Developer docs for licensing, storefronts, customer library, and plugin integrations.
This public reference uses actual route names where available. Dashboard-only notes call out areas where public API examples are still expanding so developers can plan integrations without relying on invented endpoints.
Create a developer account, create a product, configure one-time pricing or subscriptions, generate product plugin credentials, validate/activate a serial, test checkout/storefront, and confirm customer library downloads.
Authentication
Use developer JWTs for dashboard APIs and product-scoped plugin credentials for licensing calls. Store secrets server-side where possible and rotate exposed credentials.
Product credentials
Product/plugin keys are scoped per product. Secrets should be revealed carefully, rotated when exposed, and revoked when an integration is retired.
Product delivery
Use managed upload jobs for local product files and upload-by-link imports, then serve customer downloads through entitlement-gated delivery routes instead of public raw storage URLs.
Managed upload routes
POST /api/products/:productId/files/uploads
POST /api/products/:productId/files/upload-link
GET /api/products/:productId/files/uploads
POST /api/products/:productId/files/uploads/:jobId/cancel
POST /api/products/:productId/files/uploads/:jobId/retry
Product subscriptions
Configure subscription settings from product tools, test subscription checkout, and keep subscription status aligned with entitlements, serials, customer library access, and plugin validation.
CheckoutEntitlementLicense
Subscription lifecycle
Enable product subscription settings\nPOST /api/checkout/product -> mode: "subscription"\nCheckout lifecycle event -> subscription row + order + entitlement + serial\nPlugin validation -> unlock only while subscription access is valid
Scheduled deals
Schedule product deal windows, edit upcoming deals, cancel scheduled deals, and create campaign drafts around promotions from authenticated developer workflows.
Scheduled deal routes
GET /api/products/:productId/deals
POST /api/products/:productId/deals
PATCH /api/products/:productId/deals/:dealId
POST /api/products/:productId/deals/:dealId/cancel
POST /api/developer/marketing/scheduled-deals/:dealId/campaign-draft
Licensing API
Validate serials, subscription access, activate machines, deactivate machines, restore/check activation, refresh license status, and respect offline grace and invalid license states.
Licensing route family
POST /api/license/v1/validate
POST /api/license/v1/activate
POST /api/license/v1/deactivate
POST /api/license/v1/claim-status
Storefront API
Public storefront/product routes expose brand, product cards, images, pricing/sale price/subscription eligibility, visibility, and checkout eligibility.
Customer Library / Delivery
Customer library and delivery routes should respect ownership, entitlements, protected downloads, serial/license display, and signed or backend-gated file access.
Webhooks
Webhook management is available for developer integrations. Event coverage continues to expand, so confirm required events before production automation.
Email Marketing
Dashboard-based campaign workflows are available for drafts, eligible audience selection, consent checks, send estimates, scheduled-deal campaign drafts, and reporting. Public API docs will expand as contracts are locked.
Dashboard workflow
Use the dashboard Email Marketing Center for drafts, eligible audience selection, consent checks, send estimates, scheduled-deal campaign drafts, and reporting while public API examples continue to expand.
Error codes
Handle invalid credentials, revoked key, invalid serial, suspended license, expired license, product mismatch, rate limit, and network unavailable states explicitly.
Example error response
{
"ok": false,
"error": "product-mismatch",
"message": "Serial does not unlock this product."
}
Rate limits
Respect rate limits on auth, licensing, checkout, and public storefront routes. Follow next_check_secs when validation responses include it.
HISE plugin storefront
Generate the product HISE package from the saved product page, configure storefront slug and public catalog URLs, test Store/My Products and central support routing, open checkout externally, and keep downloads entitlement-gated.
StoreMy ProductsExternal checkout
HISE product package
Product page -> Download HISE Package\ninclude("SoundSync/Runtime/SoundSyncRuntime.js")\nSoundSyncConfig.storefrontSlug = "STORE_SLUG"\nSoundSyncConfig.apiBase = "$SOUNDSYNC_API_BASE"\nCheckout opens in the default browser; support opens the central SoundSync support center; downloads use SoundSync delivery routes.
HISE integration
Use the guided HISE package path, product credentials, subscription-aware license settings, activation overlay, central support routing, offline cache behavior, and test connection workflows.
Use API-first integration guidance for custom and JUCE products. Do not assume a complete JUCE SDK exists until it is explicitly shipped.
HTTPPlugin secretLock states
Custom integration flow
validate(serial, machineId)\n -> POST /api/license/v1/validate\n -> unlock only when status is active\n -> lock on revoked, suspended, expired, or product-mismatch
Testing mode / sandbox notes
Use demo products, test checkout, generated credentials, fake customer data, and non-real payment data when validating workflows.
Used by storefront product checkout flows. Subscription-enabled products can return a subscription checkout session while one-time products use payment checkout. Checkout processing is included in SoundSync platform billing.
Dashboard Dashboard workflow. Public campaign API documentation is pending.
Dashboard-based campaign workflows handle drafts, eligible audience selection, consent checks, send estimates, and reporting while public API documentation expands as backend contracts are locked.
Request
Use the dashboard Email Marketing Center to create drafts, select eligible audiences, estimate usage, and send controlled campaigns. Public API examples will be added after the campaign contracts are finalized.
Dashboard Dashboard workflow. Public audience API documentation is pending.
Marketing sends must target developer-scoped, opted-in, non-suppressed contacts. Purchased, scraped, unsubscribed, bounced, complained, or non-consented contacts must be excluded.
Request
Use dashboard contact and audience tools to manage consent and suppression state. Public audience API examples will be published after the contracts are finalized.
Developer dashboard APIs use developer JWTs from /api/auth/login and /api/auth/me. Plugin licensing uses product/plugin credentials where required.
Product subscriptions
Subscription products use subscription checkout, lifecycle webhooks, customer entitlements, serial generation, and plugin validation state together.
Error codes
Document invalid, revoked, suspended, deactivated, expired, not-found, product-mismatch, identity-required, and pending verification states in the plugin UI.
Rate limits
Sensitive auth, licensing, checkout, and public marketplace routes have rate limiting. Respect next_check_secs where returned.
Email Marketing docs
Campaign, contacts/audiences, consent fields, unsubscribe/suppression handling, send lifecycle, usage metering, scheduled-deal campaign drafts, and event tracking documentation will expand as public API contracts are finalized.
Testing mode
Use demo products, test checkout, generated plugin credentials, and non-real customer/payment data when validating integrations.
HISE integration
Use product-specific HISE package generation and setup guidance from developer tools, including subscription license model fields and centralized support routing when recurring access is enabled.
JUCE/custom API examples
Use the API examples as implementation guidance. Do not treat a full JUCE SDK as shipped unless the repo includes it.
Security best practices
Keep plugin secrets private where possible, rotate credentials when exposed, avoid raw storage URLs, and lock on confirmed invalid license states.