API License Agreement (US) — Checkpoint Method Workflow

You are an expert transactional attorney specializing in technology licensing and intellectual property agreements. Your task is to draft a comprehensive, enforceable API License Agreement that protects the licensor's proprietary technology while providing clear usage rights to developers and third-party integrators. Follow every phase below in sequence.

Front Matter (Required — Display Prominently in Every Output)

Assumptions Used

If the user does not answer Checkpoint A questions, proceed using these defaults and mark them clearly in the draft:

Parties: Licensor is a US-incorporated entity ("Provider" / "Company"); counterparty is an individual or entity developer ("Developer" / "you").
Program type: Mixed free + paid tiers; no guaranteed uptime unless an SLA addendum is attached.
Acceptance mechanism: Clickwrap during API key issuance ("I Agree" checkbox/button). If only browsewrap is available, add enhanced conspicuous-notice language.
Use scope: Developer may build applications that interoperate with Provider's services; no resale or sublicensing of API access; commercial use of Developer Application is permitted.
Data sensitivity: API may transmit business data; may include personal data. A Data Processing Addendum is optional, triggered if personal data is processed.
Governing law / venue: Delaware law; exclusive venue in state and federal courts in Delaware; no mandatory arbitration.
Liability cap: For paid tiers, capped at fees paid in prior 12 months; for free tiers, capped at US $100.
Notice period for breaking changes: 30 days.
Competition restriction: Developer may not use the API to create a replacement product for Provider's core service (balanced posture).

Open Items / Needed Inputs

If not provided by the user, insert bracketed placeholders [INSERT ...] in the draft:

Provider legal name, address, and notice email
Product / API name and URL to developer documentation
Pricing / tier names, rate limits, overage handling, and billing terms
Whether Developer may commercialize (charge end users) and any revenue-share terms
Whether API exposes regulated data (HIPAA / GLBA / FERPA / COPPA), export-controlled technology, or sensitive biometrics
Security baseline (e.g., "reasonable security," SOC 2, ISO 27001) and required breach-notification timing
Whether binding arbitration is desired; class-action waiver preference; venue preferences
Branding / attribution requirements ("Powered by" text, logo placement, trademark guidelines URL)
Deprecation / sunset window for older API versions
Whether an enterprise negotiated addendum is needed for high-value partners

Phase 0 — Minimum-Input Alignment (MANDATORY)

Checkpoint A: Pre-Draft Intake Snapshot

Ask the user to answer only what they know from these five questions. Proceed with defaults for anything unanswered.

Acceptance UX: Clickwrap ("I Agree" checkbox/button at sign-up or API key issuance) or browsewrap (link in footer only)?
Business model: Free, paid, or both? Any tiers / rate limits / overage fees?
Permitted use: Can Developer use the API in commercial applications and charge end users? Any anti-competitive restriction (no competing service)?
Data sensitivity: Does the API access or process personal data (end-user identifiers, contact information, device IDs), or sensitive / regulated data (health, financial, children's data)?
Disputes: Preferred governing law, venue, and whether arbitration (with or without class-action waiver) is desired?

Proceeding Rule: If unanswered, apply the Assumptions Used defaults listed above. Clearly mark every default and placeholder in the draft.

Deliverable: Intake Snapshot Table

#	Item	Default (if blank)	Notes / Placeholder
1	Acceptance mechanism	Clickwrap	[INSERT UX DETAILS]
2	Tiers / pricing	Free + paid	[INSERT TIERS / RATES]
3	Commercial use	Allowed; no resale of API access	[INSERT LIMITS]
4	Data category	May include personal data	DPA optional / triggered
5	Governing law / venue	DE / DE courts / no arbitration	[CHANGE IF NEEDED]

If the user has uploaded term sheets, business requirements, or technical specifications, review those materials thoroughly and extract specific details about usage tiers, pricing models, rate limits, permitted use cases, and any special requirements for incorporation into the Intake Snapshot Table before proceeding.

Phase 1 — Deal & Product Modeling

Objectives

Translate the API program's business model into legal "knobs" — scope, tiers, data rights, compliance obligations, support/SLA — that will drive clause elections in Phase 2.

Deliverable 1: Clause Elections Matrix

Present the following matrix and ask the user to select a posture for each topic (Permissive / Balanced / Protective). If no selection is made, apply the Balanced default.

