License Settings
Screenshot of License Settings tab
Overview
License Settings control the core behavior of license validation and lifecycle management across your platform. These settings directly impact how licenses are verified, cached, and automatically managed. Proper configuration ensures:
- Secure license validation
- Optimal performance through caching
- Automated renewal workflows
- Compliance with licensing policies
- Reduced manual administration
These critical settings include:
- Require License Verification – Enforce validation before activation
- License Cache Duration – Control validation performance
- Enable Auto-Renewal – Automate subscription renewals
Require License Verification
Type: Toggle (On / Off)
Default: On
Security Impact: HIGH
Screenshot showing license verification requirement
Description
When enabled, every license must pass validation checks before it can be activated or used. This setting enforces a security-first approach to license management.
- ON: All licenses are validated against the database and business rules before activation
- OFF: Licenses can be activated without full verification (NOT RECOMMENDED for production)
What Verification Includes
When verification is required, the system checks:
- ✅ License key exists in the database
- ✅ License is not expired
- ✅ License is not suspended or banned
- ✅ Activation limits are not exceeded
- ✅ Product association is valid
- ✅ Customer account is active
- ✅ No abuse flags are active
- ✅ Geographic restrictions are satisfied (if configured)
- ✅ Time-based restrictions are satisfied (if configured)
When to Enable (RECOMMENDED)
Enable verification in:
✅ Production environments – Always
✅ Customer-facing deployments – Mandatory
✅ Commercial products – Essential for revenue protection
✅ Compliance-sensitive industries – Required for audit trails
✅ Public APIs – Prevents unauthorized access
When to Disable (RARE CASES ONLY)
Disable verification only in:
⚠️ Development environments – For rapid testing
⚠️ Internal tooling – Non-commercial, trusted users
⚠️ Performance testing – Benchmarking activation speed
⚠️ Offline-first products – With alternative validation mechanisms
⚠️ CRITICAL WARNING: Disabling verification in production exposes your platform to:
- License piracy and unauthorized usage
- Revenue loss from bypassed licensing
- Inability to enforce activation limits
- No audit trail for compliance
- Security vulnerabilities
Impact on Performance
| Verification Status | Activation Speed | Security Level | Recommended For |
|---|---|---|---|
| Enabled | ~100-300ms | High | Production, customer-facing |
| Disabled | ~10-50ms | Low/None | Development, testing only |
Real-World Example
Scenario: Desktop software with 10,000 active licenses
Initial Configuration:
- Require Verification: OFF (mistakenly left from development)
Problems Encountered:
- Pirated keys circulated online
- Expired licenses continued to work
- Suspended abusers could still activate
- No way to enforce activation limits
Corrected Configuration:
- Require Verification: ON
Results:
- 95% reduction in pirated activations
- Expired licenses properly blocked
- Abuse detection working as intended
- Full audit trail for compliance
💡 Tip: Never disable verification in production. The performance difference is negligible compared to security risks.
License Cache Duration
Type: Numeric input (minutes)
Default: 60 minutes
Range: 5-1440 minutes (5 minutes to 24 hours)
Screenshot showing cache duration settings
Description
Defines how long validated license data is cached before requiring re-validation. This setting balances performance vs real-time enforcement.
