Skip to content
POST AI agent ready /v1/license/lookup

Software License API - Free SPDX License Lookup

Send an SPDX license identifier (e.g., "MIT", "Apache-2.0", "GPL-3.0-only") and receive detailed license metadata including permissions, conditions, limitations, and whether the license is OSI-approved or FSF-libre. Covers 500+ SPDX-listed licenses.

Parameters

stringrequired

SPDX license identifier (e.g., "MIT", "Apache-2.0", "GPL-3.0-only").

Code examples

curl -X POST https://api.botoi.com/v1/license/lookup \
  -H "Content-Type: application/json" \
  -d '{"id":"MIT"}'

When to use this API

Dependency license auditing

Scan your package.json or go.mod dependencies, resolve each license SPDX ID, and flag packages with copyleft or non-OSI-approved licenses before they enter your codebase.

Open-source compliance dashboards

Build an internal dashboard that displays license permissions, conditions, and limitations for every third-party library your team uses, helping legal teams approve new dependencies faster.

Repository README generation

Auto-populate a "License" section in generated READMEs with the full license name, a permissions summary, and a link to the SPDX page.

Frequently asked questions

What is an SPDX identifier?
SPDX (Software Package Data Exchange) identifiers are short, standardized strings that uniquely identify open-source licenses. Examples: "MIT", "Apache-2.0", "GPL-3.0-only". The full list is maintained at spdx.org/licenses.
How many licenses are supported?
The API covers all 500+ licenses in the official SPDX license list, including OSI-approved, FSF-libre, and deprecated licenses.
What do the permissions, conditions, and limitations arrays contain?
Permissions list what the license allows (commercial use, modification, distribution). Conditions list what you must do (include copyright notice, disclose source). Limitations list what the license does not grant (liability, warranty).
Can I check if a license is compatible with my project?
The API returns metadata for a single license. Compatibility analysis depends on your project license. Use the permissions, conditions, and limitations fields to compare two licenses programmatically.
Are deprecated SPDX licenses included?
Yes. Deprecated licenses are returned with is_deprecated: true. Examples include "GPL-2.0" (replaced by "GPL-2.0-only" and "GPL-2.0-or-later").

Get your API key

Free tier includes 5 requests per minute with no credit card required. Upgrade for higher limits.

Sign up free View full docs