KeyAuth
Visit Our Website
Visit Our Website
Github
Telegram
YouTube
  1. Features
  • Overview
    • Security Practices
    • Premade Examples - SDKS
    • QnA
    • Rate Limiting
  • Dashboard
    • Manage Applications
    • App
      • Licenses
      • Users
      • Tokens
      • Subscriptions
      • Chats
      • Sessions
      • Webhooks
      • Files
      • Global Variables
      • Logs
      • Blacklists
      • Whitelists
      • Audit Logs
      • Settings
    • Seller
      • Settings
      • Web Loader
      • Logs
    • Settings
      • Resellers | Manager
      • Settings
  • API
    • Getting Started
      • License
        • License Login
        • Redeem License (Upgrade)
      • ⚠️ Initialization ⚠️
      • Login (user/pass)
      • Logout
      • Register
      • Upgrade
      • Login (email/pass)
    • Features
      • Auto-Update
      • Web Loader
      • Chatroom/Messages
        • Retrieve Messages
        • Send Message
      • User Variables
        • Retrieve User Variables
        • Set User Variable
      • Ban User
        GET
      • Check Blacklist
        GET
      • Check Session
        GET
      • Disable 2FA
        GET
      • Change Username
        GET
      • Download File
        GET
      • Enable 2FA
        GET
      • Fetch Online Users
        GET
      • Forgot Password
        GET
      • ⚠️ Fetch Stats ⚠️
        GET
      • Log
        GET
      • Webhook
        GET
      • Retrieve Global Variable
        GET
    • Displaying Data
      • Displaying Data
  • Seller API
    • Application Settings
      • Add Application Hash
      • Edit Application Settings
      • Retrieve Application Details
      • Retrieve Current Application Settings
      • Retrieve Stats
      • Pause Application
      • Reset Application hash
      • Unpause Application
    • Blacklists
      • Create New Blacklist
      • Delete An Existing Blacklist
      • Delete All Blacklists
      • Retrieve All Blacklists
    • Chats
      • Create A New Chat Channel
      • Delete Channel Messages
      • Delete Existing Chat Channel
      • Edit Existing Chat Channel
      • Retrieve All Mutes
      • Retrieve All Chat Channels
      • Mute A User
      • Unmute A User
    • Files
      • Delete Existing File
      • Delete All Files
      • Retrieve All Existing Files
      • Retrieve An Existing File
      • Edit An Existing File
      • Upload A New File
    • Global Variables
      • Create A New Global Variable
      • Delete Global Variable
      • Delete All Global Variables
      • Edit Existing Global Variable
      • Retrieve All Global Variables
      • Retrieve An Existing Global Variable
    • Licenses
      • Add Time To All Unused Licenses
      • Assign A License To A User
      • Ban License
      • Create A New License
      • Create A New User Using A License
      • Delete All Licenses
      • Delete An Existing License
      • Delete Multiple Licenses
      • Delete All Used Licenses
      • Delete All Unused Licenses
      • Retrieve All Licenses
      • Retrieve License Information
      • Set Note On Existing License
      • Unban A License
      • Verify License Exists
    • Logs
      • Retrieve All Logs
      • Delete All Logs
    • Sessions
      • End Selected Session
      • End All Sessions
      • Retrieve All Sessions
    • Subscriptions
      • Create A New Subscription
      • Delete An Existing Subscription
      • Edit An Existing Subscription
      • Retrieve All Subscriptions
      • Pause An Existing Subscription
      • Unpause An Existing Subscription
    • Users
      • Add An HWID To An Existing User
      • Ban User
      • Create A New User
      • Change Users Password
      • Change Users Email
      • Change User's Username
      • Delete An Existing User
      • Delete All Expired Users
      • Delete A Users Variable
      • Delete All User Variables Using The Variable Name
      • Delete A Users Subscription
      • Delete All Users
      • Extend Users Expiration
      • Pause A User
      • Retrieve All Users
      • Retrieve All User's Variables
      • Retrieve All Usernames
      • Retrieve All Users Subscriptions
      • Retrieve License From User
      • Retrieve User Variable Data
      • Reset A Users HWID
      • Reset All Users HWID
      • Retrieve User Data
      • Set A User Variable
      • Subtract Time From A Users Expiration
      • Set Users HWID Reset Cooldown Duration
      • Unban A User
      • Unpause A User
      • Verify A User Exists
    • Webhooks
      • Create A New Webhook
      • Delete All Webhooks
      • Delete Webhook
      • Retrieve All Webhooks
    • Web Loader
      • Create A New Web Loader Button
      • Delete A Web Loader Button
      • Delete All Web Loader Buttons
      • Retrieve All Web Loader Buttons
    • Whitelists
      • Add IP To Whitelist
      • Delete All Whitelists
      • Delete Existing IP Whitelist
    • Reseller/Manager Accounts
      • Add Balance To Reseller
      • Create A New Reseller/Manager Account
      • Delete A Reseller or Manager Account
      • Retrieve All Resellers and Managers
      • Retrieve Balance From Reseller
      • Retrieve Reseller or Manager Information
  • Custom Domain Setup
    • Custom Domain (API)
  1. Features

Web Loader

Web login allows users to authenticate into your desktop application directly from your website or our customer panel using a temporary token.
Unlike standard API login endpoints, this method works by sending credentials to a local HTTP listener running inside your application.

Endpoint (Local)#

GET http://localhost:1337/handshake/?user={username}&token={token}

How It Works#

1.
Your application starts the web login listener:
2.
The application listens on:
https://localhost:1337/handshake
3.
Your website/customer panel redirects the user to:
https://localhost:1337/handshake/?user={username}&token={token}
4.
The client (c# in this example):
Receives the request
Extracts user and token
Sends a login request to KeyAuth servers
5.
If successful:
The user is logged into the application
User data is loaded

Request Parameters#

ParameterRequiredDescription
userYesUsername of the account
tokenYesTemp web login token

Internal Request Sent to KeyAuth#

After receiving the web request, the client sends the normal params as a regular login request, but now with the token param.#

Requirements#

Application must already be initialized
Application must be running before web login is triggered
Port 1337 must be available
Browser must allow requests to localhost

Security Notes#

Tokens must be temporary and single-use
Never expose permanent credentials in the browser
Always validate tokens server-side before issuing them
Only allow trusted websites to trigger web login
Bind only to localhost (never public interfaces)

Common Issues#

App not responding
Ensure your application is running and listening on:
http://localhost:1337/handshake/
Button does nothing
Login fails instantly
Port already in use

Notes#

Designed for website -> desktop authentication
Not a replacement for API-based login endpoints
Ideal for one-click login buttons, dashboards, and download portals

Web Buttons#

Web buttons allow owners to add custom buttons to the customer panel that can trigger actions inside the desktop application.
After the user logs in with web_login(), your application can wait for a specific button event using:
For example, an owner could add a button named close to the customer panel. When the customer clicks that button on the website, the desktop application detects it and can run custom login.

Common Button Uses#

Web Buttons can be used for actions such as:
Closing the program
Starting a download
Opening a menu
Refreshing user data
Unlocking a feature
Triggering a custom in-app event

Important Notes#

web_login() should be called before waiting for button events
The button name must match the customer panel button name exactly
Button events are intended for website-to-application communication
Your application decides what happens after the button is clicked
Modified at 2026-05-01 17:53:42
Previous
Auto-Update
Next
Retrieve Messages
Built with