Platform Features
Capabilities available to applications on the Aegis platform.
File Distribution
Aegis provides a secure file delivery mechanism. Files are registered in the dashboard with a name, download URL, and access control setting. Client applications request files by ID through the API and receive the download URL in a signed response.
This allows updating download links without modifying client software, and gating downloads behind authentication.
Global Variables
Key-value pairs managed from the dashboard that client applications can query at runtime. Each variable can be public or require authentication. Values can be changed from the dashboard and take effect immediately.
Common uses include:
- Version checks
- Maintenance notices
- Feature flags
- Dynamic configuration
Products
Products represent distinct offerings within a single application. In a game loader, for example, each supported game is a separate product. This allows one user account to hold multiple product subscriptions, each with independent activation and expiry.
Each product has a name, a numeric level, and an optional features JSON object for storing arbitrary metadata. Products are configured in the admin dashboard under each application.
How Products Work
- License keys can be bound to a specific product at generation time.
- When a user redeems a product-bound key, a subscription is created linking the user to that product with its own start and expiry dates.
- The SDK's
subscriptions()accessor returns the user's active product subscriptions, so the client can enable or restrict features per product. - Heartbeat responses include the full list of active subscriptions, keeping the client in sync without additional API calls.
Note
Single-product applications do not need to create products. Licenses work without a product binding — products are only required when an application manages multiple distinct offerings under one account.
Webhooks
HTTP callbacks triggered by application events. Webhook payloads are signed with HMAC-SHA256 for verification. Webhooks auto-disable after 10 consecutive delivery failures.
Note
Discord and Telegram webhook URLs are automatically detected and formatted appropriately.
Blacklisting
IP addresses and hardware IDs can be blocked per application. Blacklisted clients receive a 403 response on any API request.
Anomaly Detection
Aegis monitors for suspicious activity across several dimensions:
| Check | Description |
|---|---|
| Velocity | Excessive authentication attempts in a short window |
| HWID Drift | Hardware fingerprint changing unexpectedly |
| Clock Drift | Significant time difference between client and server |
The response is configurable per application: log only, automatically suspend the license, or automatically ban. Alerts can be routed to Discord or Telegram.
Team Management
Applications can have team members with different roles, enabling delegation of operational tasks without sharing full account access.
Resellers
Generate license keys from a pre-allocated balance through a dedicated portal. Useful for distribution partners who need to issue keys independently.
Managers
Access a portal with granular permissions scoped to specific applications. Available permissions include:
- Manage users
- Manage licenses
- Manage logs
- Manage files
- Manage webhooks
Useful for support staff who need operational access without full application control.