Everything you need to integrate product authentication, NFC verification, and digital certificates into your application.
Base URL: https://api.sealtrust.io/v1Get up and running in 3 steps. Create your first authenticated product in under 5 minutes.
Sign in to your SealTrust dashboard and generate an API key from the Settings page.
# Navigate to your SealTrust dashboard
# Settings → API Keys → Create new key
# Copy your key — it won't be shown againAdd the SealTrust SDK to your project using your preferred package manager.
npm install @sealtrust/sdk
# or
yarn add @sealtrust/sdkRegister a product and trigger on-chain minting with a single API call.
curl -X POST https://api.sealtrust.io/v1/products \
-H "Authorization: Bearer st_live_your_api_key" \
-H "Content-Type: application/json" \
-d '{
"name": "Limited Edition Sneaker",
"sku": "SNK-001",
"category": "footwear",
"metadata": {
"color": "midnight blue",
"size": "42"
}
}'All API requests require a valid API key passed in the Authorization header.
Include your API key as a Bearer token in every request.
curl https://api.sealtrust.io/v1/products \
-H "Authorization: Bearer st_live_your_api_key"SealTrust provides two types of API keys for different environments.
| Prefix | Environment | Usage |
|---|---|---|
| st_test_ | Sandbox | Development and testing. No real blockchain transactions. |
| st_live_ | Production | Production. Real NFC verification and on-chain minting. |
Rate limits are applied per API key and vary by plan.
| Plan | Rate Limit | Burst |
|---|---|---|
| Starter | 100 req/min | 20 req/s |
| Business | 1,000 req/min | 50 req/s |
| Enterprise | 10,000 req/min | 200 req/s |
Create, list, update, and mint products. Each product can be linked to an NFC tag and minted as an on-chain NFT.
Retrieve a paginated list of your products.
| Parameter | Type | Required | Description |
|---|---|---|---|
| page | integer | optional | Page number (default: 1) |
| per_page | integer | optional | Items per page (default: 20, max: 100) |
| status | string | optional | Filter by status: active, pending_mint, minted, archived |
| category | string | optional | Filter by category |
Create a new product. Optionally trigger automatic NFT minting.
| Parameter | Type | Required | Description |
|---|---|---|---|
| name | string | required | Product name |
| sku | string | required | Unique stock keeping unit |
| category | string | optional | Product category (e.g., footwear, accessories) |
| description | string | optional | Product description |
| metadata | object | optional | Custom key-value metadata |
| auto_mint | boolean | optional | Auto-mint NFT on creation (default: false) |
Retrieve a single product by its ID, including NFC tag and NFT status.
Update product details. Only provided fields will be changed.
Trigger NFT minting for a product. The minting process is asynchronous — use webhooks or polling to track status.
Issue tamper-proof digital certificates of authenticity, ownership, or warranty. Each certificate is anchored on-chain.
Issue a new certificate for a product.
| Parameter | Type | Required | Description |
|---|---|---|---|
| product_id | string | required | ID of the product to certify |
| type | string | required | Certificate type: authenticity, ownership, warranty |
| issued_to | string | optional | Name of the certificate recipient |
| expires_at | string | optional | Expiration date (ISO 8601) |
Revoke a previously issued certificate. This is irreversible and recorded on-chain.
Verify the validity of a certificate, including on-chain verification.
Verify product authenticity using NTAG 424 DNA Secure Dynamic Messaging (SDM) or direct NFC tap.
Verify a product using the cryptographic data from an NTAG 424 DNA NFC tag. The UID, counter, and CMAC are extracted from the tag's NDEF URL.
| Parameter | Type | Required | Description |
|---|---|---|---|
| uid | string | required | 7-byte NFC tag unique identifier (hex) |
| ctr | string | required | 3-byte read counter value (hex) |
| cmac | string | required | 8-byte AES-CMAC authentication code (hex) |
End users can verify products by simply tapping the NFC tag with their smartphone. No app required.
How NFC tap verification works:
Receive real-time notifications when events occur in your SealTrust account.
Register a webhook endpoint to receive events.
| Event | Description |
|---|---|
| product.created | A new product has been created |
| product.minted | Product NFT has been minted on-chain |
| product.scanned | Product NFC tag has been scanned |
| product.transferred | Product ownership has been transferred |
| certificate.issued | A new certificate has been issued |
| certificate.revoked | A certificate has been revoked |
| transfer.initiated | An ownership transfer has been initiated |
| transfer.completed | An ownership transfer has been accepted |
| nfc.tag_linked | An NFC tag has been linked to a product |
Every webhook request includes an X-SealTrust-Signature header. Verify it using HMAC-SHA256 with your webhook secret to ensure the request is authentic.