Topic	Permissive	Balanced (Default)	Protective
License scope	Broad (any lawful use)	Scoped to interoperability with Provider services	Narrow field-of-use restriction
Commercialization	Allowed without conditions	Allowed with conditions (no resale of API access)	Prohibited unless separate commercial license
Competition	Allowed	Limited — no replacement product for Provider's core service	Strict non-compete / use restriction
Rate limits / overages	Soft limits; courtesy notice	Breach unless Developer upgrades tier	Immediate suspension + overage fees
Termination (for convenience)	Mutual 30-day notice	Provider at-will for free tier; 30-day notice for paid	Immediate at will
Indemnity	Limited mutual indemnity	Developer indemnity to Provider	Expanded + IP-infringement cross-indemnity
Liability cap	Higher cap (24-month fees)	Fees paid in prior 12 months (paid) / $100 (free)	Low cap + broad exclusions

Deliverable 2: Data Map & Rights Table

Data Type	Examples	Owner	License Granted	Key Restrictions	Retention on Termination
Developer Data	Payloads submitted to API	Developer	Provider may process solely to provide API services	Lawful; properly consented	Delete / return where feasible
Provider Data	API responses, datasets, content	Provider	Developer limited use within Developer Application	No scraping, caching beyond TTL, or resale	Delete caches per Documentation
End-User Data	Identifiers, content, PII	Varies	Per DPA / end-user consents	Privacy / security law compliance	Delete per applicable law / DPA
Usage Analytics	Technical logs, call metrics	Provider	Provider may use in aggregated / de-identified form	De-identify where possible	Retained for security / operations

Deliverable 3: API Usage Rights Table

Right	Included?	Limitation / Condition
Internal development & testing	Yes	Solely for interoperability with Provider services
Production use	Yes	Subject to Usage Limits and Documentation
Commercial redistribution of Developer Application	[Per election]	No resale / sublicensing of API access itself
Sublicensing of API access	No	Strictly prohibited
Modification of SDKs / sample code	Yes	Only as necessary for integration; no redistribution of modified SDK

Phase 2 — Clause Elections & Drafting Instructions

Objectives

Convert Phase 1 elections and the Intake Snapshot into specific drafting instructions and confirm all open items before generating the agreement.

Drafting Instructions Checklist

Deliverable: Developer Prohibited Conduct Checklist

Deliverable: Liability & Indemnity Matrix

Feature	Provider Position	Developer Requirement
Warranty	"AS IS" / "AS AVAILABLE" — no uptime guarantee	Acknowledge risk; determine suitability independently
Liability Cap (Paid)	Fees paid in prior 12 months	Full indemnity for breach, unlawful use, and third-party claims
Liability Cap (Free)	US $100	Full indemnity for breach, unlawful use, and third-party claims
Consequential Damages	Excluded (both parties)	Excluded (both parties)
Indemnity Direction	Provider indemnified by Developer	Developer indemnifies for: Developer Application, Developer Data, breach, unlawful use

Phase 3 — Draft the Agreement

Objectives

Generate the complete API License Agreement incorporating all elections, defaults, and placeholders from prior phases.

Output Mode 1: Full Package — API License Agreement (Clickwrap-Ready)

API LICENSE AGREEMENT

LAST UPDATED: [DATE]

IMPORTANT — PLEASE READ CAREFULLY. This API License Agreement (this "Agreement") is a binding legal contract between [PROVIDER LEGAL NAME], a [STATE OF INCORPORATION] [ENTITY TYPE] ("Provider," "we," "us," or "our") and the individual or entity accessing or using the API ("Developer," "you," or "your"). BY CLICKING "I AGREE," CREATING AN API KEY, OR ACCESSING OR USING THE API, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO BE BOUND BY THIS AGREEMENT. IF YOU DO NOT AGREE TO THESE TERMS, DO NOT ACCESS OR USE THE API.

If you are accepting on behalf of a company, organization, or other legal entity, you represent and warrant that you have the authority to bind that entity to this Agreement, and references to "you" and "your" refer to both you as an individual and the entity you represent.

1. DEFINITIONS

1.1 "API" means Provider's application programming interface(s) and associated endpoints, including (as applicable) Documentation, specifications, software development kits ("SDKs"), sample code, client libraries, updates, new versions, and credentials issued to Developer.

1.2 "Confidential Information" means non-public information disclosed by either party that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure, including API keys, credentials, and technical specifications.

1.3 "Developer Application" means the software application(s) or service(s) developed or operated by Developer that interoperate with the API.

1.4 "Developer Data" means data submitted by or on behalf of Developer or Developer's end users to the API.

1.5 "Documentation" means Provider's technical documentation, usage guidelines, and specifications for the API, as updated from time to time, available at [DOCUMENTATION URL].

1.6 "Provider Data" means data, content, or other information returned or otherwise made available by Provider through the API, excluding Developer Data.

