DuendeSoftware · josephdecock · Jul 24, 2025 · Jul 24, 2025
@@ -105,13 +105,14 @@ internal void ValidateClient(string clientId, IdentityServerLicense license)
 
         EnsureAdded(ref _clientIds, _clientIdLock, clientId);
 
+        // Only log for redistribution case because license v2 logs all other cases
         if (license != null && license.RedistributionFeature)
         {
             if (_clientIds.Count > license.ClientLimit)
             {
                 ErrorLog.Invoke(
-                    "Your license for Duende IdentityServer only permits {clientLimit} number of clients. You have processed requests for {clientCount}. The clients used were: {clients}.",
-                    [license.ClientLimit, _clientIds.Count, _clientIds.ToArray()]);
+                    "Your license for IdentityServer includes {clientLimit} clients but you have processed requests for {clientCount} clients. Please contact {contactInfo} at {companyName} or start a conversation with us at https://duende.link/l/contact to upgrade your license as soon as possible. In a future version, this limit will be enforced after a threshold is exceeded. The clients used were: {clients}.",
+                    [license.ClientLimit, _clientIds.Count, license.ContactInfo, license.CompanyName, _clientIds.ToArray()]);
             }
         }
     }
@@ -131,12 +132,13 @@ internal void ValidateIssuer(string iss, IdentityServerLicense license)
 
         EnsureAdded(ref _issuers, _issuerLock, iss);
 
+        // Only log for redistribution case because license v2 logs all other cases
         if (license != null && license.RedistributionFeature)
         {
             if (_issuers.Count > license.IssuerLimit)
             {
                 ErrorLog.Invoke(
-                    "Your license for Duende IdentityServer only permits {issuerLimit} number of issuers. You have processed requests for {issuerCount}. The issuers used were: {issuers}. This might be due to your server being accessed via different URLs or a direct IP and/or you have reverse proxy or a gateway involved. This suggests a network infrastructure configuration problem, or you are deliberately hosting multiple URLs and require an upgraded license.",
+                    "Your license for IdentityServer includes {issuerLimit} issuers but you have processed requests for {issuerCount} issuers. This indicates that requests for each issuer are being sent to this instance of IdentityServer, which may be due to a network infrastructure configuration issue. If you intend to use multiple issuers, please contact {contactInfo} at {companyName} or start a conversation with us at https://duende.link/l/contact to upgrade your license as soon as possible. In a future version, this limit will be enforced after a threshold is exceeded. The issuers used were {issuers}.",
                     [license.IssuerLimit, _issuers.Count, _issuers.ToArray()]);
             }
         }

@@ -21,7 +21,7 @@ public void CheckExpiration()
         if (!_expiredLicenseWarned && !license.Current.Redistribution && IsExpired)
         {
             _expiredLicenseWarned = true;
-            _logger.LicenseHasExpired();
+            _logger.LicenseHasExpired(license.Current.ContactInfo ?? "<contact info missing>", license.Current.CompanyName ?? "<company name missing>");
         }
     }
 

@@ -55,21 +55,23 @@ public void ClientUsed(string clientId)
             return;
         }
 
-        if (licenseAccessor.Current.IsConfigured)
+        var license = licenseAccessor.Current;
+
+        if (license.IsConfigured)
         {
-            if (licenseAccessor.Current.Redistribution || !licenseAccessor.Current.ClientLimit.HasValue)
+            if (license.Redistribution || !license.ClientLimit.HasValue)
             {
                 return;
             }
 
-            var clientLimitOverage = _clientsUsed.Values.Count - licenseAccessor.Current.ClientLimit;
+            var clientLimitOverage = _clientsUsed.Values.Count - license.ClientLimit;
             switch (clientLimitOverage)
             {
                 case > ClientLimitExceededThreshold:
-                    _logger.ClientLimitExceededOverThreshold(licenseAccessor.Current.ClientLimit.Value, _clientsUsed.Values.Count, ClientLimitExceededThreshold, _clientsUsed.Values);
+                    _logger.ClientLimitExceededOverThreshold(license.ClientLimit.Value, _clientsUsed.Values.Count, license.ContactInfo, license.CompanyName, _clientsUsed.Values);
                     break;
                 case > 0:
-                    _logger.ClientLimitExceededWithinOverageThreshold(licenseAccessor.Current.ClientLimit.Value, _clientsUsed.Values.Count, ClientLimitExceededThreshold, _clientsUsed.Values);
+                    _logger.ClientLimitExceededWithinOverageThreshold(license.ClientLimit.Value, _clientsUsed.Values.Count, license.ContactInfo, license.CompanyName, _clientsUsed.Values);
                     break;
             }
         }
@@ -93,21 +95,23 @@ public void IssuerUsed(string issuer)
             return;
         }
 
