License API
License API Authorization

Response Signature v2

3min

Overview

Response objects from License API endpoints contain an http header LicenseSignature which is an HMAC-SHA256 signature used to verify the integrity and authenticity of the response. This is not the same as the license_signature in certain response objects (see Response Signature for that property).

The LicenseSignature header signs the entire response object using our private key, which enables you to use our public key to verify the signature.

Verifying Response Signature v2

You can use the server's public key to verify the LicenseSignature header. By validating the signature, you ensure the response originates from LicenseSpring's trusted servers.

Download the server public key from the link below to implement signature verification using the example provided:



Code Sample

JS