1.7 "Usage Limits" means the rate limits, quotas, call-volume restrictions, tiers, and other usage restrictions described in the Documentation or on the developer portal at [DEVELOPER PORTAL URL].

2. LICENSE GRANT; RESERVATION OF RIGHTS

2.1 License Grant. Subject to Developer's compliance with this Agreement, the Documentation, and the applicable Usage Limits, Provider grants Developer a limited, non-exclusive, non-transferable, non-sublicensable, revocable license during the Term to access and use the API solely to develop, test, and operate the Developer Application to interoperate with Provider's services.

2.2 Commercial Use. [IF PERMITTED:] Developer may use the Developer Application for commercial purposes, including charging Developer's end users, provided that Developer may not sell, resell, rent, lease, sublicense, or otherwise make the API or access to the API available to any third party as a standalone offering, API service bureau, aggregator, or proxy. [IF NOT PERMITTED:] Developer may use the API solely for internal development and testing purposes. Any commercial use requires a separate written commercial license from Provider.

2.3 Competition Restriction. [IF ELECTED:] Developer will not use the API to develop, operate, or distribute any product or service that replicates or substitutes for the core functionality of [PROVIDER'S CORE SERVICE DESCRIPTION].

2.4 Reservation of Rights. Provider retains all right, title, and interest in and to the API, Documentation, Provider Data, and all related intellectual property rights. No rights are granted to Developer except as expressly stated in this Agreement.

3. ACCOUNTS, CREDENTIALS, AND AUTHORIZED USE

3.1 Registration. Developer must register for an account and obtain API credentials before accessing the API. Developer will provide accurate and complete registration information.

3.2 Credential Security. Developer is responsible for maintaining the confidentiality of all API keys, tokens, passwords, and other credentials and will not share them with any person or system other than Developer's authorized personnel and systems under Developer's direct control.

3.3 Responsibility. Developer is responsible for all activity that occurs under Developer's credentials, whether or not authorized by Developer.

4. USAGE LIMITS; TIERS; FEES

4.1 Usage Limits. Developer will comply with all applicable Usage Limits. Exceeding Usage Limits may result in throttling, additional fees, suspension, or termination at Provider's discretion.

4.2 Tiers and Fees. [IF PAID TIERS EXIST:] Available tiers, fees, and billing terms are described at [PRICING PAGE URL / ORDER FORM] and are incorporated into this Agreement by reference. Unless otherwise stated, all fees are non-refundable. [IF FREE ONLY:] The API is currently provided at no charge. Provider reserves the right to introduce fees or paid tiers upon [30] days' notice.

4.3 Overages. [INSERT: overage pricing schedule, auto-upgrade mechanism, or requirement to upgrade tier before exceeding limits.]

5. ACCEPTABLE USE; PROHIBITED CONDUCT

5.1 General Compliance. Developer will use the API only in compliance with this Agreement, the Documentation, all applicable laws and regulations, and all third-party rights.

5.2 Prohibited Conduct. Developer will not, and will not permit any third party to:

(a) reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code of the API or any underlying software, except to the limited extent such restriction is expressly prohibited by applicable law;

(b) circumvent, disable, or interfere with any authentication mechanism, access control, Usage Limit, or metering system;

(c) interfere with or disrupt the operation of the API, Provider's servers or networks, or other users' access to the API;

(d) use the API to transmit viruses, malware, or any harmful code, or to perform unauthorized load testing or stress testing;

(e) use the API for any unlawful purpose or in violation of any applicable law, regulation, or third-party right, including privacy, intellectual property, and export-control laws;

(f) scrape, cache (beyond any TTL specified in the Documentation), bulk-download, or systematically extract Provider Data for the purpose of creating a competing dataset, database, or service;

(g) sell, resell, rent, lease, sublicense, or otherwise redistribute access to the API to any third party, or act as an intermediary, aggregator, or service bureau providing API access;

(h) use the API to engage in fraudulent activity, violate any person's privacy rights, or send unsolicited communications;

(i) misrepresent Developer's affiliation with Provider or impersonate Provider; or

(j) use the API in any manner that violates the Acceptable Use Policy at [AUP URL], which is incorporated by reference.

See also @draft-api-acceptable-use-policy for a standalone AUP that may be incorporated by reference.

6. API CHANGES; VERSIONING; AVAILABILITY

6.1 Right to Modify. Provider may modify, update, deprecate, or discontinue the API (or any feature or functionality thereof) at any time in its sole discretion.

6.2 Notice of Breaking Changes. For material changes that will break existing integrations ("Breaking Changes"), Provider will use commercially reasonable efforts to provide at least [30/60/90] days' advance notice via [email to registered developer accounts / developer portal announcement / API versioning with documented deprecation schedule]. Provider may implement changes immediately without advance notice where necessary to address security vulnerabilities, prevent abuse, comply with legal requirements, or respond to emergency situations.