When a license is validated:
- The result is stored in cache
- Subsequent validations within the cache period use cached data
- After the cache expires, fresh validation occurs
- Cache is automatically cleared on license status changes
How It Works
First Validation (Cache Miss):
- Client requests license validation
- System queries database (full verification)
- Result is cached for configured duration
- Response sent to client (~200ms)
Subsequent Validations (Cache Hit):
- Client requests validation
- System checks cache
- Cached result returned immediately (~10ms)
- No database query needed
After Cache Expiry:
- Cache entry expires automatically
- Next validation performs full check
- New cache entry created
When to Use Short Durations (5-30 minutes)
Use shorter cache durations for:
✅ SaaS/API products – Real-time enforcement critical
✅ High-value licenses – Minimize unauthorized usage window
✅ Frequently changed licenses – Faster propagation of status changes
✅ Abuse-prone products – Reduce time between detection and blocking
✅ Subscription services – Ensure timely expiration enforcement
When to Use Long Durations (120-1440 minutes)
Use longer cache durations for:
✅ Desktop/offline software – Users may be offline
✅ Low-risk products – Internal tools, trusted users
✅ High-volume APIs – Reduce database load
✅ Stable licenses – Infrequent status changes
✅ Performance-critical apps – Minimize latency
Cache Duration Recommendations
| Product Type | Recommended Duration | Reasoning |
|---|---|---|
| SaaS Web Apps | 15-30 minutes | Balance real-time enforcement with performance |
| REST APIs | 30-60 minutes | Standard for API caching |
| Desktop Software | 120-240 minutes | Users may be offline temporarily |
| Mobile Apps | 60-120 minutes | Network conditions vary |
| IoT/Embedded | 240-1440 minutes | Intermittent connectivity expected |
| Internal Tools | 180-360 minutes | Low risk, prioritize performance |
Real-World Examples
Example 1: SaaS Analytics Platform
Configuration:
- Cache Duration: 30 minutes
- Product: Cloud-based analytics
Reasoning:
- Users are always online
- Subscription changes should propagate quickly
- When subscription expires, block access within 30 minutes
- Database load is manageable with 30-min cache
Example 2: Desktop Video Editor
Configuration:
- Cache Duration: 180 minutes (3 hours)
- Product: Desktop creative software
Reasoning:
- Users often work offline
- License changes are infrequent
- Longer cache prevents disruption during offline work
- Users typically work in 4-8 hour sessions
Example 3: High-Volume API
Configuration:
- Cache Duration: 240 minutes (4 hours)
- Product: REST API with 1M+ validations/day
Reasoning:
- Extreme performance requirements
- Database load reduction critical
- License changes are rare
- 4-hour enforcement window acceptable
Impact on Enforcement
| Duration | Status Change Propagation | Database Load | Use Case |
|---|---|---|---|
| 5 min | Near real-time | High | Critical security |
| 30 min | Very fast | Moderate-High | SaaS products |
| 60 min | Fast | Moderate | Balanced default |
| 120 min | Delayed | Low-Moderate | Desktop software |
| 240+ min | Slow | Low | Offline/IoT |
Cache Invalidation Events
The cache is automatically cleared when:
- License is suspended or unsuspended
- License is expired (status change)
- License is deleted
- Activation limit is modified
- Product association is changed
- Admin manually clears cache
💡 Tip: Manual cache clearing is available via Admin Portal when immediate enforcement is needed
Best Practices
Performance Optimization:
- Start with 60 minutes (default)
- Monitor database load and query times
- If database is overloaded, increase duration
- If enforcement is too slow, decrease duration
Security Considerations:
- Never set longer than your billing cycle
- For monthly subscriptions, max 1440 minutes (24 hours)
- For annual licenses, 240-720 minutes acceptable
- For high-value products, prefer shorter durations
Testing Your Configuration:
- Set cache duration to desired value
- Validate a test license
- Suspend the license
- Attempt validation again immediately (should still be cached)
- Wait for cache to expire
- Validate again (should fail)
⚠️ Warning: Setting cache too short (<5 minutes) can overload your database during high traffic
Enable Auto-Renewal
Type: Toggle (On / Off)
Default: Off
Screenshot showing auto-renewal configuration
Description
Automatically renews subscription-based licenses before they expire, when integrated with payment processors.
- ON: System attempts automatic renewal when licenses near expiration
- OFF: Licenses must be manually renewed by customer or admin
How Auto-Renewal Works
When a License Approaches Expiration:
- 7 Days Before: System flags license for renewal
- 3 Days Before: First renewal attempt triggered
- Payment Processing: Charge customer’s stored payment method
- Success: License is automatically extended for next period
- Failure: Customer receives payment failure notification
- 1 Day Before: Final renewal attempt if previous failed
- Expiration: If all attempts fail, license expires normally
What Auto-Renewal Requires
To function properly, auto-renewal needs:
✅ Payment processor integration (Stripe, PayPal, etc.)
