Skip to main content
Endstate gives physical products a secure digital identity — so brands can protect authenticity, deepen user engagement, and turn every product into a connected experience. This API is how you build them: create a digital record for each product, pair it with a secure NFC chip, and confirm a product is authentic the moment a user taps it. When a tap is verified, you receive a session token and the product’s full digital record — ready to power ownership, loyalty, and any other product-aware action in your application. The API is organized around three core resources — collections, units, and chips — and a lightweight verification call that ties them together. All resources are JSON, all requests are HTTPS, and the production base URL is https://api2.endstate.io.

The mental model

  • Collection — a group of related items (a product line, a drop, a release). Create a collection first; it defines the namespace that units within it share.
  • Unit — the unique digital record for a single physical item. One unit maps to one physical product.
  • Chip — a real, physical NFC chip (an NTAG 424 DNA) attached to or embedded in the product. Pair a chip to a unit to link the hardware to its digital record. Each tap produces a fresh, one-time credential.
  • Verification — pass that credential to the API to confirm the product is authentic. The API records the tap and returns a session token.
  • Session token — short-lived proof that a specific chip was just tapped. Use it to authorize unit-scoped actions without exposing your API key.

Quickstart

Create a collection, add a unit, pair a chip, and run your first verification in minutes.

Authentication

Learn about API keys and session tokens — the two credentials the API uses.

Core concepts

Understand collections, units, chips, and the verification model in depth.

API reference

Full endpoint reference with request and response schemas.

How it works

  1. Create a collection — define a group for your items. The collection is provisioned asynchronously; poll until it is ready before adding units.
  2. Create a unit — add a digital record for each physical item inside the collection.
  3. Pair a chip — link the physical NFC chip on the item to the unit. This triggers issuance: the unit receives a serial number within the collection.
  4. User taps — the tap URL delivers a chip_id and a one-time credential (e value) to your application.
  5. Verify — send chip_id and e to POST /v1/chips/{chip_id}. The API validates the credential, records the tap, and returns the unit’s metadata plus a session token.
  6. Use the session token — pass it to GET /v1/session-tokens/current from your client to confirm scope without exposing the API key.
For testing without physical hardware, create a test chip (is_test: true) and use POST /v1/chips/{chip_id}/tap to simulate a tap.

Next steps

  • Follow the Quickstart to run a complete verification flow in a few minutes.
  • Read Core concepts for a deeper look at how collections, units, and chips relate to each other.