-        if (licenseAccessor.Current.IsConfigured)
+        var license = licenseAccessor.Current;
+
+        if (license.IsConfigured)
         {
-            if (licenseAccessor.Current.Redistribution || !licenseAccessor.Current.IssuerLimit.HasValue)
+            if (license.Redistribution || !license.IssuerLimit.HasValue)
             {
                 return;
             }
 
-            var issuerLimitOverage = _issuersUsed.Values.Count - licenseAccessor.Current.IssuerLimit;
+            var issuerLimitOverage = _issuersUsed.Values.Count - license.IssuerLimit;
             switch (issuerLimitOverage)
             {
                 case > IssuerLimitExceededThreshold:
-                    _logger.IssuerLimitExceededOverThreshold(licenseAccessor.Current.IssuerLimit.Value, _issuersUsed.Values.Count, IssuerLimitExceededThreshold, _issuersUsed.Values);
+                    _logger.IssuerLimitExceededOverThreshold(license.IssuerLimit.Value, _issuersUsed.Values.Count, license.ContactInfo, license.CompanyName, _issuersUsed.Values);
                     break;
                 case > 0:
-                    _logger.IssuerLimitExceededWithinOverageThreshold(licenseAccessor.Current.IssuerLimit.Value, _issuersUsed.Values.Count, IssuerLimitExceededThreshold, _issuersUsed.Values);
+                    _logger.IssuerLimitExceededWithinOverageThreshold(license.IssuerLimit.Value, _issuersUsed.Values.Count, license.ContactInfo, license.CompanyName, _issuersUsed.Values);
                     break;
             }
         }

@@ -10,12 +10,12 @@ internal static class LicenseLogParameters
     public const string Threshold = "Threshold";
     public const string ClientLimit = "ClientLimit";
     public const string ClientCount = "ClientCount";
-    public const string ClientLimitExceededThreshold = "ClientLimitExceededThreshold";
     public const string ClientsUsed = "ClientsUsed";
     public const string IssuerLimit = "IssuerLimit";
     public const string IssuerCount = "IssuerCount";
-    public const string IssuerLimitExceededThreshold = "IssuerLimitExceededThreshold";
     public const string IssuersUsed = "IssuersUsed";
+    public const string LicenseContact = "LicenseContact";
+    public const string LicenseCompany = "LicenseCompany";
 }
 
 internal static partial class Log
@@ -27,47 +27,54 @@ internal static partial class Log
 
     [LoggerMessage(
         LogLevel.Error,
-        message: "The IdentityServer license is expired. In a future version of IdentityServer, license expiration will be enforced after a grace period.")]
-    public static partial void LicenseHasExpired(this ILogger logger);
+        message: $"Your IdentityServer license is expired. Please contact {{{LicenseLogParameters.LicenseContact}}} from {{{LicenseLogParameters.LicenseCompany}}} or start a conversation with us at https://duende.link/l/contact to renew your license as soon as possible. In a future version, license expiration will be enforced after a grace period. See https://duende.link/l/expired for more information.")]
+    public static partial void LicenseHasExpired(this ILogger logger,
+        string licenseContact, string licenseCompany);
 
     [LoggerMessage(
         LogLevel.Error,
         Message =
-            $"You are using IdentityServer in trial mode and have exceeded the trial threshold of {{{LicenseLogParameters.Threshold}}} requests handled by IdentityServer. In a future version, you will need to restart the server or configure a license key to continue testing. For more information, please see http://duende.link/trialmode.")]
+            $"You are using IdentityServer in trial mode and have exceeded the trial threshold of {{{LicenseLogParameters.Threshold}}} requests handled by IdentityServer. In a future version, you will need to restart the server or configure a license key to continue testing. See https://duende.link/l/trial for more information.")]
     public static partial void TrialModeRequestCountExceeded(this ILogger logger, ulong threshold);
 
