Aegis Documentation
Licensing and authentication platform for software protection.
What is Aegis
Aegis is a licensing and authentication platform that lets developers protect their applications with license keys, hardware binding, and session management. Every API response is cryptographically signed using Ed25519, ensuring that authentication data cannot be tampered with.
How It Works
- Create an application — each application gets its own Ed25519 signing keypair, generated automatically by the platform.
- Generate license keys — create keys with expiration, activation limits, and product assignments, then distribute them to end users.
- Integrate the Aegis SDK — embed the SDK into the client application using only the application's public key.
- End users authenticate — when the application launches, the SDK authenticates with Aegis and verifies the signed response locally.
- Manage in real time — monitor users, sessions, and licenses from the dashboard. Revoke access, reset hardware locks, or adjust license parameters at any time.
Core Concepts
| Concept | Description |
|---|---|
| Applications | Each software project is registered as an application with its own Ed25519 keys and configuration. |
| License Keys | Generated per application and distributed to end users. Keys are bound to hardware on first activation. |
| Users | Created when a license is first activated or when someone registers with a key. Each user belongs to a single application. |
| Sessions | Authenticated state maintained via periodic heartbeats from the client SDK, with a 24-hour expiry. |
| HWID Binding | Licenses are locked to a specific hardware identifier on activation, preventing reuse on other machines. |
| Signed Responses | All API responses carry an Ed25519 signature that the SDK verifies client-side to detect tampering. |
Platform Features
Beyond licensing and authentication, Aegis provides a set of tools for managing software distribution and access control:
- File distribution for delivering updates and binaries
- Global and application-scoped variables
- Products with configurable permissions
- Webhook integrations for external event handling
- User and license blacklisting
- Anomaly detection for suspicious activity
- Team management with reseller and manager roles
See Features for detailed documentation on each capability.