This guide covers important aspects of the platform that we recommend to review before you publish your application.

Expiry date is not enforced by default

The expiry date is not enforced by default and it will still be possible to activate a license even when the expiry date has passed. However, there are two ways to enforce it: either by setting up automatic blocking of expired licenses (if you will be using Key.Activate method) or by checking if the Block property inside the License Key object is True (if you are calling Key.GetKey or using offline licensing). You can find more information here.

Machines are not activated by default

If you plan to use node-locking or floating licensing, where the goal is to track machines, it’s important that each license that you issue sets the Maximum number of machines parameter to a value greater than 0. For example, if you would like to limit the license to 2 machines, Maximum number of machines should be set to 2.

Access token should have minimal scope of permissions

When you are ready to publish your application with Cryptolens, it’s important to ensure that access tokens that are used inside the application that is distributed to the client have as few permissions as possible. Normally, the access token used in the client application should only have Activate permission. Some data that is returned can also be masked if this is needed. Please review this article.