[Selling] 🔐 Authgate™ | Keys, Licenses System 2025 ▷ authgate.shop ◁

[Keystah!]

Quick Links

• ▷ Buy Authgate
• ▷ Documentation
• ▷ Discord Server
• ▷ NEW: Automatic Ban System

Features

• Users
• Subscriptions and memberships
• Licenses
• Server side variables for remote configuration
• Secure file delivery for applications
• Modern, responsive dashboard with 100% mobile support
• Import KeyAuth users

Authentication & security

• HTTPS with custom domain "auth.your-hack.com"
• Basic and token based authentication
• Hardware ID checks
• Custom number of allowed devices and simultaneous logins per user
• Automatic ban system (user, IP, hardware ID, license)
• Request and response signing against replay attacks
• File encryption on disk, decryption in RAM

Why selfhost?

• 100% private
• Zero downtime with reliable hosting
• No rate limits
• You control when to update

Architecture

• Python Backend (FastAPI & RQ)
• React+Next.js Frontend
• PostgreSQL Database
• C++, Python, C# SDKs

Self-hosting

• Authgate runs fine on a basic VPS, for example even the cheapest box on njal.la.
• Initial setup takes about 5 minutes using the automatic setup script for Debian 12.
• New updates are released weekly and can be installed in roughly 5 to 10 minutes using the automatic update script.
• If needed, I can also help you set up Authgate step by step.

*Happy hacking!*

 Changelog

## [v1.6.0] - 5 Oct, 2025

### New

- **Secure Request Signing** - Introducing a robust request signing system with signature verification and nonce management to prevent replay attacks.
- **SDKs with Built-In Signing** - C++ and Python SDKs now natively support signed requests, ensuring every integration is secure and fully trusted end to end.

## [v1.6.1] - 5 Oct, 2025

### Fixed

- Added missing database migration script for request_signing_key column

## [v1.6.2] - 12 Oct, 2025

### New

- **AES-GCM Encryption for Keys** - Application keys now use AES-GCM encryption for improved security.
- **Regenerate Request Signing Key** - Ability to regenerate request signing keys from the admin panel.

### Improvements

- Streamlined file and key encryption handling with removal of legacy methods
- Updated clients to new key schema with improved base64 handling

### Fixed

- Fixed downgrade path in database migration script 0007
- Fixed regeneration of application keys

## [v1.7.0] - 7 Nov, 2025

### New

- **Device Authentication** - Hardware ID-based device authentication for desktop apps. Bind user sessions to specific devices and manage registered devices from the admin panel.
- **Domain Events** - Internal event system for better decoupling and extensibility. Enables reactive workflows and cleaner architecture.

### Improvements

- Added device authentication toggle to application settings

## [v1.8.0] - 17 Nov, 2025

### New

- **Admin API** - Programmatic access to admin operations with dedicated API key authentication. Includes endpoints for user details, license details, active users, and device reset operations.
- **Response Signing** - Server responses are now cryptographically signed, ensuring integrity and authenticity of all data returned from your Authgate instance.
- **Documentation Site** - Comprehensive documentation with architecture overview, features, API reference, SDK guides, and more.

### Improvements

- Request signing now enabled by default
- Renamed DirectAuthStrategy to LegacyAuthStrategy in clients for clarity

### Fixed

- Fixed C++ client curl options to be set before retrying requests

## [v1.8.1] - 17 Nov, 2025

### Improvements

- Added safety check to prevent running update script from within the deployment directory
- Release archives now include top-level directory for cleaner extraction

### Fixed

- Various fixes in C++ client

## [v1.8.2] - 19 Nov, 2025

### Improvements

- Added optional HTTP and HTTPS port configuration for flexible deployment setups

### Fixed

- Fixed sign handling for adjustment minutes in membership timeline display
- Fixed C++ client header handling to properly clear and rebuild headers when refreshing authentication
- Standardized error message for inactive membership across all endpoints
- Changed status code for expired membership from 401 to 403
- Fixed lifetime membership session capping
- Added x-hardware-id to client-controlled headers for request signing

## [v1.9.0] - 5 Dec, 2025

### New

- **Automatic Ban System** - Intelligent cross-banning that automatically detects a banned user, IP, HWID, or license and blocks all related ones. Manage bans from the admin panel with full CRUD operations and reporting.
- **Known IP Addresses** - Track and display IP addresses associated with users, including last seen timestamps for better security visibility.
- **User Ban Status** - Ban status now visible in user management views with one-click ban/unban actions.

