You can use the Verification DSCSA API to integrate the third-party systems with the Product Verification DSCSA application.
The Verification DSCSA API uses the Representational State Transfer (REST) standard to interact with other systems.
The Verification DSCSA API is an extension of the Product Verification DSCSA application of Movilitas.Cloud and enables you to send requests from external systems to the application.
This article describes how to send a verification request to Movilitas.Cloud by using the Verification DSCSA API.
API Tool to Use
In this document, we provide examples by using the cURL command-line tool. You can use any API tool to perform the API requests, for example, Postman or Katalon Studio.
Before You Begin
Before you start sending any messages:
1. You must enable the Product Verification DSCSA application in the Admin UI.
2. You must create an API key and secret.
3. You must create a shopfloor channel with Verification DSCSA API source. You will need the channel key for your requests.
4. You must have the authentication token to send requests over API. Select one of the following ways:
- Apply a dynamic token. Send an authentication request over the Authentication API. For more information about the Authentication API, open the Tenant Dashboard in Movilitas.Cloud, select API keys, and choose Authentication API Documentation. Also, see Authentication Request.
- Apply a static token. Generate a static token for your previously created API key.
For more information, see Configuring the Movilitas.Cloud APIs.
Procedure
1. Use the POST method and the following URL:
https://api-staging.movilitas.cloud/v1/product_verification_dscsa/api/verify
2. For the header, define the following:
Key | Action |
---|---|
Content-Type | Apply JSON format for the content. Use the value application/json. |
x-access-token | Provide the authentication token. |
x-channel-key | The channel key of your Verification DSCSA API channel. |
3. In the body of the request, define the parameters and their values based on the table below.
Field | Required or Optional? | Type | Description |
---|---|---|---|
atp_verifiable_presentation | Optional | String | The JSON Web Token (JWT) that represents the verifiable credential of the requester. Applicable when the verifiable credential is obtained outside Movilitas.Cloud. When not specified, the responder responds only in the case the responder accepts requests without a verifiable credential. |
gln | Required | String | The Global Location Number of the requester as per the GS1 standard. |
serial | Required | String | The serial number of the trade item as per the GS1 standard. |
gtin | Required | String | The Global Trade Item Number (GTIN) of the trade item. |
batch | Required | String | The batch of the trade item as per the GS1 standard. |
expiry_date | Required | String | The expiry date of the trade item in the YYMMDD format as per the GS1 standard. |
verification_request_contact_info | Optional | Object | The contact information of the requester. |
Optional | String | The email address of the requester. | |
telephone | Optional | String | The phone number of the requester. |
context | Required | Enum | The context of the verification. One of the following values:
|
control_possess_attribute | Optional | Boolean | The flag that highlights whether the trade item to be verified is in the possession of the requester.
When not specified, the possession attribute is not passed. IMPORTANT: If the product is not in the possession of the requester ("false") or the possession attribute is not passed, the responder might reject responding. |
GS1US_version_value | Required | String | The GS1 US version that must be a fixed value, "1.3.0". |
4. Send the request.
Sample cURL Request
curl -X POST \ 'https://api-staging.movilitas.cloud/v1/product_verification_dscsa/api/verify' \ -H 'x-access-token: eyJhbGciOiJIUzI1NiIsInR6cDI6IkpXVCJ0.eyJrZXkiOiJmYjVtQUhyTmhta05mSkJjX250clRHRTNfZkoqRktlKkdqVDRFMkNNU0FtaEFGMk43Q2JmNEY3QVJTMy01M2Q4IiwiX2lkIjoiNjQyMzQxNTkyNmFiYzQ4ZDMxOTE0MWE0IiwiaWF0IjoxNjgwNDNyMTgzfQ.t894-oEC' \ -H 'x-channel-key: zBDgSJ1iKUpNmmcp1izN0QEBCaULGEGqxazXJ3H' \ -H 'Content-Type: application/json' \ -d '{ "atp_verifiable_presentation": "eyJhbGciOiJFZERTSSIsInR6cCI6IkrXVCJ.0eyJpYXQiOjE2ODA3MDM1MTEsImV4cCI6MTY4MTQ4Njc2NiwidnAiRnsiQGMvbnRLeHQiOlsiaHR0cHM6My93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiXSwidHlwZSI6Wy", "gln": "2996133448223", "serial": "MVCSN3048", "gtin": "00338300555778", "batch": "MVC001", "expiry_date": "250531", "verification_request_contact_info": { "email": "admin@movilitas.cloud", "telephone": "+3221234567" }, "context": "dscsaSaleableReturn", "control_possess_attribute": true, "GS1US_version_value": "1.3.0" }'
The application sends back a response that contains the following fields in the body:
Field | Type | Description |
---|---|---|
correlation_uuid | String | The correlation UUID of the verification request. The response is linked to the request and they hold the same correlation UUID. |