     [LoggerMessage(
         LogLevel.Error,
-        message: $"Your license for Duende IdentityServer only permits {{{LicenseLogParameters.ClientLimit}}} number of clients. You have processed requests for {{{LicenseLogParameters.ClientCount}}} clients and are still within the threshold of {{{LicenseLogParameters.ClientLimitExceededThreshold}}} for exceeding permitted clients. In a future version of client limit will be enforced. The clients used were: {{{LicenseLogParameters.ClientsUsed}}}.")]
-    public static partial void ClientLimitExceededWithinOverageThreshold(this ILogger logger, int clientLimit,
-        int clientCount, int clientLimitExceededThreshold, IReadOnlyCollection<string> clientsUsed);
+        message:
+            $"Your IdentityServer license includes {{{LicenseLogParameters.ClientLimit}}} clients but you have processed requests for {{{LicenseLogParameters.ClientCount}}} clients. Please contact {{{LicenseLogParameters.LicenseContact}}} from {{{LicenseLogParameters.LicenseCompany}}} or start a conversation with us at https://duende.link/l/contact to upgrade your license as soon as possible. In a future version, this limit will be enforced after a threshold is exceeded. The clients used were: {{{LicenseLogParameters.ClientsUsed}}}. See https://duende.link/l/threshold for more information.")]
+    public static partial void ClientLimitExceededWithinOverageThreshold(this ILogger logger,
+        int clientLimit, int clientCount, string licenseContact, string licenseCompany, IReadOnlyCollection<string> clientsUsed);
 
+    // Language is deliberately the same when over or under threshold (will change in future version).
     [LoggerMessage(
         LogLevel.Error,
         message:
-            $"Your license for Duende IdentityServer only permits {{{LicenseLogParameters.ClientLimit}}} number of clients. You have processed requests for {{{LicenseLogParameters.ClientCount}}} clients and are beyond the threshold of {{{LicenseLogParameters.ClientLimitExceededThreshold}}} for exceeding permitted clients. In a future version of client limit will be enforced. The clients used were: {{{LicenseLogParameters.ClientsUsed}}}.")]
-    public static partial void ClientLimitExceededOverThreshold(this ILogger logger, int clientLimit, int clientCount,
-        int clientLimitExceededThreshold, IReadOnlyCollection<string> clientsUsed);
+            $"Your IdentityServer license includes {{{LicenseLogParameters.ClientLimit}}} clients but you have processed requests for {{{LicenseLogParameters.ClientCount}}} clients. Please contact {{{LicenseLogParameters.LicenseContact}}} from {{{LicenseLogParameters.LicenseCompany}}} or start a conversation with us at https://duende.link/l/contact to upgrade your license as soon as possible. In a future version, this limit will be enforced after a threshold is exceeded. The clients used were: {{{LicenseLogParameters.ClientsUsed}}}. See https://duende.link/l/threshold for more information.")]
+    public static partial void ClientLimitExceededOverThreshold(this ILogger logger,
+        int clientLimit, int clientCount, string licenseContact, string licenseCompany, IReadOnlyCollection<string> clientsUsed);
 
     [LoggerMessage(
         LogLevel.Error,
         message:
-        $"You do not have a license, and you have processed requests for {{{LicenseLogParameters.ClientCount}}} clients. This number requires a tier of license higher than Starter Edition. The clients used were: {{{LicenseLogParameters.ClientsUsed}}}.")]
+        $"You are using IdentityServer in trial mode and have processed requests for {{{LicenseLogParameters.ClientCount}}} clients. In production, this will require a license with sufficient client capacity. You can either purchase a license tier that includes this many clients or add additional client capacity to a Starter Edition license. The clients used were: {{{LicenseLogParameters.ClientsUsed}}}. See https://duende.link/l/trial for more information.")]
     public static partial void ClientLimitWithNoLicenseExceeded(this ILogger logger, int clientCount,
         IReadOnlyCollection<string> clientsUsed);
 
     [LoggerMessage(
         LogLevel.Error,
-        message: $"Your license for Duende IdentityServer only permits {{{LicenseLogParameters.IssuerLimit}}} number of issuers. You have processed requests for {{{LicenseLogParameters.IssuerCount}}} issuers and are still within the threshold of {{{LicenseLogParameters.IssuerLimitExceededThreshold}}}. The issuers used were: {{{LicenseLogParameters.IssuersUsed}}}. This might be due to your server being accessed via different URLs or a direct IP and/or you have reverse proxy or a gateway involved. This suggests a network infrastructure configuration problem, or you are deliberately hosting multiple URLs and require an upgraded license. In a future version of issuer limit will be enforced.")]
-    public static partial void IssuerLimitExceededWithinOverageThreshold(this ILogger logger, int issuerLimit, int issuerCount, int issuerLimitExceededThreshold, IReadOnlyCollection<string> issuersUsed);
+        message: $"Your license for IdentityServer includes {{{LicenseLogParameters.IssuerLimit}}} issuer(s) but you have processed requests for {{{LicenseLogParameters.IssuerCount}}} issuers. This indicates that requests for each issuer are being sent to this instance of IdentityServer, which may be due to a network infrastructure configuration issue. If you intend to use multiple issuers, please contact {{{LicenseLogParameters.LicenseContact}}} from {{{LicenseLogParameters.LicenseCompany}}} or start a conversation with us at https://duende.link/l/contact to upgrade your license as soon as possible. In a future version, this limit will be enforced after a threshold is exceeded. The issuers used were {{{LicenseLogParameters.IssuersUsed}}}. See https://duende.link/l/threshold for more information.")]
+    public static partial void IssuerLimitExceededWithinOverageThreshold(this ILogger logger,
+        int issuerLimit, int issuerCount, string licenseContact, string licenseCompany, IReadOnlyCollection<string> issuersUsed);
 
