Overview
A quick guide to what AuthlyX does, how it works, and how to start integrating it.
What AuthlyX Is
AuthlyX is a cloud service for software licensing, user authentication, hardware locking, and remote variables. You interact with the service using our JSON REST API or our official client SDKs. Everything else — users, licenses, variables, and security rules — is configured directly in the developer dashboard.
SDKs handle request formatting, signature verification, and session state automatically. Official wrappers are available for C#, C++, Python, JavaScript, Go, and Rust.
All backend communication runs over standard HTTPS. Endpoint groups handle initialization, authentication, licensing, variables, and logs.
Basic Flow
Every integration follows the same path. The order matters — you cannot call any other endpoint until you have a valid session from Init().
Get your owner_id, app_name, version, and secret from the dashboard. These four values authenticate every request your application makes.
Call Init() to start a session and verify your app's version and hash. This returns a session_id that all other routes depend on.
Log the user in via a username and password, a license key, or their hardware ID.
Use the active session to retrieve remote variables, update hardware lists, submit logs, or validate the session is still active.
Init() first. The initialization step starts a session and returns a session_id, which is required by all other API routes.
Credentials
These four values authenticate every request. The owner_id, app_name, and version identify your app configuration. The secret acts as a private key — keep it out of uncompiled source code and logs.
owner_id
Your account identifier, shared across all applications under your account.
app_name
The exact name of the application as registered in your dashboard.
version
The current version string of your build (e.g. 1.3 or 1.3.0). Used for version whitelist enforcement.
secret
Your app's private key. Never expose this in public repositories, logs, or plain-text config files.
API Base URL
The default endpoint for all SDKs is https://authly.cc/api/v2. If you configure a custom domain in your dashboard settings, point your SDK to that instead.
https://authly.cc/api/v2
Authentication Methods
AuthlyX supports three main authentication patterns. Pick the one that fits how you distribute your software — or combine them within the same application.
Users sign up and log in with standard credentials. You can set hardware locking rules to prevent account sharing across machines.
Best for key-based sales. The user enters a generated key to log in. The system handles key expiration, subscriptions, and usage limits automatically.
Good for kiosk systems or background services. The application logs in automatically using motherboard, processor, or OS identifiers.
Use more than one method within the same application. You might authenticate some users by username and others by license key, depending on how they purchased access.
What's Next
Pick up from here depending on what you need.
Every endpoint documented — request fields, response shapes, and error codes.
How version control, hash validation, replay defense, hardware locking, and the SDK's built-in protections all work together.
A full breakdown of what AuthlyX offers — licensing, hardware locking, cloud variables, logs, and more.
Errors you'll likely hit during integration and how to fix them.