Sell digital products as easily as physical ones
Files, license keys, subscriptions, and a public validation API. The full digital-product stack on one platform.
Digital products are usually treated as a second-class citizen on ecommerce platforms. The catalog supports them, but barely. License keys live in a separate spreadsheet. Subscriptions live in a separate billing tool. File delivery happens through a third-party hosted page that does not match your branding. Customers piece together accounts and emails to find what they bought.
Mercemur ships a complete digital-product engine on the same catalog as your physical products. Files behind short-lived signed links with per-customer download counters. License keys from a bulk pool or pattern-generated on the fly, encrypted at rest, validated through a public API your software can call. Subscriptions through Stripe with native dunning, or through a manual mode for annual plans you handle yourself. A single customer dashboard listing every entitlement: every file, every key, every subscription.
You sell digital, you run digital, and the platform actually understands the difference.
File downloads
Files are stored securely and served through short-lived signed links generated on demand. The links expire quickly (typically minutes) so a shared link cannot become a permanent backdoor to your distribution.
Each customer entitlement carries:
A download counter that increments on every successful download
An optional download limit (set to 0 for unlimited, set to 3 for 'three downloads max')
An optional expiration date (for time-bound access)
When a customer hits their download limit, the platform stops serving the file. The customer sees a clear message in their account dashboard. You can lift the limit manually from the admin if the customer has a legitimate reason.
Built-in protections:
- File downloads are served as attachments with explicit content-type to prevent inline rendering of malicious uploads
- File names are sanitized to block control characters and direction overrides
- Links cannot be shared and reused beyond the expiration window
- Hot-link prevention is built into the delivery path
License keys
Two key strategies fit different operations:
Bulk pool
Import a CSV of pre-generated license keys (10, 1,000, 100,000 at once). Mercemur claims one key per order on payment success. The customer sees their assigned key in their account dashboard. The pool depletes as orders come in. Reload the pool any time.
Useful for:
- Software where keys come from a third-party generator
- Limited-edition releases where keys are minted in advance
- Keys produced by an external partner
Pattern-generated
Define a key format using a template (XXXX-XXXX-XXXX-XXXX) and a charset (alphabetic, numeric, alphanumeric, custom). Mercemur generates a unique key on claim. The format is yours, the uniqueness is enforced.
Useful for:
- Software that uses standard activation key formats
- Brands that want consistent key formatting across products
- Operations that do not want to maintain a key generator separately
Key security
- Keys are encrypted at rest with strong cryptography
- Lookup uses a separate hash so the plaintext is never stored in a queryable form
- Cross-tenant validation works without exposing plaintext anywhere
- Only the customer who purchased the key can see it in the clear
Public license validation API
Your third-party software can validate a customer's key against a public validation endpoint. The endpoint is: Public (no merchant authentication needed), Scoped per tenant (the validator confirms the key belongs to the right merchant), Rate-limited to prevent abuse, Safe to embed in installer, activation, or "phone home" flows, Built to handle real software activation patterns.
Typical flow:
Customer buys a license on your Mercemur store
Customer downloads your software installer
Installer prompts for the license key
Customer pastes the key from their account dashboard or activation email
Your installer calls the validation endpoint with the key
Endpoint responds with valid or invalid status
Installer activates or rejects accordingly
Subscriptions
Two subscription modes fit different billing patterns:
Stripe Connect mode
Mints a real Stripe subscription on your connected Stripe account. Native: Dunning (Stripe's smart retry for failed cards), Customer portal (Stripe-hosted, branded), Proration on plan changes, Coupon and promotion support, Cancellation at period end vs immediate.
Useful for:
- Monthly or annual SaaS billing
- Recurring physical-box subscriptions where you also handle physical fulfillment
- Memberships with renewal expectations
Manual mode
Set an expires_at date without recurring billing. The customer's access lapses on the date you set. You handle renewal manually (send an email, take a payment, extend the date).
Useful for:
- Annual licenses billed through invoicing
- Educational licenses with academic-year expirations
- Limited-time access tied to a one-time payment
- Cases where you do not want Stripe handling renewals
Customer entitlement dashboard
Customers see every entitlement in one place at the account level. Each entitlement shows:
The dashboard is the same UI for physical and digital products. Customers do not have to learn two systems.
Merchant webhook outbox
Every entitlement event fires a signed webhook to a URL you configure. The events you can subscribe to: entitlement.granted, entitlement.revoked, entitlement.expired, entitlement.consumed, subscription.activated, subscription.canceled, subscription.payment_failed, license_key.claimed, license_key.revealed.
Each webhook is signed with a secret stored encrypted in your merchant config. The receiver verifies the signature before processing the payload.
Security protections:
- The outbox blocks attempts to target internal networks (no SSRF to your own infrastructure)
- DNS rebinding attempts are detected and blocked
- Outbound requests are rate-limited per merchant
- Failed deliveries retry with exponential backoff
- Replay protection through signed timestamps
How it all comes together
You upload a file or import a license key pool, or both
You configure the product as a digital catalog entry
Customer browses the storefront and finds the product
Customer checks out, pays through Stripe / Razorpay / Dodo
Payment captures successfully
Mercemur grants the entitlement: claims a key, signs a file link, mints a subscription
Customer receives confirmation email with their entitlement (key visible, file link, subscription confirmation)
Customer logs into their dashboard, sees the entitlement
Customer downloads / activates / uses the product
Your software calls the validation API to confirm the key is real
Your webhook receiver gets the entitlement.granted event for your own systems
Every step is on the platform. No second tool, no separate billing, no separate customer dashboard.
Use cases
Ebook publisher
PDF files with download limits (3 downloads per purchase, so customers cannot pirate by sharing). Customer dashboard shows every ebook ever purchased. Signed links prevent hot-linking from forums.
Software vendor (one-time license)
Pattern-generated keys (XXXX-XXXX-XXXX-XXXX format), validation API called from the software at activation, customer reveals the key from the dashboard.
SaaS subscription
Stripe Connect subscription, customer portal for self-service, dunning handles failed cards, customer dashboard shows subscription status and next billing date.
Music producer selling sample packs
ZIP files with download counters but no hard limit (customers can re-download to a new computer). Pattern-generated download links so each customer gets unique URLs.
Course creator
Manual subscription with annual renewals invoiced. Webhook fires on subscription expiry to revoke LMS access automatically.
Design asset marketplace
Bulk pool license keys for tier-based commercial licensing. Customer reveals different keys for different license tiers. Validation API used by partner apps.
Frequently asked questions
Quick reference
File downloads with signed links, download counter, optional limit. License keys in two modes: bulk pool or pattern-generated. Public license validation API at a stable endpoint. Subscriptions through Stripe Connect (recurring) or manual (annual). Customer entitlement dashboard for files, keys, subscriptions. Signed merchant webhook outbox, SSRF-hardened. Encrypted at rest with strong cryptography.
Start selling digital products today.
Start fast, compare plans, or talk through the details with us.