Skip to main content
PassEntry supports validating passes at physical locations using NFC or barcodes, for use cases such as event access, membership verification, ticketing and loyalty check-ins. By default, PassEntry validates scans internally. With third-party validation, each scan is sent to your own system, allowing you to apply custom business logic, control reader responses and optionally update loyalty balances as part of the same validation flow.

โ€‹
What is Third-Party Validation?

With third-party validation, your system takes full control over how passes are validated. Instead of PassEntry checking pass validity, every scan is sent to your own endpoint, where you decide the logic.

โ€‹
PassEntry Internal vs. Third-Party Validation

FeaturePassEntry Default Validation ๐Ÿ“ฆThird-Party Validation ๐Ÿ”ง
Setup๐Ÿ“ฆ Out-of-the-box, no setup required๐Ÿ› ๏ธ Requires a custom validation endpoint
Validation Logic๐Ÿ”’ PassEntry validates against its own databaseโš™๏ธ Your system defines all validation rules
Scan Value Format๐Ÿ”‘ Must be pass UUID or external ID๐Ÿ“œ Can contain any data or combination of values (e.g., customerID-promoCode)
Reader Instructions๐Ÿ“ก Pre-defined reader instructions๐ŸŽจ Full control over instructions (e.g., messages, LED colors, sounds)
Scans Logging๐Ÿ“Š Yes๐Ÿ“Š Yes
Support for NFC/Barcode๐Ÿ“ก NFC & Barcode (only if barcode is configured as pass UUID)๐Ÿ“ก NFC & Barcode
Association to the pass๐Ÿ”„ Yes๐Ÿ“ก Only if passId provided by your endpoint
Current Compatibility๐Ÿ”— Works with VTAP & PassEntry Reader๐Ÿ”— Works with VTAP & PassEntry Reader
Loyalty Managementโœจ Automatically updates points or stamps, and sends notifications if included๐ŸŽฏ Full control โ€“ your endpoint must handle loyalty updates and send any notifications

โ€‹
When to Use Third-Party Validation

Use third-party validation when you need full control over validation logic, such as enforcing custom access rules, validating external identifier or updating loyalty balances based on business-specific conditions. If you do not need custom logic, PassEntryโ€™s default validation is recommended as it requires no setup and works out of the box.

โ€‹
How to Enable Third-Party Validation

To start using third-party validation, follow these simple steps:

โ€‹
1. Ensure You Have a Reader Set Up

Third-party validation is currently supported only on PassEntry readers. If you havenโ€™t set up a reader yet, follow this guide to do so.

โ€‹
2. Update Your Reader Configuration

  1. Go to PassEntry Dashboard โ†’ Readers โ†’ Reader Configuration.
  2. Find the Validation Settings section.
  3. Change the validation type to Third-Party.
  4. Enter an HTTPS URL of your third-party validation endpoint (this is where PassEntry will send scans for validation).
  5. Include a Bearer token (this is a token that the reader will send to your endpoint to authenticate itself).
Validation Settings

โ€‹
3. Apply Changes & Activate Third-Party Validation

  • Once you update the settings, the PassEntry reader will log out automatically and VTAP readerโ€™s configuration will be automatically updated.
  • On the next login/reboot, it will use the new validation settings, sending all scans to your third-party endpoint.
  • After validation, scans will still be logged in PassEntry for tracking and reporting (only on PassEntry readers).
Third-Party Logs

โ€‹
How It Works

  1. A pass is scanned using a PassEntry reader or VTAP reader (via NFC or barcode).
  2. Instead of PassEntry validating the pass, the scan is sent to your third-party endpoint.
  3. Your system processes the validation using custom business logic.
  4. The reader receives a response from your system and displays any necessary instructions (e.g., โ€œAccess Grantedโ€ or โ€œInvalid Ticketโ€).
  5. The scan is logged in PassEntry for visibility and reporting (only on PassEntry readers).

โ€‹
Third-Party Endpoint Structure

Your custom validation endpoint must be able to receive scan data and respond with validation results.

โ€‹
Reader Request Format

โ€‹
PassEntry Reader

{
    "scan": {
        "scanValue": "some-scan-value",
        "readerId": "passentry_reader_id",
        "scanType": "nfc",
        "loyalty": {
            "balance": -10,
            "message": "You have redeemed 10 points"
        }
    }
}
โ€‹
scan
object

โ€‹
VTAP Reader

{
    "scan": {
        "scanValue": "some-scan-value",
        "readerId": "CC123456",
        "readerType": "VTAP",
        "scanData": {
            "IP": "Local IP of device",
            "location": "Reader Location",
            "passtype": "A",
            "payload": "d9ae223c9e6cd57e18f3f61b6198cce756de8b2b",
            "rdrparam1": "Optional Reader Info 1",
            "rdrparam2": "Optional Reader Info 2",
            "serialno": "CC123459",
            "SSID": "Connected WiFi"
        }
    }
}
โ€‹
scan
object

โ€‹
Your Endpoint Response Format

โ€‹
PassEntry Reader

{
    "validationResponse": {
        "status": "failed",
        "statusDetail": "Subscription expired",
        "passId": "65844fnrjkfjfkel4h4j23",
        "readerInstructions": {
            "message": "Sorry, we can't let you in"
        }
    }
}
โ€‹
validationResponse
object

โ€‹
VTAP Reader

{
    "validationResponse": {
        "status": "failed",
        "statusDetail": "Subscription expired",
        "passId": "65844fnrjkfjfkel4h4j23",
        "readerInstructions": {
            "VTAPaction": {
              "led": "?LEDR 00FF00,100,100,3",
              "beep": "?BEEPR 50,50,2",
              "message": "Sorry, we can't let you in",
              "success": false
            }
        }
    }
}
โ€‹
validationResponse
object
For more information on VTAP actions, see the VTAP API documentation.