You can generate a validation token from the customer area. Each license will have a "validation token" link under it.
Clicking that link will generate a token if you don't have one for that license or display the current token if one has been generated.
If you wish to change your token, it can be regenerated from there. Note that your previous tokens will immediately fail to validate.
In general, it is recommended that you provide your validation token to trusted parties only. After giving out a token and having it be verified, you may wish to regenerate your token. However, if you do this, it will break any ongoing checks that third-parties may do; you will need to balance these needs.
While we provide the API via a human readable web interface, it can also be queried programmatically via JSON.
POST requests to
https://xenforo.com/api/license-lookup.json with the following parameters:
token - the license validation token to look up
domain - checks whether the license is attached to this domain (optional)
A request for a valid token will return a JSON object with the following keys/values:
validation_token - (string) the token that was looked up
customer_token - (string) a string that will uniquely identify the customer this license is associated with
license_token - (string) this will unique represent the license in question. It will not change when the token is regenerated.
is_valid - (boolean) this will be true unless the license is no longer legitimate. Licenses with expired support are still valid.
can_transfer - (boolean) true if the license can be transferred
domain_match - (boolean or null) if a domain was provided, this will be true/false based on whether it matched the license. If no domain was provided, this will be null
domain - (string or null) if a domain was provided, the domain that we tested. This may be changed from original domain supplied in the request.
A request for an invalid token will return a
404 HTTP response. If you have made too many requests, a
503 HTTP response will be returned.