Private listing token check upon installation

Hello,
We have an application privately listed on the atlassian market place.
We want to implement a check on installation to ensure that the url provided has a valid private-listing token (that we have generated on our end in the store and then provided to the person installing).
Is there documentation on how to do this or maybe best practices that I am missing when searching? I want to reiterate that we do not wish to make our app public on the marketplace store.
Any help is appreciated, thanks in advance!