✅ Stored customer payment methods (cards on file)
✅ Email configuration (for renewal notifications)
✅ Webhook integration (for payment confirmations)
✅ Product pricing (defined renewal amounts)
When to Enable
Enable auto-renewal if:
✅ You offer subscription-based licenses (monthly, annual)
✅ Payment processor integration is configured
✅ Customers expect automatic billing
✅ You want to reduce churn from forgotten renewals
✅ You operate a SaaS or subscription business model
When to Keep Disabled
Keep disabled if:
❌ You use perpetual licenses (one-time purchase)
❌ Payment processor is not integrated
❌ You prefer manual renewal processes
❌ Customers control their own renewal timing
❌ Your business model is usage-based, not time-based
❌ You require manual approval for renewals
Auto-Renewal vs Manual Renewal
| Approach | Advantages | Disadvantages |
|---|---|---|
| Auto-Renewal (ON) | Reduces churn, predictable revenue, hands-off for customers | Requires payment integration, surprise charges, failed payment handling |
| Manual Renewal (OFF) | Customer control, no surprise charges, simpler setup | Higher churn, manual work, reminder emails needed |
Real-World Examples
Example 1: SaaS Subscription Product
Business Model:
- Monthly subscriptions at $49/month
- Payment via Stripe
- Target: Small businesses
Configuration:
- Enable Auto-Renewal: ON
Implementation:
- Customer signs up with credit card
- License issued for 30 days
- 3 days before expiration, auto-renewal attempts
- Card charged automatically
- License extended for another 30 days
- Customer receives receipt email
Results:
- 92% renewal rate
- Reduced churn from 15% to 8%
- Eliminated manual renewal processing
Example 2: Enterprise Perpetual Licenses
Business Model:
- One-time purchase + optional annual support
- Manual invoicing for renewals
- Target: Large corporations
Configuration:
- Enable Auto-Renewal: OFF
Reasoning:
- Perpetual licenses don’t expire
- Support renewals require procurement approval
- Manual invoicing matches enterprise processes
- Customers prefer scheduled, manual renewals
Example 3: Hybrid Model
Business Model:
- Monthly auto-renewing OR annual manual renewal
- Customer chooses billing preference
Configuration:
- Enable Auto-Renewal: ON (for monthly plans)
- Manual processing for annual plans
Implementation:
- Monthly subscribers: Auto-renewal active
- Annual subscribers: Receive renewal reminders at 60/30/7 days
- Admin manually processes annual renewals after payment
Customer Communication
When Auto-Renewal is Enabled:
- At Purchase: Clearly state auto-renewal terms
- Confirmation Email: Remind customer of auto-renewal
- 7 Days Before: Send upcoming renewal notification
- On Renewal: Send receipt and thank you
- On Failure: Send payment failure notice with action steps
Email Sequence Example:
| Timing | Purpose | |
|---|---|---|
| At Purchase | “Welcome! Your subscription auto-renews on [date]” | Set expectations |
| 7 Days Before | “Your license renews in 7 days ($49)” | Advance notice |
| On Renewal | “Renewal successful! Thank you for continuing” | Confirmation |
| Failure | “Payment failed - Update your card to avoid interruption” | Action required |
Handling Failed Renewals
When Auto-Renewal Fails:
- First Failure: Retry in 24 hours
- Second Failure: Retry in 48 hours
- Third Failure: Send final notice to customer
- Grace Period: Allow 7 days to update payment
- Expiration: License expires if not resolved
Customer Actions:
- Update payment method in customer portal
- Contact support for assistance
- Manually renew if needed
Legal and Compliance Considerations
Required Disclosures:
- ⚠️ Auto-renewal terms must be clearly disclosed at purchase
- ⚠️ Customers must be notified before charges
- ⚠️ Easy cancellation must be available
- ⚠️ Comply with regional laws (e.g., California auto-renewal law)
💡 Tip: Include auto-renewal terms in your Terms of Service and link prominently at checkout
Best Practices
Implementation Checklist:
- ✅ Configure payment processor integration
- ✅ Test auto-renewal with test licenses
- ✅ Set up renewal notification emails
- ✅ Create failed payment recovery workflow
- ✅ Document terms in customer agreement
- ✅ Provide self-service cancellation option
- ✅ Monitor renewal success rates
Monitoring:
- Track renewal success rate (target: >90%)
- Monitor failed payment reasons
- Analyze churn patterns
- Review customer feedback on renewals
Recommended Configurations
SaaS/Subscription Products
Monthly or annual recurring billing
- Require Verification: ON
- Cache Duration: 30 minutes
- Auto-Renewal: ON
Reasoning: Security-first with real-time enforcement and automated renewals for predictable revenue.
