APort includes proprietary services and open-source components. This page explains how they're licensed.

1) APort Registry & Dashboard (Proprietary)

Unless otherwise noted, the core APort Service (registry, issuance, countersign, webhooks, billing, admin UI) is proprietary. Your access is governed by our Terms of Service.

2) Open-Source Components

We publish certain components to maximize interoperability and trust:

• Policy Packs (versioned JSON + examples): Apache License 2.0
• SDKs & Middleware Examples (Node/Express, Python/FastAPI, GitHub Actions): MIT License
• Specification Docs (Passport schema & verify protocol): Creative Commons Attribution 4.0 (CC BY 4.0)

Each public repository includes its own LICENSE file.

3) Website Content

Unless otherwise indicated, website text and documentation are licensed under CC BY 4.0. Trademarks, logos, and brand assets are not licensed.

4) Contributing

By submitting contributions to our public repositories, you agree that your contributions are licensed under the repository's license. You represent you have the right to contribute those materials.

5) Questions

Licensing inquiries: support@aport.io Security disclosures: security@aport.io

Quick FAQ

• Can I embed APort Policy Packs in my product? Yes, under Apache-2.0. Please retain the NOTICE file if present.
• Can I fork the SDK and modify it? Yes, under MIT.
• Can I run my own APort-compatible verifier? Yes. The spec is CC BY 4.0 and the packs are Apache-2.0; you can validate locally against the pack JSON. Our hosted verify adds SLA, countersign, and webhooks.

Attribution

Include the following attribution where required: "Uses APort policy packs/spec (© APort contributors)" with a link to the relevant repository.

Final Notes

• These documents are provided for convenience and may change.
• In the event of conflict, repository-specific licenses control for that repository.
• For commercial terms of the hosted Service, see our Terms of Service.