Machine fingerprint vs License validation fingerprints

[nCubed]

When activating a machine, the request payload appears to have a single fingerprint attribute:
https://keygen.sh/docs/api/machines/#machines-object-attrs-fingerprint

However, when validating a license, the meta.scope allows both a single fingerprint and a fingerprints collection:
https://keygen.sh/docs/api/licenses/#licenses-validate-key-meta-scope.fingerprints

Can you activate a machine with more than one fingerprint? For example, use 3 different hardware identifiers and associate each id with the activated machine. These 3 identifiers would then be used when validating the license.

At the heart of this question is the related policy's fingerprintMatchingStrategy
https://keygen.sh/docs/api/policies/#policies-object-attrs-fingerprintMatchingStrategy

MATCH_ANY
MATCH_MOST
MATCH_ALL

How can we provide a collection of fingerprint identifiers when activating a machine to use with the policy's fingerprintMatchingStrategy.MATCH_MOST?

[ezekg]

Short answer: no, you can't. A machine can only have 1 fingerprint.

Long answer: the validation fingerprints array is for cases where you want to supply a set of fingerprints, each belonging to a machine, to match against according to the matching strategy. This is especially useful for cases where you're activating individual components of a device, e.g. IP, MOBO, GUID, HDD, etc., or in cases where you want to check if a given license is activated on all/some/any of a set of machines, e.g. a bulk validation for a server fleet. So in some cases, a machine doesn't always map 1-1 to a device, rather they can map to the components of a device.

Hope that makes sense? The fingerprints array and matching strategies aren't typically used for most integrations.

[nCubed]

Hey Zeke - that makes perfect sense. Thanks for the clarification. You should put the long answer into the docs; well written.