Holdify Holdify

How It Works

Four steps to enforcement

From payment provider connection to live API verification in minutes.

01

Connect your payment provider

One-click OAuth with Polar. Subscriptions and plans sync automatically.

  • Automatic webhook registration
  • Sync existing subscriptions
  • Stripe & LemonSqueezy in beta
02

Create API keys

Issue keys for your customers with scopes, metadata, and environment separation.

  • Prefixed keys (hk_live_, hk_test_)
  • Custom scopes and metadata
  • Per-environment isolation
03

Verify requests

Call POST /v1/verify from your middleware. Get validity, limits, and entitlements.

  • Sub-50ms response times
  • remaining + reset_at for rate limits
  • Entitlements from subscription plans
04

Enforce and track

Return 401/403/429 based on the response. Usage is tracked automatically.

  • Usage tracking per key
  • Audit trail for all decisions
  • Alerts on limit thresholds

Add to your middleware

A few lines of code to verify every request.

middleware.ts
const result = await holdify.verify({
  key: apiKey,
  resource: 'chat.completions',
});

if (!result.valid) {
  return res.status(401).json({ error: 'Invalid key' });
}

if (result.remaining === 0) {
  return res.status(429).json({
    error: 'Rate limit exceeded',
    resetAt: result.reset_at
  });
}

// Continue with request...

Ready to get started?

Start free with 150K requests/month. No credit card required.

Get Started Free Read the Docs