Getting Started

Quickstart

Three steps: create an app in the dashboard, initialize the SDK, then authenticate. The whole flow takes a few minutes to wire up.

Getting Set Up

Every SDK call flows through the same path � you initialize once per session, and everything else (login, variables, validation) depends on the session that comes out of it.

Step 1 � Create Your App

Log into the dashboard and create a new application. Once created, copy four values � you'll need all of them to initialize the SDK:

  • Owner ID � your account identifier, shared across all your apps.
  • App Name � the exact name of the application as registered.
  • Version � the current version string of your build (e.g. 1.3 or 1.3.0).
  • Secret � your app's private key. Never expose this in public code or logs.
Step 2 � Initialize the SDK

Call Init() at startup before anything else. This establishes a session, verifies your app credentials against the server, and runs any version or hash checks you have configured. The session ID returned is what every subsequent call depends on.

If version control is enabled, Init() will surface update prompts or block the session depending on how your whitelist is configured. If hash checking is on, the server validates your build hash before proceeding.

Step 3 � Authenticate

Once initialized, call your chosen login method. AuthlyX supports three authentication modes depending on how your application is structured � username login, license key login, or hardware device authentication. Pick the one that fits your use case below.

Init errors?
Check these first: app is enabled, secret is correct, build hash is approved (if hash checking is on), and your version is whitelisted (if version control is on).

Authentication Methods

Pick the method that fits your distribution model. You can use more than one within the same application.

Username & Password

Standard account-based login. The user provides a username and password. Supports hardware locking, subscription tiers, and device limits. Best for software sold as user accounts.

License Key

Key-only login � no username or password required. The user enters a license key and the SDK authenticates against it. Best for one-time purchases or key-based distribution.

Device Authentication

Authenticate by hardware identifier instead of user credentials. Uses motherboard or processor IDs. Best for kiosk setups, internal tooling, or machine-locked deployments.

Version Control

Whitelist specific build versions, show update reminders, or block outdated clients entirely. Configured per application in the dashboard � no code changes needed to enforce a new minimum version.

C# Example

The SDK is initialized once, typically as a static instance. After Init() succeeds, all other calls use the same instance. 

public static Auth AuthlyXApp = new Auth(
    ownerId: "12345678",
    appName: "MyApp",
    version: "1.3",
    secret: "your-secret"
);

// Optional:
// debug: false      � disable SDK console logs
// antiDebug: false  � disable anti-debugger check (local dev only)
// api: "https://example.com/api/v2"  � custom domain

AuthlyXApp.Init();

// Username login
AuthlyXApp.Login("username", "password");

// License key login
AuthlyXApp.Login("XXXXX-XXXXX-XXXXX-XXXXX-XXXXX");

// Device login
AuthlyXApp.Login("YOUR_DEVICE_ID", deviceType: "motherboard");

HTTP Examples

If you are integrating directly without the SDK, these are the two calls that start every session.

POST /api/v2/init 
{
  "owner_id": "12345678",
  "app_name": "MyApp",
  "version": "1.3",
  "secret": "your-secret",
  "hash": "your-app-hash"
}
POST /api/v2/login 
{
  "owner_id": "12345678",
  "app_name": "MyApp",
  "session_id": "SESSION_ID_FROM_INIT",
  "identifier": "username",
  "password": "password"
}
Common errors
NOT_INITIALIZED � you skipped Init() or it failed silently. Always check the return value.
UPDATE_REQUIRED � your version isn't whitelisted. Add it in the dashboard or adjust the version control mode.
INVALID_HASH � approve your build hash in Dashboard ? App Settings ? Hashes.