verified | Boolean | The verification result for the trade item (product identifier):
|
verification_timestamp | String | The timestamp of the trade item verification. |
verification_failure_reason | String | If the verification result for the trade item (product identifier) is "false", the reason for the verification failure as per the GS1 Lightweight Messaging Standard for DSCSA Verification of Product Identifiers. Otherwise, it is empty. |
additional_info | String | Optional additional information as per the GS1 Lightweight Messaging Standard for DSCSA Verification of Product Identifiers. |
responder_gln | String | The Global Location Number of the responder as per the GS1 standard. Empty when not provided. |
responder_atp_verifiable_presentation | String | The JSON Web Token (JWT) that represents the verifiable credential of the responder. Applicable when the responder verification is performed outside Movilitas.Cloud; in this case, the request contains the verifiable credential (JWT) of the requester. |
responder_atp | Object | The responder verification data. Applicable when the responder verification is performed through Movilitas.Cloud. Otherwise, the object is an empty {}. |
verified | String | The verification result for the responder:
|
verification_timestamp | String | The timestamp of the responder verification. |
verification_failure_reason | String | If the verification result for the responder is "false", the reason for the verification failure as per the Open Credential Initiative (OCI) guidelines. Otherwise, "null". |
responder_info | Object | The responder data. |
id | String | The digital identifier key of the responder. |
type | String | The type of the responder information. |
legalName | String | The legal name of the responder. |
identifier | String | The identifier of the responder. |
issuerName | String | The name of the issuer. |
postalCode | String | The postal code of the responder. |
addressRegion | String | The region of the responder. |
streetAddress | String | The street of the responder. |
addressCountry | String | The country of the responder. |
addressLocality | String | The locality of the responder. |
organizationType | String | The organization type of the responder. |
responder_contact_email | String | The email address of the responder. Empty when not provided. |
responder_contact_telephone | String | The phone number of the responder. Empty when not provided. |
For more information on verification failure reasons and additional information related to the pack, see VRS Responses for the Pack (Verification Failure Reason and Additional Info).
For more information on verification errors, see Verification Error Handling.
Sample Response (Success 200)
{ "success": true, "message": "Product verification response", "data": { "correlation_uuid": "6d8b0616-2b6d-48bc-8730-4fd17e7f1168", "verified": true, "verification_timestamp": "2023-04-12T16:37:07.275Z", "verification_failure_reason": "", "additional_info": "", "responder_gln": "0338300871687", "responder_atp_verifiable_presentation": "eyJhbGciOiJFAERTLSIsInR7cCI6IkpXWCJ.1eyJpYXQiOjE2ODEzMTc0MjcsImV4cCI6MTcxMjY1NTIwNiwidnAiOnsiRGM", "responder_atp": {}, "responder_contact_email": "marc.blekkink@movilitas.com", "responder_contact_telephone": "" } }
Other System Actions
If the requester is not yet existing in the Product Verification DSCSA application in the Admin UI, the requester is auto-created with the following parameters:
- Requester name. Note: If the verifiable credential is not present in the request, the GLN is added as the name.
- Requester GLN.
Example:
Errors and Resolution
This section lists some of the most general error messages or error types when sending the request.
Error Message or Error Type | Error Code | Description |
---|---|---|
No token provided | ERR0001 | No authentication token is provided. Ensure that you add the authentication token to the header of the request. |
Failed to authenticate token | ERR0000 | Failed to authenticate the provided token. Double-check if your token has expired or has been revoked. Obtain a valid token by generating a static one or by getting a dynamic one through Authentication API. |
Channel ID is missing or it needs to be in correct format | - | The channel key of your Verification DSCSA API channel is not specified in the request. To get the channel key, go to Tenant Dashboard --> Channels in the Admin UI, open your Verification DSCSA API channel, and find the channel key on the top of the Edit shopfloor channel panel. |
Request body could not be parsed | - | The syntax of the request body is not correct, for example, a comma is missing at the end of a field. Make sure that the request body is defined in the correct way and that you use JSON format. |
Validation error | - | The given data is invalid. It does not follow the required data type or pattern. The response includes details about the specific issue. Follow the explanation in the response and correct your data. |