Photonix UI - React Components, Templates & Figma Design System

License Policy

Last updated: April 4, 2026

1. How Photonix credentials are supposed to work

A Photonix order gives you a license key for the License Portal. That portal lets you create install tokens. Install tokens are the credentials used by npm, pnpm, yarn, and CI systems.

License keys should not be put directly into .npmrc. Install tokens should be created per device or per CI environment, then rotated or revoked if exposed.

2. What counts as a device seat

A device seat is one developer machine. Typical examples are a MacBook, Windows laptop, workstation, or dedicated local dev machine. Each person should have their own token for each machine they actively use.

Sharing one device token across several teammates, agencies, contractors, or customers is not permitted.

3. What counts as a CI / Deploy seat

A CI / Deploy seat is one automated environment such as GitHub Actions, Vercel build infrastructure, Netlify, Render, Docker-based pipelines, or a private build runner.

CI tokens are for automation only. They should live in secure environment variables or build secrets, not on local developer machines.

4. Behavior that triggers review

Photonix automatically watches install token behavior for signs of sharing or abuse. Signals may include unusually high download volume, repeated tarball access, many environments using the same token, or repeated abuse events under one license.

This review is automatic. Photonix does not need to manually inspect each customer one by one for the system to react.

5. What happens when a token is flagged

A flagged token is still visible in the License Portal and the buyer receives an alert email with the reason. The buyer should rotate the token immediately or revoke it if it should no longer exist.

If the suspicious behavior continues and Photonix auto-revoke is enabled, the system may revoke that token automatically.

6. What happens when a license is restricted

A restricted license can still be viewed in the License Portal, but it cannot create new install tokens until the restriction window ends or the suspicious tokens are cleaned up.

This is intended as a recovery state so the buyer can stop sharing behavior and replace exposed tokens without losing the whole account.

7. What happens when a license is suspended

A suspended Photonix license is permanently blocked. Existing install tokens under that license can no longer install packages. Suspension does not expire automatically.

A suspended buyer must contact Photonix to request a manual review. Photonix may decide to keep the suspension, restore the license, or require a plan correction before reactivation.

8. Review and reinstatement

Review requests should include the order email, the affected license key, a summary of the environments that were using the tokens, and any evidence that the credential was leaked accidentally rather than intentionally shared.

Photonix may deny reinstatement if the license was clearly redistributed beyond the purchased seat count or used as part of a resale, template redistribution, or shared package access scheme.

Questions about Licensing?

If you have any questions about this operational policy or need help with a flagged token, please contact our support team.