Licensee Secret is an additional optional security feature. It adds globally a node-locking capability, and may be used in combination with any supported licensing models. Although using it with some licensing models, e.g. Floating, does not make much sense, there is no restriction, feel free to find your own creative way of using Licensee Secret.
Licensee Secret feature has the following modes of operation, configurable in Product settings:
|Disabled||Validation parameter licenseeSecret will be ignored. Previously stored value retained, but is not accessible until the mode is changed.|
|Predefined||Secret is generated by vendor and passed on to the licensee (e.g. in a hardware dongle, or text-based encrypted key). The value must be explicitly set to the licenseeSecret property of the corresponding Licensee entity (using either Console or API). Licensee validation will only succeed if the value provided in licenseeSecret validate parameter matches the stored one. Since licenseeSecret must be set to the Licensee in advance, this mode can't be combined with "Auto-create Licensee" mode.|
|Client||This mode is similar to the Predefined mode, but unlike Predefined, the secret must not be set to the Licensee in advance, instead it will be set using the value provided in licenseeSecret parameter on first validate call. Once set, it works same way as Predefined mode. This will allow automatic locking to any secret value provided by the licensee, typically hash of some HW related data (e.g. MAC address, CPU serial number, etc). This mode can be used with hardware dongle too: the dongle holds the secret, but it is only bound to the specific licensee on the first validate.|
Here is the licensee secret workflow diagram for the "Client" mode:
Use these examples to construct API calls when using licensee secret.