You built a Mac app, you want to sell it outside the App Store, and now you need licensing: a key the customer enters, an activation that sticks, and feature gates that hold up offline. Here's how to do it in an afternoon without standing up a backend.
Note: this is cross-posted from the Keylight blog. I build Keylight, so this uses it as the worked example — the shape of the solution applies whatever SDK you choose.
The three things licensing actually has to do
Strip away the marketing and every licensing system does exactly three jobs:
- Activate — turn a key the user pastes in into proof-of-purchase bound to this device.
- Verify — on every launch, confirm that proof is still valid, including offline.
- Gate — unlock features based on the tier/entitlements the license carries.
If you build this by hand you're writing a server, a crypto layer, and a state machine. The point of an SDK is to skip all three.
1. Add the SDK
Add the Swift package in Xcode (File ▸ Add Package Dependencies) pointing at the Keylight Swift SDK, then configure it once with your tenant key at app launch:
import Keylight
let keylight = Keylight(tenant: "your_tenant_key")
2. Activate a key
Give the user a text field and call activate. This is the one online step — it exchanges the key for a signed, device-bound lease that's stored locally:
do {
try await keylight.activate(key: enteredKey)
// lease stored — the app is now licensed on this device
} catch {
// show the user why: invalid key, device limit reached, etc.
}
3. Verify on launch (offline-safe)
On every subsequent launch you don't hit the network. The SDK verifies the stored lease's Ed25519 signature locally and hands you a state:
switch keylight.checkOnLaunch() {
case .licensed(let lease):
unlockApp(entitlements: lease.entitlements)
case .trial(let daysLeft):
runTrial(daysLeft: daysLeft)
case .expired, .invalid:
showActivationScreen()
}
No server call, so the app opens instantly and works on a plane. The lease carries a max-offline window; past it the SDK refreshes online once, which is also where a revoked or refunded license gets caught.
4. Gate features by entitlement
Because entitlements are signed inside the lease, feature gating is offline too. Don't scatter if licensed across your views — read entitlements once and drive your UI off them:
@Observable final class Licensing {
var entitlements: Set<String> = []
var isPro: Bool { entitlements.contains("pro") }
}
if licensing.isPro {
ProExportButton()
} else {
UpgradePrompt()
}
5. Get paid (the part people forget)
A license is only useful if buying one mints it. If you connect Stripe, a completed payment can mint the license automatically — no webhook code to write — so the customer's key works the moment they pay. That closes the loop: pay → key → activate → offline-verified Pro.
What you skipped by not building it yourself
A signing server, Ed25519 key management, lease parsing, device binding, a trial/expiry state machine, and Stripe webhook plumbing. That's the week-plus you just didn't spend.
Full docs and the free tier are at keylight.dev. If you're on Tauri or Electron instead of native Swift, the same SDK pattern exists in JS/Rust.
Top comments (0)