+    // Language is deliberately the same when over or under threshold (will change in future version).
     [LoggerMessage(
         LogLevel.Error,
-        message: $"Your license for Duende IdentityServer only permits {{{LicenseLogParameters.IssuerLimit}}} number of issuers. You have processed requests for {{{LicenseLogParameters.IssuerCount}}} issuers and are over the threshold of {{{LicenseLogParameters.IssuerLimitExceededThreshold}}}. The issuers used were: {{{LicenseLogParameters.IssuersUsed}}}. This might be due to your server being accessed via different URLs or a direct IP and/or you have reverse proxy or a gateway involved. This suggests a network infrastructure configuration problem, or you are deliberately hosting multiple URLs and require an upgraded license. In a future version of issuer limit will be enforced.")]
-    public static partial void IssuerLimitExceededOverThreshold(this ILogger logger, int issuerLimit, int issuerCount, int issuerLimitExceededThreshold, IReadOnlyCollection<string> issuersUsed);
+        message: $"Your license for IdentityServer includes {{{LicenseLogParameters.IssuerLimit}}} issuer(s) but you have processed requests for {{{LicenseLogParameters.IssuerCount}}} issuers. This indicates that requests for each issuer are being sent to this instance of IdentityServer, which may be due to a network infrastructure configuration issue. If you intend to use multiple issuers, please contact {{{LicenseLogParameters.LicenseContact}}} from {{{LicenseLogParameters.LicenseCompany}}} or start a conversation with us at https://duende.link/l/contact to upgrade your license as soon as possible. In a future version, this limit will be enforced after a threshold is exceeded. The issuers used were {{{LicenseLogParameters.IssuersUsed}}}. See https://duende.link/l/threshold for more information.")]
+    public static partial void IssuerLimitExceededOverThreshold(this ILogger logger,
+        int issuerLimit, int issuerCount, string licenseContact, string licenseCompany, IReadOnlyCollection<string> issuersUsed);
+
 
     [LoggerMessage(
         LogLevel.Error,
-        message: $"You do not have a license, and you have processed requests for {{{LicenseLogParameters.IssuerCount}}} issuers. If you are deliberately hosting multiple URLs then this number requires a license per issuer, or the Enterprise Edition tier of license. If not then this might be due to your server being accessed via different URLs or a direct IP and/or you have reverse proxy or a gateway involved, and this suggests a network infrastructure configuration problem. The issuers used were: {{{LicenseLogParameters.IssuersUsed}}}.")]
+        message: $"You are using IdentityServer in trial mode and have processed requests for {{{LicenseLogParameters.IssuerCount}}} issuers. This indicates that requests for each issuer are being sent to this instance of IdentityServer, which may be due to a network infrastructure configuration issue. If you intend to use multiple issuers, either a license per issuer or an Enterprise Edition license is required. In a future version, this limit will be enforced after a threshold is exceeded. The issuers used were: {{{LicenseLogParameters.IssuersUsed}}}. See https://duende.link/l/trial for more information.")]
     public static partial void IssuerLimitWithNoLicenseExceeded(this ILogger logger, int issuerCount, IReadOnlyCollection<string> issuersUsed);
 }
@@ -72,6 +72,6 @@ public async Task unlicensed_protocol_requests_log_a_warning()
         }
 
         _mockPipeline.MockLogger.LogMessages.ShouldContain(
-            $"You are using IdentityServer in trial mode and have exceeded the trial threshold of {threshold} requests handled by IdentityServer. In a future version, you will need to restart the server or configure a license key to continue testing. For more information, please see http://duende.link/trialmode.");
+            $"You are using IdentityServer in trial mode and have exceeded the trial threshold of {threshold} requests handled by IdentityServer. In a future version, you will need to restart the server or configure a license key to continue testing. See https://duende.link/l/trial for more information.");
     }
 }