Documentation Index
Fetch the complete documentation index at: https://docs.authforge.cc/llms.txt
Use this file to discover all available pages before exploring further.
hwidOverride lets your integration send a custom identifier instead of the SDK’s machine fingerprint.
This is useful when your product does not run on a fixed device, such as:
- Telegram bots
- Discord bots
- Browser-based automations
- Headless services where “machine identity” is not meaningful
What it does
Normally, each SDK computes a hardware fingerprint and sends it ashwid.
With HWID override enabled, the SDK sends your provided value as hwid instead. AuthForge still applies the same seat logic (maxHwidSlots, blacklist/whitelist, reset behavior) because the server treats HWID as an opaque identity string.
Recommended format
Use provider prefixes so identities are explicit and collision-safe:- Telegram:
tg:<user_id> - Discord:
discord:<user_id> - Internal user:
user:<id>
Security considerations
- Never trust client-supplied usernames as the binding source.
- Prefer IDs from signed platform events (Telegram/Discord user IDs).
- Apply rate limits on license-entry commands to reduce key guessing.
- Keep keys in private channels/DMs when possible.
SDK parameters
- Node:
hwidOverride - Python:
hwid_override - Go:
HWIDOverride - C#:
hwidOverride - Rust:
hwid_override - C++:
hwidOverride
validateLicense (see each SDK’s docs for the exact name) with HWID override set: same trust model as login, without heartbeat timers or session cleanup.
Example use cases
- Telegram bot access gate: Ask for a key once, then bind to
tg:<user_id>. - Discord premium commands: Validate key, bind to
discord:<user_id>, allow premium command set. - Managed shared workers: Bind to tenant identity rather than container host fingerprints.