Skip to main content

Entitlement check

Check whether a grantee is permitted to perform actions in your system.

Any plans the grantee is subscribed to are included in the entitlement check, alongside their features.

import { getGrantee } from '@salable/js';

const { hasFeature } = await getGrantee({
apiKey: 'your-salable-api-key',
productUuid: 'your-products-uuid',
granteeId: 'your-grantees-id',
});

// Check for a boolean feature
const hasAccessToCsvExport = hasFeature('csv-export');
// or a plan
const hasProPlan = hasFeature('pro');

Verifying Signatures

Signatures can be verified using the signature and features from the entitlements check and your organisations public key

ECDSA Encryption and Signatures

We use ECDSA cryptography to generate signatures for entitlements checks. Signatures are signed with a private key (which we keep encrypted on our end) and can be verified using your organisations public key

NOTE: You can request entitlement-check signatures to be encoded in the P1363 encoding using the "sigEncode=P1363" query string in the request

  • The P1363 encoding allows for signature verification on web browsers

Signature verification examples:


import { verifyLicenseCheck } from '@salable/js';

var isValid = await verifyLicenseCheck({
publicKey: 'your_public_key',
signature: 'entitlement_check_signature',
payload: 'entitlement_check_payload'
});