Documentation
Business Branches
App Licensing

Sandbox Testing

Before connecting your application to the production API, use the sandbox endpoints to verify your integration. Sandbox endpoints return hardcoded responses for known test values, so you can develop and test without creating real products or purchases.

The sandbox includes both usage-rights validation endpoints and a separate version-check endpoint.

Sandbox Endpoints

Production Endpoint Sandbox Endpoint Description
api/v1/login api/v1/login/sandbox Login-based usage rights validation
api/v1/key api/v1/key/sandbox Secret key–based usage rights validation
api/v1/product/app-version api/v1/product/app-version/sandbox Product version update check

Test Values

Use these hardcoded values when calling sandbox endpoints:

Test Product Key 

00000000000000000000000000000000

Test Client Secret (for key validation) 

00000000000000000000000000000000.00000000000000000000000000000000.00000000000000000000000000000000.2524608000.B0QOZUBvcEO7dydkvUPMCO4lA0I=

Sandbox Login Validation 

POST api/v1/login/sandbox

Authentication: Required — include a valid Bearer token.

Send a ProductRightsAuthenticatedRequest containing the test product key. If the test key is present in the array, the sandbox returns a successful test license.

Request 

{
  "ProductKeys": ["00000000000000000000000000000000"]
}

Response 

{
  "UsageRights": [
    {
      "ProductKey": "TestProductKey",
      "LicensePayload": "test_payload",
      "TestLicense": true
    }
  ]
}

If the test product key is not included in the request, the response contains an empty array:

{
  "UsageRights": []
}

Sandbox Key Validation 

POST api/v1/key/sandbox

Authentication: None required.

Send a ProductRightsKeyRequest with both the test product key and the test client secret. Both values must match for the sandbox to return a successful response.

Request 

{
  "ProductKeys": ["00000000000000000000000000000000"],
  "ClientSecret": "00000000000000000000000000000000.00000000000000000000000000000000.00000000000000000000000000000000.2524608000.B0QOZUBvcEO7dydkvUPMCO4lA0I="
}

Response 

{
  "UsageRights": [
    {
      "ProductKey": "TestProductKey",
      "LicensePayload": "test_payload",
      "TestLicense": true
    }
  ]
}

If either the product key or client secret does not match the test values:

{
  "UsageRights": []
}

Sandbox Version Update Check 

POST api/v1/product/app-version/sandbox

Authentication: None required.

This endpoint is not a license-validation endpoint. Use it only to test update/version lookups.

Send a ProductInfoRequest with the test product key. The sandbox returns a hardcoded version.

Request 

{
  "ProductKey": "00000000000000000000000000000000"
}

Response 

{
  "Version": "1.2.3",
  "Data": "test data"
}

If the product key does not match the test value:

{
  "Version": null,
  "Data": null
}

.NET Integration Example

To switch between sandbox and production, parameterize the endpoint paths in your client:

using System.Net.Http.Json;

public class DistancerLicenseClient
{
    private readonly HttpClient _httpClient;
    private readonly bool _useSandbox;
    private const string BaseUrl = "https://appstore.distancer.ai/";

    public DistancerLicenseClient(HttpClient httpClient, bool useSandbox = false)
    {
        _httpClient = httpClient;
        _httpClient.BaseAddress = new Uri(BaseUrl);
        _useSandbox = useSandbox;
    }

    private string LoginEndpoint =>
        _useSandbox ? "api/v1/login/sandbox" : "api/v1/login";

    private string KeyEndpoint =>
        _useSandbox ? "api/v1/key/sandbox" : "api/v1/key";

    private string VersionEndpoint =>
        _useSandbox ? "api/v1/product/app-version/sandbox" : "api/v1/product/app-version";

    public async Task<ProductRightsResponse?> ValidateByKeyAsync(
        string[] productKeys, string clientSecret, CancellationToken ct = default)
    {
        var request = new ProductRightsKeyRequest
        {
            ProductKeys = productKeys,
            ClientSecret = clientSecret
        };

        var response = await _httpClient.PostAsJsonAsync(KeyEndpoint, request, ct);
        response.EnsureSuccessStatusCode();

        return await response.Content.ReadFromJsonAsync<ProductRightsResponse>(ct);
    }

    public async Task<ProductVersion?> CheckVersionAsync(
        string productKey, CancellationToken ct = default)
    {
        var request = new ProductInfoRequest { ProductKey = productKey };

        var response = await _httpClient.PostAsJsonAsync(VersionEndpoint, request, ct);
        response.EnsureSuccessStatusCode();

        return await response.Content.ReadFromJsonAsync<ProductVersion>(ct);
    }
}

Quick Sandbox Test 

// Use sandbox mode during development
var client = new DistancerLicenseClient(new HttpClient(), useSandbox: true);

// Test key validation with hardcoded sandbox values
var rights = await client.ValidateByKeyAsync(
    productKeys: ["00000000000000000000000000000000"],
    clientSecret: "00000000000000000000000000000000.00000000000000000000000000000000.00000000000000000000000000000000.2524608000.B0QOZUBvcEO7dydkvUPMCO4lA0I="
);

Console.WriteLine($"License found: {rights?.UsageRights.Count > 0}");
// Output: License found: True

// Test version check
var version = await client.CheckVersionAsync("00000000000000000000000000000000");
Console.WriteLine($"Version: {version?.Version}");
// Output: Version: 1.2.3

Switching to Production

When your integration is verified:

  1. Replace the test product key with your real product key from the Distancer.ai dashboard.
  2. Set useSandbox: false (or remove the sandbox flag).
  3. Use real user credentials (Bearer token or client secret) instead of the test values.

Key Differences from Production

Aspect Sandbox Production
Data source Hardcoded test values Live database
Product keys Only 000...000 works Your real product key
Client secrets Only the test secret works Real user secrets
TestLicense flag Always true false for real licenses
Version response Always 1.2.3 Your published version
Product Version Check