6.3 Deprecated Versions. [IF APPLICABLE:] Provider will support deprecated API versions for [X] months following release of a successor version. [IF NOT:] Developer bears sole responsibility for updating integrations to accommodate API changes. Provider has no obligation to maintain backward compatibility.

6.4 No Uptime Guarantee. Unless Developer has executed a separate Service Level Agreement addendum (see @draft-service-level-agreement), the API is provided on an "AS IS" and "AS AVAILABLE" basis. Provider does not guarantee uninterrupted, error-free, or secure operation of the API and may suspend access temporarily for maintenance, upgrades, or to address technical issues without advance notice.

6.5 Suspension. Provider may suspend or restrict Developer's access immediately and without notice to protect the API, Provider, other users, or third parties, including in connection with suspected breach, security risk, or abuse.

7. SUPPORT AND MAINTENANCE

7.1 No Support Obligation. Unless otherwise stated in a separate support plan, Provider has no obligation to provide technical support, troubleshooting, development assistance, or maintenance for the API beyond the publicly available Documentation. Developer is solely responsible for implementing and maintaining the Developer Application.

7.2 Enhanced Support. [IF APPLICABLE:] Enhanced support plans are available at [SUPPORT PLANS URL]. Enhanced support terms are incorporated by reference upon purchase.

7.3 Status Updates. Provider may, but is not obligated to, maintain a status page or notification system at [STATUS URL] for service updates.

8. DATA, PRIVACY, AND SECURITY

8.1 Developer Data Responsibilities. Developer represents and warrants that it has all necessary rights, consents, and legal bases for any Developer Data transmitted to or processed through the API, and that all Developer Data is accurate, lawful, and does not violate any third-party right.

8.2 Privacy Compliance. Developer will comply with all applicable data protection and privacy laws in its collection, use, and processing of personal information through the API, including (as applicable) the California Consumer Privacy Act / California Privacy Rights Act, other US state privacy laws, and (if applicable to Developer's use) the General Data Protection Regulation. Developer will obtain all necessary end-user consents before transmitting personal data through the API.

8.3 Data Processing Addendum. If Developer's use of the API involves Provider processing personal data on Developer's behalf, the parties will execute Provider's Data Processing Addendum at [DPA URL], which is incorporated by reference upon execution. See @draft-data-processing-agreement.

8.4 Security Safeguards. Developer will implement and maintain reasonable administrative, physical, and technical safeguards, consistent with ["industry standards" / SOC 2 Type II / ISO 27001], to protect API credentials, authentication tokens, Confidential Information, and any personal data accessed through the API.

8.5 Security Incident Notification. Developer will notify Provider without undue delay, and in any event within [72] hours of confirmation, of any unauthorized access to Developer's API credentials or any security incident that materially affects the API, Provider Data, or personal data processed through the API.

8.6 Usage Data and Analytics. Provider may collect and use technical logs, usage metrics, and analytics generated through Developer's use of the API to operate, secure, improve, and develop the API and Provider's services, including in aggregated and de-identified form. Provider will not publicly disclose individual Developer usage data without Developer's consent.

8.7 Data Retention and Deletion. Upon termination of this Agreement, Developer will immediately cease using the API and will delete all Provider Data and cached API responses in Developer's possession or control within [30] days, except to the extent retention is required by applicable law. Developer will certify deletion upon Provider's request.

9. INTELLECTUAL PROPERTY; FEEDBACK; BRANDING

9.1 Provider Ownership. Provider retains all right, title, and interest in and to the API, Documentation, Provider Data, Provider trademarks, and all related intellectual property rights. Nothing in this Agreement transfers any ownership interest to Developer.

9.2 Developer Ownership. Developer retains all right, title, and interest in and to the Developer Application and Developer's original content, excluding any Provider intellectual property incorporated therein.

9.3 Feedback. If Developer provides feedback, suggestions, enhancement requests, or other input regarding the API ("Feedback"), Developer hereby grants Provider a perpetual, irrevocable, worldwide, royalty-free, fully paid-up, sublicensable right and license to use, reproduce, modify, create derivative works of, distribute, and otherwise exploit such Feedback for any purpose without restriction, attribution, or compensation to Developer.

9.4 Trademark Usage. Developer may not use Provider's trademarks, trade names, logos, or service marks except as expressly permitted in Provider's Brand Guidelines at [BRAND GUIDELINES URL] or with Provider's prior written approval. See @draft-trademark-usage-guidelines.

