Vendor Integration Workflows

This section provides an overview of the steps that are involved in licensing and deploying your software. It is recommended that you prepare a licensing plan before you integrate the enforcement technology's mechanisms with your software. Your licensing plan should be based on the detailed licensing requirements that you define for all the software applications to be sold by your company, and/or distributed for trial use.

Major Workflows for Sentinel RMS

This section describes how to implement Sentinel RMS licensing for the various deployment modes. For complete details, refer to the Sentinel RMS Developer Guide:

Steps	Typical User Role	Deployment Mode
Steps	Typical User Role	On-premises*	Lease	Connected (Cloud LM)
Application Licensing Using the RMS Libraries To license your applications, you need to incorporate the Sentinel RMS Licensing API calls—known as Unified API—into your application source code. Thereafter, your licensed application requires an RMS license to run. Refer to the following sections for details: •Unified API for C •Unified API for Java •Unified API for .NET For the Connected (Cloud LM) deployments, platform and language-independent REST API are also provided.	Developer
Feature, License Model, Product, and Download Definition Using Sentinel EMS Use Sentinel EMS to define your application’s features, associate features with license models, package features into different products and suites, and configure products for download. For details, see: Catalog.	Product Manager
Entitlement Creation Using Sentinel EMS Use Sentinel EMS to create customer-specific entitlements. For details, see: Entitlements.	Order Taker
Entitlement Activation Using Sentinel EMS Use Sentinel EMS (Vendor Portal, Customer Portal, or REST API) to generate licenses for a customer. For details, see: Activations. In the Lease mode, the entitlement is deployed soon after it is marked as complete. It will be activated automatically while using the Sentinel Cloud Plug-in (SCP). In the case of Connected (Cloud LM) mode, the license is deployed on the Thales-hosted RMS Cloud LM soon after activation.	>Customer or contact >Order Taker
Fingerprint Registration The fingerprint registration lets you designate the machine (RMS License Manager host or a standalone machine) on which the lease is obtained. Thereafter, the same machine is used for lease updates and renewals. The machine is identified by its system identifiers (fingerprints such as disk ID, serial number and so on). You can select the fingerprint registration option at the time of license model creation and set it as mandatory or optional. If mandatory, the customer's administrator will need to generate and register the fingerprints after an entitlement is deployed. If optional, fingerprint generation and registration are handled in background, without requiring customer's intervention. Use the Sentinel RMS Unified API to create your own customized tool for obtaining fingerprints. The fingerprints are recorded in XML format. For details, see the example code snippets corresponding to the Unified API implementation: C, Java, and .NET.	>Developer >Customer	Not applicable		Not applicable
Fingerprint Locking To support node-based locking, an entitlement can be locked to a specific machine (RMS License Manager host or a standalone machine) identified by their system identifiers (fingerprints such as disk ID, serial number and so on). The system identifiers are used to create locking codes. During entitlement activation, the end user needs to provide the locking code. You can use the Sentinel RMS Unified API to create your own customized tool for obtaining locking codes (16-byte long strings). For details, see the example code snippets corresponding to the Unified API implementation: C, Java, and .NET. Alternatively, you can provide the Wechoid or echoid utilities for generating locking codes.	>Developer >Customer		Not applicable	Not applicable
SCC Connection SCC connectivity is required to obtain license updates, usage data collection and reporting. To establish a connection with SCC, you need to edit the configuration file included in the SCL Add-on Package. Refer to Sentinel Cloud Licensing (SCL) Add-on Installation and Configuration Guide for details.	Customer	Required only for usage data support		Automatically handled by the RMS Cloud License Manager
RMS Cloud LM Connection: Each API, Unified or Cloud LM REST, is required to be authenticated using JSON Web Token (JWT) access token: >When using the SCP-integrated library: The library handles the complete process of authentication as well as message signing and verification, without requiring any user intervention. However, you must modify the SCP Configuration File for the mandatory items such as the Tenant Host Address and Registration Token in order to establish connection with the RMS Cloud LM. Refer to Sentinel Cloud Licensing (SCL) Add-on Installation and Configuration Guide for details. >When using the RMS Cloud LM REST API: Generate access token using the Token service REST API and use it to consume the RMS Cloud LM REST API.	Contact Administrator and End user	Not applicable	Not applicable
License Consumption by Clients >On-premises mode: There can be many ways to generate and deliver licenses for on-premises mode. For example, the vendor can generate and email the license, or the customer can activate the entitlement directly. Once a license is added to the RMS License Manager or a standalone machine, the clients can obtain it using the standard license authorization process implemented by the developer. >Lease mode: Once SCC grants a license to SCP, it is added to the RMS License Manager or a standalone machine. The clients obtain license from the RMS License Manager or a standalone machine using the standard license authorization process implemented by the developer. >Connected (Cloud LM) mode: Post-authentication, the licensed features are granted access to the users/devices and licensing sessions begin.	License authorization and consumption process is implemented using the Unified APIs by the developer.
Usage Collection The usage data collection of users/machines is transmitted to SCC.	>Automatic for the Lease and Connected (Cloud LM) modes >Requires support of customer in the On-premises mode
Usage Aggregation and Reporting The collected usage data is automatically aggregated and then used by Sentinel EMS for generating usage reports.	Product Manager
Lease Renewal The lease is renewed periodically as set in the entitlement generated by EMS. NOTE The various steps of lease license acquisition, consumption, usage collection, reporting, and lease renewal are repeated iteratively, until the entitlement expires.	Automatic for the Lease mode	Not applicable		Not applicable
Session Management The contact administrators can view the live sessions and terminate them, if required using the Sentinel EMS Customer Portal.	Contact Administrator	Not applicable	Not applicable

