Citadel License & Subscription

Your Citadel subscription unlocks the desktop app on up to 2 devices. This page covers how activation works, how to manage devices, what happens when your subscription lapses, and how offline grace works.

How activation works

  Citadel desktop app                  citadels.cc
 ┌──────────────────┐                ┌────────────────┐
 │ Enter email + pw │ ──activate──▶  │ Verify password │
 │ + Windows GUID   │                │ + active sub?   │
 │                  │ ◀──RS256 JWT── │ + device slot?  │
 │ Cache token      │                └────────────────┘
 │                  │
 │ Every 6h:        │
 │ refresh ────────▶│ check status
 └──────────────────┘

The desktop calls POST /api/v1/license/activate on citadels.cc with your credentials and a stable Windows identifier (HKLM\SOFTWARE\Microsoft\Cryptography\MachineGuid). On success, citadels.cc returns an RS256-signed JWT tied to this specific machine. Citadel caches it in C:\Citadel\data\license.json and refreshes every 6 hours.

Your 2-device limit

Each citadels.cc account gets 2 active device slots. This works for:

• Home server + backup box
• Dev environment + production
• Two different DayZ communities

To use a 3rd machine, revoke one of the first two from either:

• The Citadel dashboard: Sidebar → Subscription → Deactivate this machine
• citadels.cc: Account → Devices → 🗑 next to the device you want to replace

Revoking frees the slot immediately. The revoked machine's Citadel enters unactivated mode on its next verify call.

Offline grace

Citadel validates the cached token locally using an embedded public key. You can run up to 7 days without internet before activation is required again. After the grace window, the app enters read-only mode until it can reach citadels.cc for a fresh verify.

This is intentional — it means a brief network blip or a DDoS against citadels.cc won't take your DayZ management offline.

Subscription states

You'll never lose access to your server configs, mods, or backups in any state — those are stored locally and belong to you. You just can't make changes when Lapsed.

Managing your subscription

All billing is handled by Paddle. From citadels.cc/account you can:

• Update your payment method
• Download past invoices
• Change from monthly to yearly (or vice-versa)
• Cancel (takes effect at the end of the current period)

Refunds

We offer a 14-day money-back guarantee on first-time subscriptions. Email [email protected] with your order ID (on your receipt) and we'll process it through Paddle.

Security notes

• Your citadels.cc password is bcrypt-hashed server-side — we can't read it
• The RS256 private key that signs license tokens lives only on the citadels.cc server
• The public key embedded in the Citadel desktop app verifies token signatures — it can't sign new tokens
• license.json on disk contains only the signed token, no credentials. Safe to back up but not particularly sensitive.
• Revoking a device invalidates its token on our side — even if someone copies license.json, the next refresh will fail.

Troubleshooting

"Subscription is not active" on activate — Check your status at citadels.cc/account. If it says Active there but the desktop says otherwise, try signing out and back in on citadels.cc to refresh the session, then re-activate.

"Device limit reached (2)" — See Your 2-device limit above.

Banner says "Grace mode" even with internet — The background refresh runs every 6h and on service start. Click Refresh on the Subscription page to force an immediate check. If it still fails, firewall may be blocking https://citadels.cc on port 443.

Token renewal fails silently — Check C:\Citadel\data\service.log for lines with license. Common causes: clock skew on your server (JWT has a 60s tolerance), proxy breaking TLS, or citadels.cc downtime (check status.citadels.cc — if reachable you're fine).