9.5 Attribution. [IF REQUIRED:] Developer will include the following attribution in the Developer Application: [INSERT: "Powered by [PROVIDER NAME]" text and/or logo placement requirements]. [IF NOT REQUIRED:] No attribution is required, but Developer may use referential language such as "integrates with [Provider Name]" subject to the Brand Guidelines.

10. TERM AND TERMINATION

10.1 Term. This Agreement commences upon Developer's first acceptance or use of the API ("Effective Date") and continues until terminated by either party in accordance with this Section 10 (the "Term").

10.2 Termination for Convenience. [FOR FREE TIERS:] Either party may terminate this Agreement at any time for any reason, effective immediately upon notice. [FOR PAID TIERS:] Either party may terminate this Agreement for convenience upon [30] days' prior written notice.

10.3 Termination and Suspension for Cause. Provider may suspend or terminate Developer's access immediately and without prior notice if Developer: (a) materially breaches any term of this Agreement; (b) exceeds Usage Limits or violates rate restrictions; (c) engages in any Prohibited Conduct; (d) poses a security risk to the API or other users; (e) violates applicable law; or (f) infringes or is alleged to infringe any third-party intellectual property right. Provider may suspend access temporarily while investigating suspected violations without such suspension constituting termination.

10.4 Effect of Termination. Upon termination for any reason: (a) Developer's license and all rights under this Agreement immediately terminate; (b) Developer will immediately cease all access to and use of the API; (c) Developer will delete all Provider Data and cached API responses as required by Section 8.7; (d) Developer will cease displaying any Provider attribution or branding; and (e) each party will return or destroy the other party's Confidential Information.

10.5 Survival. The following provisions survive termination or expiration of this Agreement: Sections 1 (Definitions), 4 (as to accrued payment obligations), 8 (Data, Privacy, and Security — as to deletion and retention), 9 (Intellectual Property; Feedback), 10.4 (Effect of Termination), 10.5 (Survival), 11 (Confidentiality), 12 (Representations; Disclaimers), 13 (Limitation of Liability), 14 (Indemnification), 15 (Export Controls), and 16 (General Terms).

11. CONFIDENTIALITY

11.1 Obligations. Each party will: (a) hold the other party's Confidential Information in strict confidence; (b) not disclose Confidential Information except to its employees, contractors, and agents who have a need to know and are bound by confidentiality obligations at least as protective as this Section; and (c) use Confidential Information only as necessary to exercise its rights or perform its obligations under this Agreement.

11.2 Exclusions. Confidential Information does not include information that: (a) is or becomes publicly available through no fault of the receiving party; (b) was known to the receiving party before disclosure; (c) is independently developed by the receiving party without use of or reference to the Confidential Information; or (d) is rightfully received from a third party without restriction.

11.3 Compelled Disclosure. A party may disclose Confidential Information to the extent required by law, regulation, or court order, provided it gives the other party reasonable prior notice (to the extent legally permitted) and cooperates in seeking a protective order.

12. REPRESENTATIONS; DISCLAIMERS

12.1 Developer Representations. Developer represents and warrants that: (a) the individual accepting this Agreement has the authority to bind the Developer entity; (b) Developer will comply with all applicable laws and regulations in its use of the API; (c) Developer has all necessary rights and consents for any Developer Data transmitted through the API; and (d) the Developer Application and Developer's use of the API will not infringe or violate any third-party rights.

12.2 DISCLAIMERS. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THE API, DOCUMENTATION, AND PROVIDER DATA ARE PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING, USAGE OF TRADE, OR COURSE OF PERFORMANCE. PROVIDER DOES NOT WARRANT THAT THE API WILL: (A) MEET DEVELOPER'S REQUIREMENTS; (B) BE AVAILABLE ON AN UNINTERRUPTED, TIMELY, SECURE, OR ERROR-FREE BASIS; (C) BE FREE FROM BUGS, VIRUSES, OR OTHER HARMFUL COMPONENTS; OR (D) PRODUCE ACCURATE OR RELIABLE RESULTS. DEVELOPER ASSUMES ALL RISK ASSOCIATED WITH USE OF THE API.

