Copy For AI

# KeyKit License Validation Integration

## Context
KeyKit is a Stripe-connected license key management service. When customers buy products on Stripe, KeyKit automatically creates license keys and shows them on a branded success page (and optionally emails them). 

**Your app only needs to check if a key is valid - KeyKit handles all the complex license management, renewal, and status tracking.**

## Simple Integration (Recommended)
For vibe-coded products, configure Stripe to redirect to KeyKit:
```javascript
success_url: 'https://keykit.app/success?org=YourCompany&product=YourProduct&session_id={CHECKOUT_SESSION_ID}'
```
See /docs/integration for complete setup guide.

## Setup Requirements
- Customer must have a Stripe account
- Products must be marked with "keykit_eligible=true" in Stripe product description
- KeyKit webhook must be configured in Stripe Dashboard

## Integration Steps

### 1. License Validation
Create a simple function to check if a license key is valid:

Ask your AI to:
- Create a helper that posts to `https://keykit.app/api/validate` with `{ token, siteId }`
- Return true/false based on the response
- Handle network errors gracefully (don't crash the app)
- **NO pre-validation needed - just send the key to KeyKit and trust the response**
- **That's it - no complex license management needed!**

### 2. Usage in Your App
Use the validation helper to check licenses:

```javascript
// Check license on app startup or feature access
const licenseKey = localStorage.getItem('license_key');
const siteId = window.location.hostname;

const result = await validateLicenseGracefully(licenseKey, siteId);
if (result.valid) {
  // License is valid - enable premium features
  enablePremiumFeatures();
} else {
  // License invalid - show upgrade prompt
  showUpgradePrompt();
}
```

### 3. License Input for Customers
Add a license key input field for customers:

```html
<form id="license-form">
  <input 
    type="text" 
    id="license-key" 
    placeholder="Enter your license key"
    required 
  />
  <button type="submit">Activate License</button>
</form>

<script>
document.getElementById('license-form').addEventListener('submit', async (e) => {
  e.preventDefault();
  const licenseKey = document.getElementById('license-key').value;
  const siteId = window.location.hostname;
  
  if (await validateLicense(licenseKey, siteId)) {
    localStorage.setItem('license_key', licenseKey);
    alert('License activated successfully!');
    location.reload();
  } else {
    alert('Invalid license key. Please check and try again.');
  }
});
</script>
```

## Customer Experience
- Customers receive license keys via email immediately after purchase
- License keys are formatted as: `lk_1234567890abcdef1234567890abcdef`
- Keys are safe to share with customers and work immediately
- Customers enter the key in your app to activate their license

## Important Notes
- **Keep it simple**: Just check if the key is valid (true/false)
- **KeyKit handles everything else**: License creation, renewal, status tracking, etc.
- **NO pre-validation needed**: Don't check format, length, or anything else - just send to KeyKit
- **Trust KeyKit's response**: If KeyKit says it's valid, it's valid
- Always validate licenses server-side for security when possible
- Handle network errors gracefully to avoid app crashes
- License keys are automatically created and emailed when customers buy on Stripe
- License status syncs automatically with Stripe subscription status

## Error Handling
- Network errors: Handle gracefully, don't crash the app
- Invalid keys: Show clear error message
- Consider caching to reduce API calls

## Security
- Always validate on server-side for production apps
  - Use HTTPS for all API calls
  - Implement proper error handling to avoid exposing sensitive data