Enterprise API Authentication Solution | LegitApp | Your Trusted Partner in Luxury Authentication

1. Business Verification: Complete an initial token purchase of 500 USD or more and finish a quick verification process to gain access to our secure developer portal and documentation. 2. Integration: Use our API documentation to implement authentication requests within your platform using just a few lines of code. 3. Automated Results: Receive real-time authentication updates via automated webhook notifications.

Yes. Our Sandbox environment allows you to simulate the entire lifecycle of an authentication request. Within the Developer Portal, you can act as a “checker” to trigger specific outcomes, such as requesting extra photos or completing a result, allowing you to test your webhook handling thoroughly.

We provide dedicated, real-time technical support for our eligible API partners. To ensure a smooth integration and rapid troubleshooting, we typically establish a direct communication channel with your development team via WhatsApp, LINE, Lark, or Slack, depending on your preference.

Yes. You can programmatically retrieve these lists using our GET /category, /brand, and /model endpoints. You can also view the current supported list on our what-we-authenticate page.

No. Assigned IDs are stable and guaranteed not to change over time. However, we occasionally update the metadata associated with these IDs. To ensure your platform displays the most current information, we recommend against long-term caching of the data.

LegitApp follows an additive-only model for our public catalog. We regularly add new supported items but do not remove or deprecate existing categories or brands.

No. While the authentication set ID is generally fixed for specific combinations, it is subject to change as we refine our processes. Furthermore, metadata—such as turn_around_time_list or specific requirements—can change based on workload or internal updates. It is best practice to fetch the latest authentication_set before each new submission.

Yes. While the authentication_set lists standard requirements, our experts may occasionally request additional photo types if original images are blurred, damaged, or if specific details require a closer look.

Authentication statuses are strictly forward-moving. We track two primary states: Pending and Completed. An “Extra Photo Requested” status is considered a forward step toward completion. Once an authentication reaches the “Completed” state, it will never revert to a previous status.

Formats: PNG, JPG, and JPEG. Size: Maximum 10MB per image. Equipment: For highest accuracy and to reduce the likelihood of extra photo requests, we recommend using the LegitApp Authentication Microscope. While the microscope is optional for most items, it is highly recommended for specific brands and models that utilize micro-details, such as Chanel chip labels.

Image URLs remain valid indefinitely. You may upload your assets first and submit the final authentication request at a later time.

In standard operating conditions, webhooks are delivered in order. If a delivery fails and is retried, the system reuses the same Event ID, allowing you to deduplicate requests. We recommend treating the webhook payload as the most recent state snapshot.

Currently, we do not sign webhook requests. We recommend using IP allowlisting if you require additional security for your webhook endpoint.

There are currently no strict rate limits per developer key, allowing you to scale your integration as needed.

Batching (uploading multiple images or submitting multiple authentications in a single request) is on our product roadmap. Currently, assets and authentications must be submitted individually.