Runtime license check

"Why do we check the license at runtime?"

The only "per-seat" pricing Avo does if for different apps or URLs. Because of that we need to check, at runtime, how does the parent app use Avo.

Integration was a breeze and even things like custom fields were really simple to add.

Definitely loving the experience compared to ActiveAdmin.

Aaron Rama
Aaron Rama
Co-Founder & CTO, PropUp

TL;DR;

  • In order to validate the license we need to check on what URL Avo is used on.

Avo's licensing is rather simple and permissive to customers. For one license you get Avo to use on one production environment, or better yet, one production URL. Please follow those pages to learn more about what that means.

Because of these loose terms, the only way for us to scale the business is by implementing one "per-seat" strategy, which is one license per URL, and in order to make that work, we have to check the usage at runtime.

How is the check done?

We run a check on the first request inside the Avo path and then every six hours to see if the license is still valid and used within the terms of the subscription. The timeout of that request is 5 seconds.

What data is being sent?

  • Ruby, Rails, and Avo versions
  • The type of license and license key
  • The environment Rails.environment
  • The server IP, host and port
  • The app name
  • Some Avo metadata that helps us better understand the features you are using. For example:
    • avo_root_path
    • resources_count
    • dashboards_count
    • fields_count
    • fields_per_resource
    • custom_fields_count
    • field_types
    • actions_count
    • actions_per_resource
    • filters_count
    • filters_per_resource
    • main_menu_present
    • profile_menu_present
    • cache_store

None of this information is sold or shared with 3rd parties to use.
The only 3rd party services we share this information with is the ones specified here and it's only for internal use for monitoring, error reporting, and analytics.