API Access
Legitimate allows agencies and developers to create entirely custom digital experiences on the Legitimate platform for a given set of tags.
Last updated
Was this helpful?
Legitimate allows agencies and developers to create entirely custom digital experiences on the Legitimate platform for a given set of tags.
Last updated
Was this helpful?
Legitimate's API can be used to redirect to custom web applications or even native app experiences via two different approaches:
The LGT Tags are pre-programmed to link to the Tap by Legitimate web app that then be configured to redirect to your own website.
Legitimate's NFC Tags can be configured to redirect to a different domain or URL with the verification parameters from the tag to create an entirely new user flow and digital experience. This is extremely useful to redirect users to a custom web experience, or redirect to a native mobile app experience.
By default, Legitimate's NFC Tags are pre-programmed to open Legitimate's web URL first and then redirect to another desired URL. Legitimate will collect analytics data before redirecting.
The URL parameters can then be used to call the tag related APIs.
Each time an NFC tag is scanned, a new set of verification parameters will be generated. Therefore, if you are intending to use the Tag URL Redirect features, it is extremely important to note that you must verify the parameters every time a scan occurs. This is meant to protect the connected products from counterfeit and ensure that each scan is unique.
To configure the redirect URL, please login to the Legitimate Dashboard, open the configuration page for the desired SKU, and set the Redirect URL field.
User taps the tag with their phone and opens the link popup
The uid, ctr, and cmac is used to verify the tag's authenticity and get information about the content for the tag.
The browser is then redirected to your own page with the same parameters https://www.yourdomain.com/page/name?uid=XXXXXXXXXXXXXX&ctr=YYYYYY&cmac=ZZZZZZZZZZZZ
You can call a set of APIs to obtain the NFT and blockchain information associated with the tag. With the given information about the NFT, you can then call our APIs to transfer the NFT to a given wallet or reset ownership when the item is sold or given away.
If you already have a native app, you can also leverage native NFC reading capabilities within the app to read NFC tags programmed by Legitimate. To do so, please refer to the standard documentation to trigger the NFC reading capabilities of the mobile app operating system that you are developing for.
For further clarity, your application must be able to read NFC tags programmed to emit data in NDEF format. This is a fairly standard capability, with support from all major mobile operating systems and frameworks. We've included links to some standard libraries and resources below:
React Native (multiple libraries exist)
After successfully setting up NFC read support in your native application, you should be able to trigger an NFC reading session on your phone. Scanning a Legitimate NFC tag should yield data in the following format:
The URL parameters can then be used to call the tag related APIs.
Each time an NFC tag is scanned, a new set of verification parameters will be generated. Therefore, if you are intending to use the Tag URL Redirect features, it is extremely important to note that you must verify the parameters every time a scan occurs. This is meant to protect the connected products from counterfeit and ensure that each scan is unique.
User opens Native App and triggers an NFC read action
iOS applications will trigger a native OS-level user NFC prompt
The NFC tag is read and NDEF data is returned to the mobile app https://verify.legitimate.tech/?uid=XXXXXXXXXXXXXX&ctr=YYYYYY&cmac=ZZZZZZZZZZZZ
The uid, ctr, and cmac is used to verify the tag's authenticity and get information about the content for the tag.
You can call a set of APIs to obtain the NFT and blockchain information associated with the tag. With the given information about the NFT, you can then call our APIs to transfer the NFT to a given wallet or reset ownership when the item is sold or given away.
Direct access to our APIs are available to our enterprise clients. Different plans are available depending on the number of tags supported, API usage limits, custom domains for endpoints, and CORS domain allowlists.
See our API Access page for more documentation about the APIs.
The initial state of the digital ID token is when the tag has been tapped for the first time. The ownership of the token is ready to be claimed by the user.
We suggest a preview of the product metadata and digital experience, as well as a short summary of what to expect before asking the user to login or connect their wallet to claim the NFT.
owner_address = null
After the user has claimed ownership of the digital ID and the token has been transferred to their wallet, anyone who has access to the phygital item can be shown exclusive digital content. Keep in mind that owners often let their friends and family tap the tag as well so any content or digital activations that can encourage sharing can help expand your reach and encourage more engagement.
owner_address = 0xaBcD...
In the event that a link generated by the NFC tag is shared and reused, or invalid tag information is passed in, an error page should inform the user to tap the tag on the item again.
(optional)
For collectible items and items that may be resold, traded, and ownership transferred, we suggest adding the ability for owners to reset the ownership so the token can be claimed again. Because Legitimate pays blockchain transaction fees, resetting ownership and allowing new owners to start over with the claim process is a more seamless experience. The old owner can reset the token before giving the item away, or if the old owner forgot to reset, the new owner can also reset and claim the token as if were new.
