Before reading the rest of this page, be sure you understand what Authorization Definitions are. If not, please read Authorization Definitions in this feature reference.

Authorization Request Codes are 16 digit alpha-numeric codes (of the following format: 1234-5678-90AB-CDEF). These codes are a request to activate an Authorization Definition in a license. They are generated by the ClientProtector and are for your application to provide to either the user to communicate to you, or directly to your purchasing system on your web-site.

The code itself is actually a hexadecimal number, so only numbers and the characters A, B, C, D, E and F can appear. This can be good to know when communicating codes verbally to avoid errors. Also to avoid errors, if you communicate codes verbally (over the telephone) it is a good idea to memorize the first six characters of the phonetic alphabet. We have numerous times found this very helpful, especially when communicating with foreign customers who may have an accent or a language barrier - which can really confuse things. The standard phonetic characters are: Alpha, Bravo, Charlie, Delta, Echo and Fox-trot.

You prompt the ClientProtector to provide an Authorization Request Code in two ways. Using the functions StartUp and RequestActivation. StartUp may indirectly provide an Authorization Request Code to your application if the OnAttemptReleaseCP event is fired (if necessary) or if the OnAttemptRecover event is fired (if necessary). The Authorization Request Code is always provided to your application and it is your applications responsibility to communicate this either to the user, or directly to a purchasing page on your web-site.

Authorization Request Codes contain two pieces of information:

1. The ID of the requested Authorization Definition (0 to 63 inclusive).

2. The FingerPrint (optionally) of the system which requested the code (user).

When invoked to provide an Authorization Request Code, the ClientProtector assembles these two pieces of information, the resulting data is encrypted (using the BlowFish algorithm) using the Global Authorization Definition Password as a key. It is then provided to your application for you to use.

The user must generally provide this Authorization Request Code to you with their payment. If you do not use FingerPrints (machine locking) then all Authorization Request Codes for the same license (and Authorization Definition) will be identical. In this case, If you use no FingerPrint and you know exactly what is being requested, you can pre-determine the Authorization Request Code during development and hard-code this into your purchasing data-flow. Although possible, this is generally not the norm and may be problematic if you ever change anything.

Note: If you do use FingerPrints, then the Authorization Request Codes for the same Authorization Definition for the same license will be different for different machines and so must be obtained individually from each user (machine).

The process of providing the user with an Authorization Request Code and then inputting a reciprocated Activation Code is called a Simple Code Exchange.

Whether you get the Authorization Request Code from the user, or pre-determine which code is required, an Authorization Request Code must be used for every Activation Code you generate.

Once you or your site processes the customers payment successfully, you will input the Authorization Request Code into the Manual-Activator or automatically into the Web-Activator (with correctly constructed parameters). This will allow you to generate an Activation Code for that customer (machine) that will satisfy the request.

More Information

For help on understanding how the StartUp function may fire an event that will indirectly send an Authorization Request Code to your application, see StartUp, OnAttemptReleaseCP, OnAttemptRecover and in the SoftwareShield ClientProtector Reference.

For help on actually obtaining an Authorization Request Code for a specific Authorization Definition, see RequestActivation in the SoftwareShield ClientProtector Reference.

For help on inputting Authorization Request Codes into the Manual-Activator, see Inputting Customers Authorization Request Codes in the SoftwareShield Manual-Activator Reference.

For help on inputting Authorization Request Codes into the Web-Activator, see Web-Interface URL Format in the SoftwareShield Web-Activator Reference.