Key Access Creator


Required referrer hostname:

Leave empty if not needed

Pinless: Sets the client's IP address as the key. A pin will not be generated, but they will still need to unlock their IP.

Developers : How to implement with app

The MBoost API is organized around REST.

To verify a key, send an HTTP post request to :

*The pageid and key query parameters must be filled appropriately. For example, ?pageid=1&key=2345

*The pageid will be the last URL parameter in your key generator page

*The key will be the key your client has used from your key generator page. You do not need to specify this parameter if your key access page is specified to be pinless.

*The post request MUST be sent from the client's same IP address when visiting the key access page.

The HTTP request will return a JSON response containining the key, "response," with a boolean value.


If the response is true, then the key has passed successfully. If the response is false, the client may have sent the request from a different IP or used the incorrect key.

For convenience, you can specify the "simple" query parameter to get a simple response instead. Including this parameter enables the response; the value of parameter does not matter. Making a request to "" would return "true" or "false" as plain text rather than a JSON response. This is not recommended, but it is available for situations which do not offer JSON parsing.


*Disabling pinless activation is inconvenient for clients. This is just an extra step to reduce bypasses.

*Using a required referrer hostname is not recommended. This is just an extra step to reduce bypasses. With a required referrer hostname, the client must go visit the key access page from the specified website's link.

*The referrer hostname is not the entire web page url. The specified URL will be converted down it's higher level domain. would be converted down to