import crypto from 'crypto';
function verifyWebhook(
payload: string,
signature: string,
secret: string,
): boolean {
const expected = crypto
.createHmac('sha256', secret)
.update(payload)
.digest('hex');
return crypto.timingSafeEqual(
Buffer.from(signature),
Buffer.from(expected),
);
}
// In your webhook handler:
app.post('/webhooks/sealtrust', (req, res) => {
const signature = req.headers['x-sealtrust-signature'];
const isValid = verifyWebhook(
JSON.stringify(req.body),
signature,
process.env.SEALTRUST_WEBHOOK_SECRET,
);
if (!isValid) {
return res.status(401).send('Invalid signature');
}
const { type, data } = req.body;
switch (type) {
case 'product.minted':
handleProductMinted(data);
break;
case 'product.scanned':
handleProductScanned(data);
break;
}
res.status(200).send('OK');
});Create ESPR-compliant Digital Product Passports with full supply chain transparency, materials traceability, and carbon footprint data.
SealTrust DPP is designed to comply with the EU Ecodesign for Sustainable Products Regulation (ESPR) requirements coming into effect in 2027. Start building your DPP infrastructure now to be ready.
Create or update the Digital Product Passport for a product.
Retrieve the Digital Product Passport for a product, including the public-facing URL and QR code.
Connect SealTrust to your existing tools and e-commerce platforms.
Auto-create authenticated products from Shopify orders and sync inventory.
WordPress/WooCommerce plugin for automatic product registration.
PrestaShop webservice integration for product catalog synchronization.
Sync product authentication data with Salesforce CRM records.
Enterprise ERP integration for manufacturing and supply chain workflows.
Sync product data with HubSpot CRM deals and product records.
Odoo ERP integration for product management and inventory sync.
Oracle NetSuite integration for enterprise resource planning workflows.
Microsoft Dynamics 365 integration for CRM and ERP product sync.
REST API and webhooks for any custom ERP or back-office system.
Follow these steps to obtain the credentials required by each connector.
The official SealTrust SDK provides a type-safe, promise-based interface for all API operations.
npm install @sealtrust/sdk
# or
yarn add @sealtrust/sdk
# or
pnpm add @sealtrust/sdkimport { SealTrust } from '@sealtrust/sdk';
// Initialize with your API key
const st = new SealTrust('st_live_your_api_key', {
// Optional configuration
baseUrl: 'https://api.sealtrust.io/v1', // default
timeout: 30000, // 30s default
retries: 3, // auto-retry on 5xx
});// Create a product and mint its NFT
const product = await st.products.create({
name: 'Artisan Watch',
sku: 'WATCH-001',
autoMint: true,
});
// Wait for minting to complete
const minted = await st.products.waitForMint(product.id, {
pollInterval: 2000, // check every 2s
timeout: 120000, // max 2 min
});
console.log('NFT token ID:', minted.nft.tokenId);
console.log('View on chain:', minted.nft.explorerUrl);All API errors follow a consistent format with machine-readable codes and human-readable messages.
When an error occurs, the API returns a JSON object with an error key containing the code, message, HTTP status, and a unique request ID for debugging.
{
"error": {
"code": "product_not_found",
"message": "No product found with ID 'prod_invalid'",
"status": 404,
"request_id": "req_abc123xyz"
}
}| HTTP | Code | Description |
|---|---|---|
| 400 | invalid_request | The request body is malformed or missing required fields. |
| 401 | unauthorized | Missing or invalid API key. |
| 403 | forbidden | The API key does not have permission for this action. |
| 404 | not_found | The requested resource does not exist. |
| 409 | conflict | The resource already exists or is in a conflicting state. |
| 422 | validation_error | One or more fields failed validation. |
| 429 | rate_limited | Too many requests. Retry after the Retry-After period. |
| 500 | internal_error | An unexpected error occurred on our side. Contact support. |
| 502 | blockchain_error | The blockchain node is temporarily unreachable. |
| 503 | service_unavailable | The service is temporarily unavailable. Retry shortly. |
A layered architecture designed for security, scalability, and European data sovereignty.
Verification Layer
Consumer App · NFC Tag · Blockchain
API Gateway
REST API · Webhooks · SDK
Application Layer
Auth · Products · Certificates · Events · DPP
Trust & Security Layer
NFC Crypto · Clone Detection · Trust Scoring
Infrastructure Layer
AWS (Paris) · Encrypted storage · European hosting
Hosted on AWS in Paris, France (eu-west-3) — European data sovereignty guaranteed.
Infrastructure
AWS eu-west-3 (Paris, France)
Database
Relational database (encrypted at rest)
Cache
In-memory cache (encrypted in transit)
Storage
Amazon S3 (encrypted at rest)
Blockchain
Base (Ethereum L2)
NFC
NTAG 424 DNA (AES-128)
Encryption
TLS 1.3 in transit, AES-256 at rest
Compliance
GDPR, EU DPP ready
Create your free account and start authenticating products in minutes.