This guide walks you through protecting your first software product with domain-bound licensing. By the end, you will have a working license key that validates against an authorized domain — in under 5 minutes.
Prerequisites
- A free Traffic Orchestrator account (sign up here)
- Node.js 18+ (or any HTTP client — we show
curltoo)
Step 1 — Create Your Account
Head to trafficorchestrator.com/signup and create a free Builder account. The Builder plan includes 3 products and 100 license keys — perfect for getting started. After signing up, verify your email and log into the portal dashboard.
Step 2 — Create a Product
In your dashboard, click Create Product. Give it a name like "My WordPress Plugin" or "My SaaS App." Each product gets its own set of license keys and configuration.
Step 3 — Generate an API Key
Navigate to Settings → API Keys in the portal. Click Generate New Key. Copy the key — you will use it to authenticate all API requests. Keep it safe; treat it like a password.
Step 4 — Create a License Key
Use the REST API to create a license key bound to a specific domain:
curl -X POST https://api.trafficorchestrator.com/api/v1/licenses \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"product_id": "YOUR_PRODUCT_ID",
"customer_email": "customer@example.com",
"domains": ["example.com"],
"max_domains": 1
}'
The response includes a license_key — this is what you distribute to your customer.
Step 5 — Validate the License
When your software runs, validate the license key against the current domain:
// JavaScript — validate on the client or server
const response = await fetch(
'https://api.trafficorchestrator.com/api/v1/validate',
{
method: 'POST',
headers: {
'Authorization': 'Bearer YOUR_API_KEY',
'Content-Type': 'application/json'
},
body: JSON.stringify({
license_key: 'CUSTOMER_LICENSE_KEY',
domain: window.location.hostname
})
}
);
const result = await response.json();
if (result.valid) {
console.log('License valid — enabling premium features');
} else {
console.log('License invalid:', result.error);
}Or with curl:
curl -X POST https://api.trafficorchestrator.com/api/v1/validate \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"license_key": "CUSTOMER_LICENSE_KEY",
"domain": "example.com"
}'What Happens During Validation?
- The API verifies the license key exists and is active
- It checks whether the requesting domain is in the authorized domains list
- It verifies the license has not expired
- It returns a signed response with the validation result
If the domain does not match, the API returns { "valid": false, "error": "domain_mismatch" }.
Your software can then restrict functionality or show an upgrade prompt.
Next Steps
- Add more domains — Upgrade the license to allow multiple domains for staging, production, etc.
- Set up webhooks — Get notified when licenses are activated, suspended, or expire. See our webhook guide.
- Use an SDK — We offer SDKs for Node.js, Python, React, and more.
- Explore the API docs — Full reference at trafficorchestrator.com/docs.
- Add feature flags — Gate specific features based on license tier. See feature flags guide.
That is it — your software is now protected with domain-bound licensing. The free Builder plan supports up to 3 products and 100 licenses, so you can fully test the integration before scaling up.
Ship licensing in your next release
5 licenses, 500 validations/month, full API access. Set up in under 5 minutes — no credit card required.