It would be great if there was some way to validate vBulletin licenses like this (https://xenforo.com/api/). Developers, the majority of whom aren't protected from piracy with SaaS solutions, would benefit immensely. It's not bulletproof, but it's a start.

For SaaS plugin providers like myself, it would cut back on the amount of fraudulent purchases (vain attempts, but a pain nonetheless). If widely adopted, in combination with reporting, this would decrease the number of vBulletin pirates as well.

I just discovered that we can use the PM system to validate licenses, but it's inconvenient for the one being verified and not granular -- no way to validate the domain -- at least there's something that can be used right now though.

I have not seen that before.

So, someone with a licence logs into their account, and generates a token.

They then give that token out to someone who wishes to validate them.

The "checker" submits the token to that page (or API) and it simply says its valid ?

Is that how that works ?

Yep. Some of the API's also have additional parameters as well though. It'll return if the domain submitted matches the token submitted along with it, customer info, if the license is still valid, if the license is able to be transferred, etc.

I have not seen that before.

So, someone with a licence logs into their account, and generates a token.

They then give that token out to someone who wishes to validate them.

The "checker" submits the token to that page (or API) and it simply says its valid ?

Is that how that works ?

That's right. Only thing it's missing is JSONP access.