License Management

License Management gives you granular control over what your customers can access, deploy, and use. You can restrict which application versions and artifacts each customer sees, and issue cryptographically signed license keys that let your application enforce usage limits and resource constraints at runtime.

Note

License Management is a Pro feature available in Pro, Enterprise, and Pro Trial plans. The Starter plan does not include license management capabilities. Learn more about subscription plans and choosing the right plan.

Overview

Distr’s License Management system has three components:

1. Application Entitlements — Control which application versions each customer can deploy via Distr agents
2. Artifact Entitlements — Control which artifacts and tags each customer can pull from your registry
3. License Keys — Issue signed JWT tokens your application can verify to enforce usage limits and resource constraints

Entitlements and license keys are separate tools for different purposes. Entitlements control access at the Distr platform level. License keys carry arbitrary claims that your application reads and enforces independently of Distr.

Navigating the Licenses section

In the Vendor Portal sidebar, click Licenses to open the overview. The overview lists all your customer organizations, each showing a summary of their active entitlements and license keys.

Click any customer to open their detail view, which shows all three types — Application Entitlements, Artifact Entitlements, and License Keys — for that customer in one place.

Application Entitlements

Application Entitlements control which versions of your applications customers can deploy through Distr agents. When a customer has an entitlement, they can only see and deploy the specific application versions it grants.

Key properties:

• Linked to a single customer and application pairing
• Grants access to one or more application versions
• Once a version is granted, it cannot be revoked
• Changes reflect immediately in the customer portal

Learn how to create and manage Application Entitlements in the Application Entitlements guide.

Artifact Entitlements

Artifact Entitlements control which artifacts and tags customers can pull from your registry. You can grant access to specific tags, all current tags, or all current and future tags.

Key properties:

• Can include one or multiple artifacts
• Tag access options: specific tags, all tags, or all tags including future ones
• Once you create your first entitlement, customers only see artifacts they’re entitled to (before the first entitlement, all customers see everything)
• Changes reflect immediately in the customer portal

Learn how to create and manage Artifact Entitlements in the Artifact Entitlements guide.

License Keys

License Keys let you issue signed tokens that your application can verify to enforce usage limits, seat counts, feature flags, or any other runtime constraint you define.

A license key contains:

• Name — A unique identifier within your organization
• Description — Optional, for your own reference
• Payload — A JSON object with arbitrary custom claims (e.g. {"seats": 10, "plan": "pro", "feature_x": true})
• Validity window — A notBefore and expiresAt date

License keys can optionally be scoped to a specific customer, or left unscoped for organization-wide use.

How tokens work

When you request a token for a license key, Distr generates a signed JWT. The token includes your payload as custom claims alongside standard JWT fields (issuer, subject, audience, issued-at, not-before, expiration). It is signed with an Ed25519 private key configured on your Distr instance.

Your application verifies the token using the corresponding public key — no call back to Distr required. This makes license key verification fast and works in air-gapped or offline environments.

Note

Payload and dates are immutable after creation. Once a license key is created, only the name and description can be changed. If you need different claims or dates, create a new key.

Note

Deleting a license key does not revoke issued tokens. JWTs are stateless — a token remains valid until its expiresAt date, regardless of whether the key still exists in Distr.

Learn how to create and manage License Keys — including how customers inject them into Docker, Helm, and registry-only deployments — in the License Keys guide.

Use cases

• Tiered pricing — Grant different application versions or artifact sets based on subscription tier
• Targeted updates — Deliver hotfixes or patches to specific customers only
• Early access — Provide access to pre-release versions for premium customers
• Seat enforcement — Embed seat or instance limits in a license key; your app reads and enforces them
• Feature flags — Encode which product features a customer’s plan includes in the key payload
• Offline validation — Customers in air-gapped environments can verify license tokens without contacting Distr

Getting started

1. Ensure you’re on a Pro, Enterprise, or Pro Trial plan
2. Navigate to Licenses in the Vendor Portal sidebar
3. Select a customer to open their detail view
4. Create an Application Entitlement, Artifact Entitlement, or License Key from that view

Tip

If you don’t see the Licenses section, make sure you’re on a Pro plan or Pro Trial. You can check your current plan in Subscription.