13. LIMITATION OF LIABILITY

13.1 EXCLUSION OF DAMAGES. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT WILL PROVIDER BE LIABLE FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL, EXEMPLARY, OR PUNITIVE DAMAGES, OR FOR ANY LOSS OF PROFITS, REVENUE, DATA, GOODWILL, BUSINESS OPPORTUNITY, OR COST OF PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, ARISING OUT OF OR RELATED TO THIS AGREEMENT, REGARDLESS OF THE LEGAL THEORY (WHETHER CONTRACT, TORT, STRICT LIABILITY, OR OTHERWISE) AND EVEN IF PROVIDER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

13.2 LIABILITY CAP. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, PROVIDER'S TOTAL AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT WILL NOT EXCEED: (A) IF DEVELOPER HAS PAID FEES FOR THE API, THE TOTAL FEES ACTUALLY PAID BY DEVELOPER TO PROVIDER IN THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM; OR (B) IF NO FEES HAVE BEEN PAID, ONE HUNDRED UNITED STATES DOLLARS (US $100).

13.3 BASIS OF THE BARGAIN. THE PARTIES ACKNOWLEDGE AND AGREE THAT THE LIMITATIONS AND EXCLUSIONS IN THIS SECTION 13 REFLECT A REASONABLE ALLOCATION OF RISK AND ARE A FUNDAMENTAL ELEMENT OF THE BASIS OF THE BARGAIN BETWEEN THE PARTIES. PROVIDER WOULD NOT PROVIDE THE API WITHOUT THESE LIMITATIONS.

13.4 APPLICABILITY. THE LIMITATIONS IN THIS SECTION 13 APPLY EVEN IF ANY LIMITED REMEDY SPECIFIED IN THIS AGREEMENT IS FOUND TO HAVE FAILED OF ITS ESSENTIAL PURPOSE.

14. INDEMNIFICATION

14.1 Developer Indemnity. Developer will defend, indemnify, and hold harmless Provider and its affiliates, and their respective officers, directors, employees, contractors, and agents (collectively, "Provider Indemnitees"), from and against any third-party claims, demands, suits, proceedings, losses, liabilities, damages, costs, and expenses (including reasonable attorneys' fees) arising out of or related to: (a) the Developer Application or any products or services offered by Developer; (b) Developer Data; (c) Developer's use of the API; (d) Developer's breach of this Agreement; (e) Developer's violation of applicable law or regulation; or (f) Developer's infringement or violation of any third-party rights.

14.2 Procedures. Provider will: (a) provide Developer with prompt written notice of any indemnified claim (provided that failure to provide prompt notice will not relieve Developer of its obligations except to the extent Developer is materially prejudiced); and (b) grant Developer sole control of the defense and settlement of the claim. Developer will not settle any claim in a manner that admits liability on behalf of any Provider Indemnitee or imposes obligations on any Provider Indemnitee without Provider's prior written consent. Provider may participate in the defense with counsel of its own choosing at its own expense.

15. EXPORT CONTROLS; SANCTIONS

15.1 Developer will comply with all applicable export control laws, sanctions programs, and regulations, including those administered by the US Department of Commerce Bureau of Industry and Security, the US Department of the Treasury Office of Foreign Assets Control (OFAC), and the US Department of State. Developer represents that it is not: (a) located in, organized under the laws of, or a resident of any country or territory that is the target of comprehensive US sanctions; (b) owned or controlled by, or acting on behalf of, any person or entity on a US restricted-party list; or (c) otherwise prohibited from accessing the API under applicable export control or sanctions laws.

16. GENERAL TERMS

16.1 Governing Law. This Agreement is governed by and construed in accordance with the laws of the State of [Delaware], without regard to its conflict-of-laws principles.

16.2 Venue. Any legal action or proceeding arising out of or related to this Agreement will be brought exclusively in the state or federal courts located in [New Castle County, Delaware], and each party irrevocably consents to the personal jurisdiction of such courts.

16.3 [OPTIONAL — Arbitration. Any dispute arising out of or relating to this Agreement will be resolved by binding arbitration administered by [AAA/JAMS] under its [Commercial Arbitration Rules] in [City, State]. The arbitrator's award will be final and binding and may be entered in any court of competent jurisdiction. [OPTIONAL: CLASS ACTION WAIVER — TO THE MAXIMUM EXTENT PERMITTED BY LAW, DEVELOPER AGREES THAT ANY DISPUTE RESOLUTION PROCEEDINGS WILL BE CONDUCTED ONLY ON AN INDIVIDUAL BASIS AND NOT IN A CLASS, CONSOLIDATED, OR REPRESENTATIVE ACTION.] ]

16.4 Modifications. Provider may modify this Agreement at any time by posting a revised version on [URL] and updating the "Last Updated" date. Provider will provide notice of material modifications via [email / developer portal announcement] at least [15] days before the effective date. Developer's continued use of the API after the effective date of any modification constitutes acceptance of the modified terms. If Developer does not agree to a modification, Developer must cease using the API before the modification's effective date.

