Product setup, license operations, API calls, manual installation, and AI-assisted implementation for the software you sell or maintain.
Product setup
What you protect with Axee
Axee protects software that your customers run on their own server: PHP scripts, WordPress plugins, billing modules, private Node services, shell tools, desktop helpers, and similar self-hosted products.
Your product calls Axee when it activates and then keeps a short-lived signed lease. The lease lets the product continue running between checks, but it also lets Axee catch suspended, expired, moved, or fake licenses on the next verification or poll.
The normal customer flow is:
1. Create a product in Axee.
2. Create license keys for buyers.
3. Add a small license guard to your product.
4. The guard calls verify on first activation.
5. The guard calls poll after Axee's pollAfter time.
6. Your product blocks protected features when the lease and grace have ended.
Product setup
Create products
A product is the software item you want to license. Create one product for each script, plugin, module, app, or paid edition that should have separate license rules.
In the customer portal:
1. Open Products.
2. Enter a product name, such as Billing Relay.
3. Choose a stable product code, such as BILLING_RELAY.
4. Select binding rules.
5. Set the grace window allowed by your plan.
6. Save the product and copy the product code for your integration.
The product code is what your script sends to Axee during verify and poll. Keep it stable after customers install your product.
Product setup
Binding and grace
Binding tells Axee what customer install identity should stay the same.
Domain binding checks the domain reported by the installed product.
Server IP binding checks the server address reported by the install.
Machine binding checks a fingerprint generated from stable server details.
Use all three when your product normally runs on one known server. Use fewer bindings when customers commonly move between staging and production or use infrastructure with changing IPs.
Grace is the emergency window. If the customer had a valid lease but cannot reach Axee for a short time, the product can continue until graceEndsAt. After that, protected features should stop until a valid verify or poll succeeds.
License management
Create licenses
A license belongs to one product and one buyer, client, or install.
In the customer portal:
1. Open Licenses.
2. Choose the product.
3. Add a customer reference, such as invoice id, order id, or account id.
4. Add the buyer email if you want it stored with the key.
5. Add the expected domain when you already know where the customer will install it.
6. Set an expiry date or leave it empty for a lifetime license.
7. Create the license and copy the generated key.
Send the license key to your customer through your own delivery flow. The key goes into their installed script or server config.
License management
Suspend and terminate
Use license actions when access should change after a key has already been issued.
Suspend keeps the license record but stops new valid leases. Use it for payment disputes, temporary holds, abuse review, or support checks.
Terminate ends the license permanently. Use it when a key should no longer be accepted.
Your product should not trust a license forever because it verified once. It should keep polling Axee so suspended, terminated, expired, moved, or risky installs are caught without editing the customer's server manually.
API calls
API authentication
Use customer API keys only from your own private backend, store, CRM, billing system, or internal admin tool.
Private automation calls use this header:
Authorization: Bearer AXEE_API_KEY
Never put an Axee API key inside a script, plugin, zip file, browser bundle, or product that customers can download. Distributed products call verify and poll without your API key.
API calls
Create license API
POST /v1/licenses creates a license for one of your products.
Required header:
Authorization: Bearer AXEE_API_KEY
Example body:
{
"productId": "prd_...",
"customerRef": "invoice-1047",
"email": "buyer@example.com",
"domain": "client.example.com",
"expiresAt": "2026-12-31T23:59:59.000Z"
}
Axee returns the license id, generated key, status, product id, and creation time. Store the returned id if your own billing system needs to suspend or terminate the key later.
API calls
Suspend and terminate APIs
PATCH /v1/licenses/{id}/suspend suspends a license.
DELETE /v1/licenses/{id} terminates a license.
Both calls require:
Authorization: Bearer AXEE_API_KEY
Use these from your own billing system when a subscription fails, a refund is issued, a customer cancels, or a support operator decides the key should stop working.
The {id} value is the Axee license id returned by POST /v1/licenses or shown in the portal.
API calls
Verify API
POST /v1/verify is called by the installed product when there is no cached lease or the customer activates the product for the first time.
Example body:
{
"licenseKey": "AXE-LIC-...",
"productCode": "BILLING_RELAY",
"domain": "client.example.com",
"ipAddress": "203.0.113.42",
"machineFingerprint": "stable-machine-id",
"nonce": "random-128-bit-value"
}
Axee checks license status, tenant status, expiry, product match, domain binding, activation history, replayed nonce risk, IP, and machine fingerprint. If accepted, Axee returns a signed lease token, lease expiry, grace end, and pollAfter time.
API calls
Poll API
POST /v1/poll is called by the installed product after Axee's pollAfter time.
Example body:
{
"licenseKey": "AXE-LIC-...",
"productCode": "BILLING_RELAY",
"domain": "client.example.com",
"ipAddress": "203.0.113.42",
"machineFingerprint": "stable-machine-id",
"nonce": "new-random-128-bit-value",
"leaseToken": "previous-signed-lease"
}
Axee verifies the previous lease, checks that the binding still matches, checks license state again, records the poll event, and returns a fresh lease when accepted.
API calls
Release metadata API
POST /v1/releases stores version metadata for one product.
Required header:
Authorization: Bearer AXEE_API_KEY
Example body:
{
"productId": "prd_...",
"version": "2.4.1",
"notes": "Security and compatibility update",
"metadata": { "channel": "stable" }
}
Use releases when you want Axee to know which product versions are live or when your integration should report version context around customer installs.
Manual integration
Manual portal workflow
You can run the whole licensing workflow without writing automation first.
1. Create a product in Products.
2. Create a license in Licenses.
3. Copy the product code and license key.
4. Add the license key to the customer's private server config.
5. Add the Axee guard file to the script or plugin.
6. Test activation on a staging install.
7. Suspend the test license and confirm the product stops after the lease or grace rules require it.
Use API automation later when your store or billing system is ready.
Manual integration
Manual script integration
A manual integration is usually one guard file plus one call from your protected entry point.
The guard should:
- Read the license key from private config.
- Collect domain, IP address, and machine fingerprint.
- Generate a fresh nonce for every verify and poll.
- Call /v1/verify when no lease exists.
- Store the lease outside the public web directory.
- Check leaseExpiresAt before protected code runs.
- Call /v1/poll after pollAfter.
- Allow short offline operation only until graceEndsAt.
- Stop protected features after grace ends.
Do not put an Axee API key in customer-distributed code.
AI integration
Use the Codex skill
Axee includes a Codex skill package at integrations/codex-skill/axee-license-integrator.
Use it when you want Codex to add Axee licensing to a script for you. The skill tells Codex how to inspect the project, where to place a guard, which Axee endpoints to call, how to store leases, and what validation to run.
Typical prompt:
Use the Axee license integrator skill. Product code is BILLING_RELAY, base URL is https://app.axee.in, license key should come from AXEE_LICENSE_KEY, and protected code should stop after graceEndsAt.
Codex can also run the bundled guard generator, then adapt the output to your actual project structure.
AI integration
Use the MCP server
Axee includes an MCP server at integrations/axee-mcp for AI clients that support tools, including Codex and Claude.
The MCP server gives the AI tools to:
- Create an Axee integration plan.
- Generate PHP, Node, or shell guard code.
- Write a guard file inside a selected project.
- Return customer-facing API examples.
After building the MCP package, point Codex or Claude to integrations/axee-mcp/dist/index.js. The AI can then use the tools directly while still leaving you in control of product code, license storage, and final testing.