* On-premises deployments when implemented using the Flexible License Model of Sentinel EMS.

Major Workflows for Sentinel LDK

This section describes how to implement Sentinel LDK-based protection and licensing for the Sentinel HL and SL protection keys, including cloud licensing (CL). For complete details, refer to the Sentinel LDK Software Protection and Licensing Guide:

Steps	Typical User Role	Sentinel Protection Keys
Steps	Typical User Role	HL	SL (Including Cloud Licensing)
Protecting Programs and Data Files Sentinel LDK provides two primary protection methods: >Sentinel LDK Envelope >Sentinel Licensing API You can apply protection directly to: >Compiled executables, DLLs and .NET assemblies >Specific functions or entire programs. >Sensitive data and intellectual property For complete details, refer to: Sentinel LDK Protection	Developer
Catalog Creation Using Sentinel EMS Use Sentinel EMS to define your application’s features, associate features with license models, add memory files, package features into different products, and configure products for download. Make sure that the Locking Type includes the option to use the HL keys or SL-AdminMode keys or SL-UserMode keys. For implementing cloud licensing (CL), SL AdminMode keys are required. For complete details, refer to: Catalog.	Product Manager
Entitlement Creation Using Sentinel EMS Use Sentinel EMS to create customer-specific entitlements. For complete details, refer to: Entitlements.	Order Taker
Entitlement Activation Using Sentinel EMS Use Sentinel EMS to generate licenses for a customer. For complete details, refer to: Activations. >Sentinel HL Keys: Writes (burns) the entitlement details to the connected Sentinel HL keys. >Sentinel SL Keys: •Obtain the fingerprints of the customer's computer using a Customer-to-Vendor (C2V) file. • Correspondingly, generate a Vendor-to-Customer (V2C) file using Sentinel EMS and share it with your customer. •For cloud licensing a license server machine (either vendor-hosted or customer-hosted) must be set up as well.	>Customer or Contact >Order Taker
Reporting Following activation, you can view the valuable business information based on data in the Sentinel EMS reports.	Product Manager