TAGBASE

Features

External verification

Serve verification on your own domain, fully white-label.

External verification runs the verification experience on your own domain while TAGBASE handles authenticity behind the scenes. Tags carry your URL, and customers see only your brand.

Why use it

  • Your domain and branding. Customers only ever see, for example, verify.brand.com.
  • Your UI. Build a verification page that matches your brand.
  • TAGBASE security, hidden. The two-scan check runs behind your domain.
  • Setup. One DNS record plus a small snippet.

How it works

  1. You point a verification subdomain at TAGBASE with a CNAME.
  2. TAGBASE validates and activates the domain.
  3. Tags are programmed with your domain instead of a TAGBASE URL.
  4. When a customer taps, TAGBASE verifies behind your CNAME, then redirects to your page with a tag identifier (tid) in the query string.
  5. Your page fetches the verification result from TAGBASE and renders it.

Setup

1. CNAME record

Create a CNAME pointing your verification subdomain at TAGBASE:

Type Name Value
CNAME verify external.tagbase.io

This routes https://verify.brand.com to TAGBASE’s verification infrastructure.

2. Fetch the result

On your verification page, read the tid parameter and request the result:

async function fetchVerification() {
const params = new URLSearchParams(window.location.search)
if (!params.has("tid")) return
const response = await fetch(
`https://verify.brand.com/verifications/${params.get("tid")}`,
{ headers: { accept: "application/json" }, credentials: "include" }
)
if (!response.ok) throw new Error(`Response status: ${response.status}`)
const { data } = await response.json()
// First tap returns "pending"; prompt the customer to tap again.
if (data.status === "pending") updateLocation()
return data
}
window.addEventListener("load", fetchVerification)

3. Example response

{
"data": {
"id": "vrf_ULPkD39Y5884BYJFsfw3evkzgWp",
"status": "pending",
"title": "",
"description": "...",
"website": "https://brand.com/products/p1",
"image_urls": ["https://brand.com/products/p1/images/01.jpg"],
"on_device": true,
"inserted_at": "2026-04-26T15:34:20.454709Z"
},
"messages": [
{ "type": "info", "text": "Please scan again to complete the verification." }
]
}
Field Description
status pending, valid, invalid, or valid_with_warnings
on_device Whether the verification happened on this device
description Product description
image_urls Product image URLs
messages Instructions to show the customer

The first tap always returns pending; the second resolves to valid or invalid. See how it works.

4. Geolocation (optional)

The result is only finalised on the second tap, so capture location during the first (pending) tap to have it available in time:

function updateLocation() {
navigator.geolocation.getCurrentPosition(({ coords }) => {
const data = {
latitude: coords.latitude,
longitude: coords.longitude,
accuracy: coords.accuracy
}
document.cookie =
`tagbase_geolocation=${encodeURIComponent(JSON.stringify(data))}` +
`; path=/; SameSite=Lax; domain=.brand.com; max-age=${60 * 10}`
})
}