### Improvements

- Pagination support added to Form Data Tables component
- Added configurable maximum file upload size in nginx

## [v1.9.1] - 5 Dec, 2025

### Fixed

- Made IP address extraction more robust
- Fixed update script to preserve file storage during updates

## [v1.9.2] - 7 Dec, 2025

### Improvements

- Enhanced real IP detection for multi-tier reverse proxy setups in nginx configuration

### Fixed

- Fixed missing volume mount for file storage in Docker Compose

## [v1.6.0] - 5 Oct, 2025

### New

- **Secure Request Signing** - Introducing a robust request signing system with signature verification and nonce management to prevent replay attacks.
- **SDKs with Built-In Signing** - C++ and Python SDKs now natively support signed requests, ensuring every integration is secure and fully trusted end to end.

## [v1.6.1] - 5 Oct, 2025

### Fixed

- Added missing database migration script for request_signing_key column

## [v1.6.2] - 12 Oct, 2025

### New

- **AES-GCM Encryption for Keys** - Application keys now use AES-GCM encryption for improved security.
- **Regenerate Request Signing Key** - Ability to regenerate request signing keys from the admin panel.

### Improvements

- Streamlined file and key encryption handling with removal of legacy methods
- Updated clients to new key schema with improved base64 handling

### Fixed

- Fixed downgrade path in database migration script 0007
- Fixed regeneration of application keys

## [v1.7.0] - 7 Nov, 2025

### New

- **Device Authentication** - Hardware ID-based device authentication for desktop apps. Bind user sessions to specific devices and manage registered devices from the admin panel.
- **Domain Events** - Internal event system for better decoupling and extensibility. Enables reactive workflows and cleaner architecture.

### Improvements

- Added device authentication toggle to application settings

## [v1.8.0] - 17 Nov, 2025

### New

- **Admin API** - Programmatic access to admin operations with dedicated API key authentication. Includes endpoints for user details, license details, active users, and device reset operations.
- **Response Signing** - Server responses are now cryptographically signed, ensuring integrity and authenticity of all data returned from your Authgate instance.
- **Documentation Site** - Comprehensive documentation with architecture overview, features, API reference, SDK guides, and more.

### Improvements

- Request signing now enabled by default
- Renamed DirectAuthStrategy to LegacyAuthStrategy in clients for clarity

### Fixed

- Fixed C++ client curl options to be set before retrying requests

## [v1.8.1] - 17 Nov, 2025

### Improvements

- Added safety check to prevent running update script from within the deployment directory
- Release archives now include top-level directory for cleaner extraction

### Fixed

- Various fixes in C++ client

## [v1.8.2] - 19 Nov, 2025

### Improvements

- Added optional HTTP and HTTPS port configuration for flexible deployment setups

### Fixed

- Fixed sign handling for adjustment minutes in membership timeline display
- Fixed C++ client header handling to properly clear and rebuild headers when refreshing authentication
- Standardized error message for inactive membership across all endpoints
- Changed status code for expired membership from 401 to 403
- Fixed lifetime membership session capping
- Added x-hardware-id to client-controlled headers for request signing

## [v1.9.0] - 5 Dec, 2025

### New

- **Automatic Ban System** - Intelligent cross-banning that automatically detects a banned user, IP, HWID, or license and blocks all related ones. Manage bans from the admin panel with full CRUD operations and reporting.
- **Known IP Addresses** - Track and display IP addresses associated with users, including last seen timestamps for better security visibility.
- **User Ban Status** - Ban status now visible in user management views with one-click ban/unban actions.

### Improvements

- Pagination support added to Form Data Tables component
- Added configurable maximum file upload size in nginx

## [v1.9.1] - 5 Dec, 2025

### Fixed

- Made IP address extraction more robust
- Fixed update script to preserve file storage during updates

## [v1.9.2] - 7 Dec, 2025

### Improvements

- Enhanced real IP detection for multi-tier reverse proxy setups in nginx configuration

### Fixed

- Fixed missing volume mount for file storage in Docker Compose

[Keystah!]

[Keystah!]