POST
/
v1
/
tag
/
verify-authenticity
Header
Body
curl --request POST \
  --url https://third-party.etrnl.app/v1/tag/verify-authenticity \
  --header 'API-Key: <api-key>' \
  --header 'Content-Type: application/json' \
  --data '{
  "tagId": 123,
  "enc": "<string>",
  "cmac": "<string>",
  "tt": "<string>",
  "eCode": "<string>"
}'
{
	success: true,
	err: null,
	exists: true,
	authentic: true,
	ctr: 12,
	uid: "04C148EAC37180",
	ttCurrStatus: null,
	ttPermStatus: null,
	lastAuthenticTimestamp: "2023-07-09T09:23:53.672Z",
	lastAuthenticCtr: 11,
	metadata: {
		nftId: 'xxxxxxx'
	}
}
You can use either the Public or Private API Key

This endpoint can be used to test if the NFC generated SUN data is authentic or inauthentic.

Error Messages

  • ctrBehind - The URL has expired and is no longer valid.
  • uidMismatch - The encrypted UID did not match the UID stored in our database for the tag ID. The encrypted data was probably tampered with.
  • cmacMismatch - CMAC signature check did not succeed. The CMAC was probably tampered with.
  • doesNotExist - The tag ID is invalid and does not exist in our database.
  • inactive - The tag has been marked as inactive in our database. This is probably a result of a tag that hasn’t been completely programmed.
  • unauthorized - The tag does not belong to your organization.

Headers

API-Key
string
required

Your organization’s public/private API key.

JSON Request Body

tagId
number
required

The ETRNL unique ID of the tag

enc
string
required

The encrypted message generated by the tag

cmac
string

The CMAC integrity data generated by the tag (Only required if tamper detection is not enabled)

tt
string

The encrypted tag tamper status generated by the tag. (Only required if tamper detection is enabled)

eCode
string
required

A KDF input parameter used for key decyrption

RulesCreate