 'silent', 'log'
});

🐘 PHP Example

require_once 'vendor/autoload.php';

use DevPayr\DevPayr;
use DevPayr\Exceptions\DevPayrException;

try {
    DevPayr::bootstrap([
        'license'        => 'YOUR-LICENSE-KEY',
        'injectables'    => true,
        'invalidBehavior'=> 'modal'
    ]);

    echo "License valid. Project is paid.";
} catch (DevPayrException $e) {
    echo "DevPayr error: " . $e->getMessage();
}

🐍 Python Example

from devpayr import DevPayr

DevPayr.bootstrap({
    "license": "YOUR-LICENSE-KEY",
    "secret": "your-secret",
    "injectables": True,
    "onReady": lambda data: print("✅ License valid:", data),
    "invalidBehavior": "modal" 
})

🟨 Frontend Example (Highly Flexible)

The frontend SDK lets you name your config anything you want. DevPayr auto-detects it.

All of the following examples work:

window.sdkConfig = {
  license: 'YOUR_LICENSE_KEY',
  onReady: () => console.log('sdkConfig ok')
};

window._devSettings = {
  lk: 'LICENSE_123ABC',
  debug: true,
  onReady: () => console.log('settings ok')
};

window.anythingYouWant = {
  license: 'LICENSE_SOMETHING',
  injectables: true,
  onReady: () => console.log('custom config ok')
};

💡 Tip: The frontend SDK is intentionally flexible. You can hide it, disguise it, or embed it inside your existing JS. Great for making it harder for non-technical users to “edit out” licensing.

🧪 OPTION 2 — Validate Using License Key + API Key

(Advanced, Backend Only)

When you combine an API key with your license key, DevPayr turns into a full backend client.

You can now:

Manage domains
List or create licenses
Upload injectables
Fetch project data
Check payment history
Access advanced endpoints

🔐 Node.js Example

DevPayr.bootstrap({
  license: 'YOUR-LICENSE-KEY',
  api_key: 'YOUR-API-KEY',
  secret: 'YOUR-SECRET',
  injectables: true,
  action: 'boot',

  onReady: (res) => console.log('Ready:', res)
});

// Service classes now available
const projectService = DevPayr.projects();
const licenseService = DevPayr.licenses();
const domainService = DevPayr.domains();
const injectableService = DevPayr.injectables();
const paymentService = DevPayr.payments();

💡 Tip: Think of the API key as “full DevPayr power mode.” Only use it in secure backend servers.

🌐 Validating via Raw HTTP (cURL)

If you’re not using an SDK (embedded systems, Go, Rust, etc.), you can validate with plain HTTP.

🔑 Validate Using License Key Only

Endpoint:

POST /api/v1/project/has-paid

Header Example

curl -X POST "https://api.devpayr.dev/api/v1/project/has-paid?include=injectables" \
  -H "Accept: application/json" \
  -H "X-LICENSE-KEY: DP-XXXX-XXXX-XXXX" \
  -H "X-Devpayr-Domain: yourappdomain.com"

Body Example

curl -X POST "https://api.devpayr.dev/api/v1/project/has-paid" \
  -H "Content-Type: application/json" \
  -H "X-Devpayr-Domain: yourappdomain.com" \
  -d '{"license":"DP-XXXX-XXXX-XXXX"}'

🔐 Validate Using API Key

Endpoint:

GET /api/v1/project/{project_id}/has-paid

curl -X GET "https://api.devpayr.dev/api/v1/project/42/has-paid?action=check_project&include=injectables" \
  -H "Accept: application/json" \
  -H "X-API-KEY: YOUR_API_KEY" \
  -H "X-Devpayr-Domain: yourappdomain.com"

