As part of our ongoing efforts to strengthen security, we have introduced Schema Version 2 (v2) for offline requests. This update enhances request integrity by ensuring the entire payload is signed and verifiable.
Schema v2 introduces full payload signing and request versioning.
Schema Version Field
Every request now includes a schema_version field.
Allows License API to detect and handle the request format.
HMAC-SHA256 Signature
The entire request JSON is signed using HMAC-SHA256 with the client secret or shared key.
Ensures all fields are protected from tampering.
Nested Request Object
The signed request is wrapped in an outer JSON object.
The request field must remain a proper JSON object (not a string) to allow correct parsing and signature verification on the License API side.
Full payload integrity: all fields are signed, including previously optional fields.
Backward-compatible: older SDKs using v1 requests will still work while v2 enables enhanced security.
Simplifies License API parsing and signature verification.
Offline schema v2 requires an SDK version that supports v2. Check your SDK documentation (and changelogs) under SDKs before enabling.
Last updated
Was this helpful?
Was this helpful?
{
"request": {
"schema_version": 2,
"api_key": "apikey",
"date": "Fri, 29 Aug 2025 07:22:37 GMT",
"hardware_id": "8b06c6053b7a2040f07c60b62f17f378ccc5030e21676f8a100a97ab36303ad0",
"ip_local": "192.168.1.226",
"license_key": "BSK8-CLCY-PB5E-BXFO",
"mac_address": "5A-8A-90-08-13-84",
"os_hostname": "Mac",
"os_ver": "Darwin 24.6.0",
"product": "fooapp",
"request": "activation",
"request_id": "D010714E-72DD-E4CF-BEBB-4105EC1B2A0F",
"sdk_lang": "cpp",
"sdk_ver": "7.41.1",
"signature": "A7Tg3dBCc3OsegkPdPc6I1/sRqHj1uSuBR3ad8uaEnk="
},
"signature": "aad1693bf8b394719b695e916e07aee29d4ddf2afb24cc43febd4d43a660b703"
}