# Implement with your licensing system Codeguard is implemented on applications through the following process: 1. Users login through the standard license process. 2. Upon successful authentication, the license server returns a cookie, a token or other form of object that indicates the user's authorization state. 3. Codeguard initializes with this result and forwards it to our tamper protection servers for verification. 4. Our tamper protection servers verify that the connection is legitimate and only then the user is granted access to the application. ### Alternative implementation If your licensing system isn't deeply integrated with your program, it might be possible to use Codeguard as the first and only layer of defense against reverse engineering attacks. The implementation would be similar to what we described earlier with the main difference being that your licensing system wouldn't be exposed to attacks. ### The pros & cons There are a few security considerations when deciding on the implementation model. The [partial implementation's](#partial-implementation) main benefit is skipping sending user-identifiable information to our servers. On the other hand, it opens a potential attack vector where attackers can exploit the exposed endpoints and make reverse engineering easier. We mitigate some exploitation attacks by binding each session to a machine; this ensures that even if attackers are able to generate sessions for an user; no more than the first machine to claim the session would be able to use it. We recommend enabling short-lived tokens in the licensing panel; by doing this, our servers would call your system if a customer disconnects to invalidate the token immediately. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.cyphor.net/code-guard/implement-with-your-licensing-system.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.