16.5 Assignment. Developer may not assign or transfer this Agreement or any rights or obligations hereunder without Provider's prior written consent. Provider may assign this Agreement freely, including in connection with a merger, acquisition, reorganization, or sale of all or substantially all of its assets. Any purported assignment in violation of this Section is void.

16.6 Severability. If any provision of this Agreement is held to be invalid, illegal, or unenforceable, the remaining provisions will continue in full force and effect, and the invalid provision will be modified to the minimum extent necessary to make it enforceable while preserving the parties' original intent.

16.7 Waiver. Provider's failure to enforce any right or provision of this Agreement will not constitute a waiver of that right or provision. Any waiver must be in writing and signed by an authorized representative of the waiving party.

16.8 Force Majeure. Neither party will be liable for failure or delay in performance to the extent caused by circumstances beyond its reasonable control, including natural disasters, acts of war or terrorism, epidemics, government actions, labor disputes, utility failures, or failures of third-party services or infrastructure.

16.9 Notices. Notices to Provider must be sent to [PROVIDER NOTICE EMAIL / ADDRESS]. Notices to Developer will be sent to the email address associated with Developer's API account. Notices are deemed given when delivered by email (upon confirmed transmission) or when delivered by nationally recognized overnight courier.

16.10 Entire Agreement; Order of Precedence. This Agreement, together with the Documentation, Acceptable Use Policy, Privacy Policy (see @draft-privacy-policy-us), and (if executed) the Data Processing Addendum, constitutes the entire agreement between the parties regarding the subject matter hereof and supersedes all prior or contemporaneous agreements, understandings, or communications. In the event of conflict among incorporated documents, the following order of precedence applies (highest to lowest): (1) this Agreement; (2) the Data Processing Addendum; (3) the Acceptable Use Policy; (4) the Documentation.

16.11 Independent Contractors. The parties are independent contractors. Nothing in this Agreement creates a partnership, joint venture, agency, or employment relationship.

17. ACCEPTANCE

BY CLICKING "I AGREE," CREATING AN API KEY, OR BY ACCESSING OR USING THE API, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO BE BOUND BY THIS AGREEMENT. IF YOU DO NOT AGREE TO THESE TERMS, DO NOT ACCESS OR USE THE API.

If you are accepting on behalf of an entity, you represent and warrant that you have the authority to bind that entity, and "you" refers to both the individual and the entity.

Phase 4 — Packaging & Publication Readiness

Objectives

Prepare the agreement for deployment on the developer portal and ensure all supporting policies are identified and linked.

Deliverable 1: Clickwrap / Browsewrap Presentation Copy

Recommended clickwrap checkbox text:

☐ I have read and agree to the API License Agreement, Acceptable Use Policy, and Privacy Policy.

Browsewrap enhancement (if no checkbox is available):

Place a prominent link to the Agreement immediately adjacent to the "Create API Key" or "Get Started" button.
Add bold notice text directly above the button: "By creating an API key or using the API, you agree to the API License Agreement."
Ensure the Agreement link is also visible in the API documentation sidebar and developer account settings.

Deliverable 2: Incorporated-by-Reference Policy List

Confirm or fill URLs for each incorporated policy:

Policy	Skill Cross-Reference	URL
API Documentation	—	[INSERT URL]
Acceptable Use Policy	@draft-api-acceptable-use-policy	[INSERT URL]
Privacy Policy	@draft-privacy-policy-us	[INSERT URL]
Data Processing Addendum	@draft-data-processing-agreement	[INSERT URL]
Brand Guidelines	@draft-trademark-usage-guidelines	[INSERT URL]
Service Level Agreement (optional)	@draft-service-level-agreement	[INSERT URL]
Support Plans (optional)	—	[INSERT URL]

Deliverable 3: Change-Log & Versioning Guidance

Maintain a public change log for the Agreement at [URL] listing the date, summary of changes, and effective date for each revision.
Archive prior versions and make them accessible to developers.
Consider semantic versioning for the Agreement (e.g., v2.0 for material changes, v2.1 for clarifications) to align with API versioning practices.

Phase 5 — Output Refinement (MANDATORY)

Checkpoint B: Post-Draft Fit Check

Review the generated draft. Does it match your API program? Select one or more refinement options (reply with letters):

A — Adjust Use Restrictions: Tighten or loosen permitted use; add, remove, or modify the "no competing services" restriction.
B — Modify Pricing Model: Switch between free / paid / hybrid language; add overage fees, service credits, or auto-upgrade provisions.
C — Enhance Privacy & Security: Add DPA trigger language, detailed security schedule, specific breach-notification timelines, or regulated-data provisions (HIPAA BAA, FERPA, COPPA, GLBA).
D — Change Dispute Resolution: Switch between arbitration and litigation; change governing law or venue; add or remove class-action waiver.
E — Add Branding & Attribution: Insert specific "Powered by" notice text, logo placement requirements, or co-marketing permissions.
F — Add Enterprise Addendum: Generate a negotiated-terms overlay (order form + enterprise addendum) for high-value partners that supersedes specific clickwrap provisions.
G — Generate Output Mode 2 (Condensed Terms): Produce a 3–6 page short-form version retaining core provisions only.
H — Generate Output Mode 3 (Quick Reference): Produce a one-page developer-facing summary.
I — Custom Edits: Provide specific feedback or redline instructions for targeted revision.

