The Devolens (formerly Cryptolens) Web API is the HTTPS interface that applications, backend services, and third-party systems use to work with licensing data. It is used for license verification, key creation, activation management, customer access, usage data, and automation. For most client applications, we recommend using one of the client SDKs. The SDKs call the Web API for you and include helpers for common licensing tasks. You can also call the Web API directly when you need a custom backend integration, an unsupported programming language, or a workflow that is not covered by an SDK.Documentation Index
Fetch the complete documentation index at: https://help.cryptolens.io/llms.txt
Use this file to discover all available pages before exploring further.
How it fits
At a high level, the Web API is the integration layer between your systems and Devolens:Common use cases
You can use the Web API to:- Activate and verify license keys.
- Create, extend, block, or update license keys from your backend.
- Assign license keys to customers and retrieve licenses linked to a customer.
- Manage activated machines, user seats, floating seats, or other activation identifiers.
- Store and update license metadata, such as feature configuration or usage counters.
- Integrate Devolens with payment providers, CRM systems, provisioning workflows, or internal admin portals.
- Support platforms where no official client SDK is available.
SDKs vs direct API calls
| Approach | Best for | Notes |
|---|---|---|
| Client SDKs | In-app license verification and standard activation flows. | SDKs wrap common Web API methods and usually include helpers for machine codes, signed responses, and license checks. |
| Direct Web API calls | Backend automation, payment flows, customer systems, unsupported languages, and advanced integrations. | Your application sends normal HTTPS requests to Devolens and handles the response directly. |
| License server or reverse proxy | Enterprise environments with strict networking, offline needs, or customer-specific domains/IP addresses. | These options can route or cache licensing traffic while keeping the same licensing model. |
Security basics
Access to the Web API is controlled with access tokens. Create separate tokens for different workflows and give each token only the permissions it needs. For example, a token used by a backend payment workflow may need permission to create or update license keys. A token distributed inside a desktop or mobile application should be much more limited. Do not place admin or key-generation tokens in client-side applications. For license verification, use signed responses where supported and verify the response with your RSA public key. Your application should also check the license properties that matter for your product, such as product ID, expiry date, blocked status, features, and machine-binding or activation rules.Direct request example
If you are using an unsupported language or building a custom integration, you can call the Web API directly. For example, this request retrieves information about a license key:Enterprise deployment options
Most applications can call Devolens directly through the client SDKs or the Web API. Some enterprise customers have additional network or compliance requirements. In those cases, you can also use:- Reverse proxy, if requests need to go through your own domain or IP address.
- License server, if customer machines have limited internet access or need a local licensing gateway.
- Backend-only API calls, if license provisioning, billing, or customer administration should be isolated from client applications.