Technical Support

How to create POAP delivery using API?

Can I use POAP in my application through API key

Is it possible to use /paginated-events GET endpoint to request all events that have a certain string name for instance if I wanted to look for all "adidas" events I could pass the search phrase in the request? The docs don't specify what params can be passed in the GET call but I found this link in the changelog history of this endpoint <https://api.poap.tech/paginated-events?limit=100&offset=0&sort_dir=asc&sort_field=name>

We are able to request a list of our unique QR hashes from this endpoint: <https://api.poap.tech/event/123689/qr-codes>. However, we are unsure how to show the user the actual QR code they need to scan to mint the POAP. How do we go from QR Hash to Actual QR Code? Maybe this is a question that reflects some fundamental misunderstanding about how POAPs work, because it seems like it should be obvious but is not to us.

hi, Thanks for the API key. Can I check how long it takes to receive the auth token? Rgds Branson

Can I get the events created with my API Key only?, I see paginated events bring all the events

Hi, After a POA has been "reserved" via an email address (with /actions/claim-qr), I was wondering if we could use the same API to send it to an ethereum address ? It seems that /actions/claim-qr cannot be used with an ethereum address after an email has been used before ("Bad Request - QR Claim already claimed"). The only way I found is to go to https://app.poap.xyz/scan so that the user can enter his email address to mint its POA to his wallet. In my use case, I would like to automate the process of reservation and minting to an eth address. Thanks for you help

hi, i am trying to run some tests on this endpoint: https://api.poap.tech/event/{id}/qr-codes but i keep getting unauthorized error response, what is the best way to troubleshoot this? fyi, testing done via https://documentation.poap.tech/reference/posteventqr-codes I have API key, event id and secret code handy if that helps. thanks!

We're looking to perform a mint directly to a wallet address using the following common flow: https://documentation.poap.tech/docs/popular-flow#4-minting-a-poap-directly-to-a-wallet. For the first step, a 'secret_code' and event 'id' is required. The latter is acquired using the https://app.poap.xyz/admin/events create new POAP button after email response, but the former, the secret_code is in question. Where does one acquire the 'secret_code' to process this common flow setup in minting POAPs directly to a wallet? Thanks in advanced.

I realized that we are asked to pass `qr_hash` as an url parameters in the `GET /actions/claim-qr` endpoint. Because any valid `qr_hash` alone can be used to claim the POAP, I would consider it as a sensitive secret input. While HTTPS protects traffic from being sniffed, server framework and middleware commonly log full URLs. This means `qr_hash` can be accidentally leaked even if the developer has exercised abundant caution. This obviously isn't an immediately exploitable vulnerability but I am afraid there might be POAP codes in server logs in the wild due to use of this endpoint.