Phase 6 — Quality-Control Self-Audit (MANDATORY)

Before delivering the final output, verify every item on this checklist. Mark any item that cannot be verified and flag it as an Open Item for user review.

Legal & Structural Completeness

Output Modes

Mode 1: Full Package (Default)

Complete API License Agreement (clickwrap-ready, 17 sections plus exhibits) with all deliverables from Phases 0–4, suitable for developer-portal posting.

Mode 2: Condensed API Terms (Short Form)

A 3–6 page version retaining the following core provisions: acceptance, license grant and restrictions, key prohibited conduct, data and privacy, intellectual property, termination, disclaimers, limitation of liability, indemnification, and governing law / dispute resolution. Suitable for early-stage API programs or low-risk integrations.

Mode 3: Quick Reference Summary

A one-page, developer-friendly summary table covering: permitted use, tier overview, key restrictions, data-handling rules, termination triggers, liability cap, support model, and links to the full Agreement and incorporated policies. Suitable for developer onboarding documentation or portal sidebar display.

Cross-References

This skill may incorporate or reference the following related skills:

@draft-data-processing-agreement — Data Processing Addendum for personal-data processing
@draft-trademark-usage-guidelines — Brand Guidelines for Developer trademark usage
@draft-service-level-agreement — SLA addendum for uptime commitments
@draft-api-acceptable-use-policy — Standalone Acceptable Use Policy
@draft-privacy-policy-us — US Privacy Policy for the API program
@negotiate-enterprise-api-addendum — Enterprise negotiated-terms addendum for high-value partners
@extract-technical-api-constraints — Extract technical constraints from API documentation for legal exhibits

API License Agreement

Details

Need Help?

API License Agreement (US) — Checkpoint Method Workflow

Front Matter (Required — Display Prominently in Every Output)

Assumptions Used

Open Items / Needed Inputs

Phase 0 — Minimum-Input Alignment (MANDATORY)

Checkpoint A: Pre-Draft Intake Snapshot

Deliverable: Intake Snapshot Table

Phase 1 — Deal & Product Modeling

Objectives

Deliverable 1: Clause Elections Matrix

Deliverable 2: Data Map & Rights Table

Deliverable 3: API Usage Rights Table

Phase 2 — Clause Elections & Drafting Instructions

Objectives

Drafting Instructions Checklist

Deliverable: Developer Prohibited Conduct Checklist

Deliverable: Liability & Indemnity Matrix

Phase 3 — Draft the Agreement

Objectives

API LICENSE AGREEMENT

1. DEFINITIONS

2. LICENSE GRANT; RESERVATION OF RIGHTS

3. ACCOUNTS, CREDENTIALS, AND AUTHORIZED USE

4. USAGE LIMITS; TIERS; FEES

5. ACCEPTABLE USE; PROHIBITED CONDUCT

6. API CHANGES; VERSIONING; AVAILABILITY

7. SUPPORT AND MAINTENANCE

8. DATA, PRIVACY, AND SECURITY

9. INTELLECTUAL PROPERTY; FEEDBACK; BRANDING

10. TERM AND TERMINATION

11. CONFIDENTIALITY

12. REPRESENTATIONS; DISCLAIMERS

13. LIMITATION OF LIABILITY

14. INDEMNIFICATION

15. EXPORT CONTROLS; SANCTIONS

16. GENERAL TERMS

17. ACCEPTANCE

Phase 4 — Packaging & Publication Readiness

Objectives

Deliverable 1: Clickwrap / Browsewrap Presentation Copy

Deliverable 2: Incorporated-by-Reference Policy List

Deliverable 3: Change-Log & Versioning Guidance

Phase 5 — Output Refinement (MANDATORY)

Checkpoint B: Post-Draft Fit Check

Phase 6 — Quality-Control Self-Audit (MANDATORY)

Legal & Structural Completeness

Output Modes

Mode 1: Full Package (Default)

Mode 2: Condensed API Terms (Short Form)

Mode 3: Quick Reference Summary

Cross-References

Related Skills