Desktop/On-Premises Software
One-time purchase or manual renewals
- Require Verification: ON
- Cache Duration: 180 minutes
- Auto-Renewal: OFF
Reasoning: Offline-friendly caching, security maintained, manual renewal process for perpetual licenses.
High-Volume APIs
REST APIs with millions of validations
- Require Verification: ON
- Cache Duration: 240 minutes
- Auto-Renewal: OFF or ON (depends on business model)
Reasoning: Performance optimization through longer caching, still maintains security baseline.
Internal/Enterprise Tools
Low-risk internal applications
- Require Verification: ON (even for internal)
- Cache Duration: 360 minutes
- Auto-Renewal: OFF
Reasoning: Maintain audit trails, maximize performance, manual control for enterprise procurement.
IoT/Embedded Devices
Intermittent connectivity expected
- Require Verification: ON
- Cache Duration: 720-1440 minutes
- Auto-Renewal: ON (if connectivity available)
Reasoning: Very long cache for offline periods, automated renewals when device connects.
Important Notes
⚠️ Never disable verification in production – Security risks far outweigh performance gains
🔄 Cache is automatically invalidated on license status changes – No manual clearing needed
📊 Monitor renewal success rates – Target >90% for healthy subscription business
⏱️ Cache duration affects enforcement speed – Balance performance vs real-time needs
💳 Auto-renewal requires payment integration – Test thoroughly before enabling
Summary Table
| Setting | Purpose | Typical Value |
|---|---|---|
| Require Verification | Enforce security checks | ON (always) |
| Cache Duration | Balance performance vs enforcement | 60 minutes (default), adjust based on product type |
| Auto-Renewal | Automate subscription renewals | ON (subscriptions) or OFF (perpetual) |
Testing Your Configuration
Step 1: Configure License Settings
Set all three settings according to your product type.
Step 2: Create a Test License
Generate a test license key with short expiration (e.g., 1 hour).
Step 3: Test Verification
With Verification ON:
- Activate the test license
- Verify it succeeds with valid license
- Suspend the license in admin portal
- Attempt activation again – should fail immediately
Cache Duration Testing:
- Set cache to 5 minutes
- Activate test license (cache created)
- Suspend the license
- Attempt validation immediately (should succeed - cached)
- Wait 6 minutes
- Validate again (should fail - cache expired)
Step 4: Test Auto-Renewal (if applicable)
Prerequisites:
- Payment processor configured
- Test payment method on file
- Test subscription license
Testing:
- Create license expiring in 1 day
- Configure auto-renewal attempts
- Wait for renewal window
- Verify renewal attempt occurs
- Check email notifications sent
- Confirm license extended
Step 5: Production Deployment
Once testing is complete:
- Set production cache duration
- Enable auto-renewal (if using subscriptions)
- Monitor renewal success rates
- Adjust settings based on real-world performance
Frequently Asked Questions
Q: What happens if I change cache duration while licenses are already cached?
A: New duration applies to future cache entries. Existing cached entries expire on their original schedule.
Q: Can I set different cache durations for different products?
A: No, cache duration is platform-wide. Consider your highest-security product when setting this value.
Q: Does auto-renewal work with all payment processors?
A: Auto-renewal requires webhook support from your payment processor. Stripe, PayPal, and Braintree are fully supported.
Q: What if a customer’s card is declined during auto-renewal?
A: The system retries based on configured schedule and sends failure notifications. Customer can update payment method.
Q: Can customers opt out of auto-renewal?
A: Yes, provide a self-service cancellation option in the customer portal for compliance.
Q: How does cache invalidation work?
A: When a license is modified, the cache entry is immediately cleared. Next validation performs fresh check.
Q: Should I disable verification to improve performance?
A: No. Use longer cache duration instead. Disabling verification eliminates all security controls.
How to Access
- Log in to the Admin Portal
- Navigate to Settings in the main menu
- Click the License Settings tab
- Configure each setting
- Click Save Settings at the bottom
- Test with a trial license before production use
Related Settings
- Settings Overview - All settings tabs
- Abuse Detection - Automated abuse prevention
- Logging Settings - Track validation events
- Webhook Settings - Payment processor integrations
Proper license configuration ensures security, performance, and automated revenue management.