Introduction

Licenzy has two surfaces. The runtime API under /v1 is the public integration surface your backend calls during product operation. That is the API your product uses for checkout, access, entitlements, and usage.

The Licenzy portal is where you set up projects, create API keys, connect Stripe, map products, store Stripe inbound webhook secrets, configure outbound Licenzy webhooks, inspect support/debug state, and handle billing or operator workflows. Those are portal operations, not runtime API calls.

Projects are the runtime boundary inside Licenzy. Each project isolates API keys, products, Stripe configuration, webhook endpoints and history, usage, and runtime activity. Billing, invoices, users, subscription state, and commercial plan limits stay at the account level.

The production flow is: your backend creates a Licenzy checkout session, Licenzy creates the Stripe checkout session internally, the user is redirected to the returnedcheckout_url, Stripe later sends the Stripe inbound webhook to Licenzy, and only then are entitlements updated for access checks.

1. Connect Stripe in the portal and create mode-scoped products mapped to price IDs.
2. Create a server-side Licenzy API key and keep it out of the browser.
3. Call POST /v1/checkout/session with subject_ref and product_code.
4. Redirect the user to the returned checkout_url.
5. Stripe sends the Stripe inbound webhook to Licenzy directly.
6. Licenzy updates entitlements during webhook processing.
7. Your app calls POST /v1/access/check or reads customer access state.
8. If the entitlement is a usage pack, your app calls POST /v1/usage/consume.