Licensing

License key installation, tier gating, feature flags, max-users, expiration tracking.

Sophon's tier system is license-gated on Enterprise. A valid license key unlocks Enterprise features (SSO, RBAC, audit streaming, multi-tenancy, external vault backends); without one, those features are hidden and endpoints return 403.

Personal and Pro tiers don't require a license key; Enterprise does.

The license model

A license encodes:

Tier — Enterprise
Max users — total user count across all tenants
Feature list — which features are enabled (sso, rbac, audit_streaming, multi_tenancy, external_vault, compliance, …)
Expiration date — after which the license is invalid
Issued to — organization name (cosmetic)
License ID — opaque identifier used for renewal checks

Licenses are signed with Sophon's license-authority key. Tampering is detected on every startup.

Installing a license

Dashboard

Admin → License → Install. Paste the license key (a single-line string starting with sl_...). Click Install.

The Gateway validates the signature, writes the license to ~/.sophon/config/license.key, and refreshes enabled features. No restart required.

CLI

sophon admin license install "sl_abc123def456..."
sophon admin license show            # current license status
sophon admin license verify          # re-check signature + expiry

Config file

For unattended installs, pre-seed the license:

{
  "Sophon": {
    "License": {
      "Key": "sl_abc123def456..."
    }
  }
}

The Gateway reads this on startup and writes it to license.key (the config value is truth; the file is cache).

License status

Admin → License shows:

Tier — Enterprise
Status — Active / Expiring / Expired / Invalid
Organization — issued-to name
Max users — allowed vs. current
Features — enabled feature flags
Expiration — date + days remaining
License ID — for support reference

Warnings

60 days before expiry — a banner appears in the Dashboard admin view
30 days before expiry — email sent to all Admin-role users (if SMTP configured)
7 days before expiry — daily email
Day of expiry — big visible warning; features remain active
Expired — 30-day grace period during which features stay enabled with loud warnings; after grace, Enterprise features flip to 403

User count enforcement

Max users is checked at user-create time. If adding this user would exceed the license cap, the request is rejected with a clear error and a link to renewal.

Existing users are never affected by a license that drops below the current count. If you renew with fewer seats than you have in use, everyone keeps working but you can't add new users until you delete some or renew for more seats.

CLI:

sophon admin license usage
# Users: 47 / 50
# Tenants: 3
# Features: sso, rbac, audit_streaming, multi_tenancy, external_vault, compliance

Feature flags

A license determines which features are accessible. The major flags:

Flag	Unlocks
`sso`	OIDC SSO, IdP group mapping
`rbac`	Custom roles, granular permissions
`audit_streaming`	Splunk / Datadog / Elastic / webhook sinks
`multi_tenancy`	Tenant create / isolate
`external_vault`	HashiCorp / AWS / Azure vault backends
`compliance`	Compliance reports, retention > 90 days
`remote_access_onboarding`	Device enrollment tickets
`desktop_push`	System-native push (desktop app auto-updates beyond stable channel)

Custom license tiers can enable any subset — e.g., a pilot deployment without multi_tenancy but with everything else.

Renewal

Renewals are handled offline with Sophon Sales — email licenses@sophon.dev with your license ID to start the process. Once you have the new key:

sophon admin license install "sl_new_key_..."

The old key is overwritten. No downtime.

Offline / air-gapped deployments

License validation is entirely offline. No phone-home, no periodic ping to a license server. Once installed, the Gateway verifies the signature locally on each startup and whenever a gated feature is accessed.

This means:

Firewall-heavy environments work with no changes.
License revocation isn't possible — once installed, the license is valid until its encoded expiry.
Date manipulation — moving the server clock backward to extend a license is detected (license stores issue date; large backward jumps flag as tampering).

Hardening

For zero-trust environments, pair license enforcement with:

Hash-chain audit immutability — catches any tampering with the license installation log
Config-file immutability — mount ~/.sophon/config/license.key read-only after install
Signed configuration — use external configuration management to supply the license; local writes are reverted on next config sync

Where to go next

Tiers — feature matrix per tier
Users — managing users within license cap
Compliance — what Enterprise-licensed compliance features unlock

On this page