📄 Example Response

{
    "status": "success",
    "message": "Success",
    "data": {
        "has_paid": true,
        "injectables": [
            {
                "id": 1,
                "slug": "js-script",
                "title": "Js Script",
                "type": "file",
                "mode": "inject",
                "target_path": "public/scripts/js/",
                "content": "9zqzVFr42Qep5uhlnE1jczo6TTIvcEVYVFdoeTN0NmFiWGZuYTdVT1czZ1krblJrNWlMWFc0SFNhbGxrbGlUSDkwNHdVM01oV2pRT0ptaDVNV2c2ZmFVQVh2L3IvMVZjM2VmTkZXcmtyZEpKRUN4ZVo4YkxQeVB4SjZ5VVFqS2Z1eDk1bUQ2SWRDTDBFbzRPbHRtd1dQTkl3c1h3NFloakdpTFdZc2FhSlRqZmxXWEV6N0tmNktCUXdDaEpINGNHOUtJTGc3Q2ZudWtlTzdnNUVjbWpkbFlpNWlMb0NOK1puKzl3WldySTRqdHozRzlkUVlGUG9vbjF5b3JucWpKamFyVSsxajl1d1Yxc25WOUNLdGhqcVpBK3JyQm9MVkYwM3grS0VhWldLRWtDVnl4Y1RIWVZiWlNjRDk1NVNRRDlvdUtRR0xEYktrZ1lZeXJoN1FnbUh3WXJJTU1TekF3RDkyanNON3FSOUJTdkw4a0JWckZqUXd1ZXg2bHNKeVlGU3Y2cktWd2ZOTHA5K3dYQXoxNWJSb2hPdER2R0Q3YnRDWGRjT0MzZWU5bTVJVXpsWXJkQzRqSFpBeW5jdnIvQVl6ZHRFdHMycnBnTi9nMnNPQ1RNUGsxQ3JTd05Say96N1pzYjBjTGtQOHhDeWdhbzVObnEwVWlSSlp0M1VzSitCbzFmLzlNektTc21hOFNMZmhxM01TRTFpSkwwR3FTblRGVDhsTmVUY2EyM2FuZStvbzNkeCsxRGhHZWRIbEJ2ZVY0Q1NzV096Y1dqWXZMUWVzNG9uSk1LV2VKaU9QNURqUjYwN1M0dnZWckw1cUZKUmE4dXVNeG9tZko0UVVGT0svSjJMaWwzS2txUC8yWWhabGg2WFZJSUhrRDBkUWlPWVpQU0M5dG5Uck9PaFFlOE04MWd0dU83cVU3enFPUjNOYWpsNDFOSERTV0xHbVFPQjRqMUl4WldHbk5JdDVCSTNBQWh1UWhJL3VqQms3RlQ3dzRKaGUwZVIyU0ZlUjA3RllITEwrc2ZyRmtScSt6bWt6UDUvZkppREM5YjR6bGRMbll5RkZRNEpZREFXNGtvZldGbUQvZGJjaG1lVlBvZDRKeHNRb0NOOGwrRFAwalRld09FbUNmZkhPYzRTTDV0MGV5QU52Y0VBbXRkQ2d5RzVYQXhvdUdJUzlRbWN4Mlg2Q2hLWXc3dEV1U21PTU83M3Z2aEdXUitFRDZlMmNwcVEvS3BuOWVBPT0=",
                "file_path": "9Wa2Xqo0jgxe22mSYpblCjo6MUpSRTdhM3VQckdDOW9Za2ZxdFVtUVVuYXVDck1odDJKRi9SL1ZMTTlXZ3orYnl6MGpPMEpKSWt1U2NWVWVTZXhjVHlXeWZwQmRtNTJRZk81TVJpQVE9PQ==",
                "is_active": true,
                "only_if_paid": true,
                "meta": {
                    "uploaded_by": "email@gmail.com",
                    "sdk_type": "file",
                    "env_hint": "production"
                }
            }
        ]
    },
    "errors": null
}

🧭 Summary

Method

Best For

Requires API Key?

License Key Only

Frontend, SaaS runtime checks, themes, plugins

❌ No

License + API Key

Backend systems, dashboards, automation

✔️ Yes

Raw HTTP

Custom environments, servers without SDKs

Optional

🎉 You Just Validated Your First License

At this point:

Your project is set up
Your license is issued
Validation is working
Injectables are delivered (if any)
DevPayr is officially connected to your app

PreviousIssuing Your First License NextHow DevPayr Works

Last updated 28 days ago