Skip to main content
Every physical product you manage through Endstate has a digital record — a unit. When a user taps the NFC chip on that product, the API verifies the tap and returns proof of authenticity. Everything else in the API supports that moment.

Concepts

Collections

A group of related units — a product line, drop, or release. Create a collection first; it defines the namespace your units share.

Units

The unique digital record for a single physical item. Each unit belongs to exactly one collection and maps one-to-one with a physical product.

Chips & verification

A real, physical NFC chip (NTAG 424 DNA) on the item. Pairing a chip to a unit links hardware to its digital record. Each tap produces a one-time credential used to verify authenticity.

Session tokens

Short-lived proof that a specific chip was just tapped. Scoped to one chip, unit, and organization — safe to use from a client without exposing your API key.

Tap redirects

Control where a user lands after a tap — set a destination per unit, per collection, or org-wide. The most specific redirect wins.

Claims

Hand a verified unit to its first owner, authorized by the session token from a recent tap of that unit’s chip. Endstate can submit it for you.

Transfers

Move a unit between owners — tap-authorized like a claim, but the current owner submits the transfer from their own wallet.

How they fit together

The concepts follow a single chain from setup to verification at the point of tap. 1. Create a collection A collection groups related physical items under one namespace. You create it first (POST /v1/collections) and poll until it is ready before adding units to it. The collection defines the serial-number space that all of its units will share. 2. Create a unit For each physical item, you create a unit inside the collection (POST /v1/units). The unit is the item’s digital record — you can attach a name, an external ID that maps to your own systems, and free-form attributes. At this point the unit exists but has no serial number yet; that comes when a chip is paired. 3. Pair a chip You pair an NFC chip to the unit (POST /v1/chips) to link the physical tag on the product to its digital record. Pairing triggers issuance: the unit receives a serial number within its collection and its issuance status moves from pending to active. A chip is permanently bound to one unit and cannot be re-paired. 4. User taps When a user taps the product, the NFC chip delivers a chip_id and a one-time credential (an e value) — either via a tap URL in your application or through a redirect. The e value is single-use and is never logged. You can control where a tap lands — your own page or Endstate’s hosted flow — with tap redirects. 5. Verify Your server sends the chip_id and e value to POST /v1/chips/{chip_id}. The API validates the credential, records the tap against the chip’s scan count, and returns the unit’s full metadata plus a session token. A successful response is confirmation the product is authentic. 6. Use the session token The session token is short-lived proof that the tap just happened. You can pass it to GET /v1/session-tokens/current from a client to confirm its scope — which chip, which unit, and which organization it is bound to — without exposing your API key. A session token also authorizes the unit’s ownership actions: claiming it via the Claims API and transferring it between owners via the Transfers API. The complete flow in one line:

Next steps

  • Follow the Quickstart to run a complete verification flow end to end.
  • Read Collections for a detailed look at creating and provisioning a collection.