Resolver and Passport Rendering

When a consumer scans a QR code on a product, two URLs are involved in the experience:

The scan URL — a GS1-compatible resolver path encoded in the QR code
The passport page — the rendered Digital Product Passport the consumer sees

This page explains how these two URLs relate and why this architecture is used.

The Scan URL

The URL encoded in a QR code, NFC tag, or RFID payload follows the GS1 Digital Link standard:

https://brand.tieback.io/01/09506000123456
https://passport.brand.com/01/09506000123456/21/ABC123

This URL identifies the product using internationally recognised identifiers:

/01/<GTIN> — Global Trade Item Number
/10/<lot> — Batch or lot number (optional)
/21/<serial> — Serial number (optional)

The scan URL is the standards-compatible entry point. It ensures interoperability with GS1 systems and regulatory frameworks such as the EU Digital Product Passport.

What Happens on Scan

When the scan URL is accessed:

The resolver validates the identifier against the brand’s product catalogue
The resolver determines the correct passport destination
The consumer is redirected (HTTP 302) to the passport page

This redirect is transparent — the consumer sees the passport page load directly.

The Passport Page

The rendered passport page uses a canonical application path:

https://brand.tieback.io/p/<passport-id>
https://passport.brand.com/p/<passport-id>

This is the page where the consumer views the full Digital Product Passport, including product details, sustainability data, and provenance information.

The passport page URL is the rendering destination, not the identifier. The QR code always encodes the GS1-compatible resolver path, not the passport page path.

Why Two URLs?

Benefit	Detail
Standards compatibility	The scan URL follows GS1 Digital Link conventions for interoperability
Clean presentation	The passport page is optimised for consumer viewing
Stable delivery	The passport page URL remains stable even if identifiers change
Flexibility	The resolver can route to different passport experiences without changing printed QR codes

Domain Support

tieback supports both platform subdomains and custom hostnames for the full scan-to-passport flow:

Platform Subdomains

Every brand receives a subdomain automatically:

https://brand.tieback.io/01/09506000123456
→ redirects to https://brand.tieback.io/p/<passport-id>

Custom Hostnames

Brands can configure a custom hostname for a branded experience:

https://passport.brand.com/01/09506000123456
→ redirects to https://passport.brand.com/p/<passport-id>

Custom hostnames require a DNS CNAME to the brand’s platform subdomain. See the DNS Setup Guide for instructions.

FAQ

Why does the QR code not link directly to the passport page?

The QR code encodes a GS1-compatible resolver URL that follows international identification standards. The resolver validates the identifier and redirects to the passport page. This ensures the QR code remains standards-compliant while the passport page can be optimised for presentation.

Is this still GS1-compatible?

Yes. GS1 Digital Link compatibility is defined by the scan URL — the URL encoded in the QR code. That URL follows the GS1 Digital Link URI standard. The destination page after redirect is outside the scope of the specification.

Can I use my own domain?

Yes. tieback supports custom hostnames such as passport.brand.com. Once the DNS CNAME is configured and the hostname is verified, the custom domain serves the full resolver and passport flow.

What if my custom domain is not active yet?

The platform subdomain (brand.tieback.io) remains available at all times. You can use it while your custom hostname is being verified.

Does the redirect slow down the experience?

No. The redirect is a single HTTP 302 response, typically completed in under 100ms. The passport page loads immediately after.