Redemption rules
Each template carries one redemption rule — the template-wide policy for when and how many times a pass can be scanned. Configure it in the template editor.When can the pass be scanned?
- Always valid — no time restriction.
- During date windows — one or more windows with open, fixed, issue-relative, or variable-driven bounds. Each window can cap its own redemptions, and a multiple-choice variable can select which windows apply per pass (e.g. which festival days a ticket covers).
- After first scan — activation flow: the pass becomes valid for N hours after its first scan (day tickets, time-boxed vouchers).
How often can it be scanned?
- Recurring limit — e.g. once per day, in a timezone you pick.
- Cooldown — a minimum number of minutes between scans.
- Lifetime total — a maximum number of scans over the pass’s life (punch cards).
Validity windows are projected into the wallet’s native fields (Apple
relevantDates /
expirationDate, Google validTimeInterval) so passes surface and expire correctly on the
device — but enforcement is always server-side at scan time, on the server clock.Scan outcomes
Every scan gets a result —accepted, duplicate, unknown, ambiguous, denied, or reversal — plus a machine-readable reasonCode explaining it (e.g. already_scanned, out_of_window, expired, revoked, quota_exhausted). Ambiguous scans return candidate passes for the operator to confirm.
Accepted scans can be reversed within a grace window — a reversal frees the redemption slot (useful for accidental scans at the gate).
The Scanner app
The Scanner app page in the sidebar manages the mobile devices that scan passes:Connect a device
Show the setup QR to the device running the Passlet Scanner app. The device enrolls
against your workspace and appears in the Connected devices table.
Operate
The device scans wallet barcodes and gets an instant accept/deny verdict with the reason.
Devices report name, platform, and last-seen time.
scans:write) — they never sign in to the admin console and can’t see anything beyond scanning.
Bring your own scanner
Everything the Scanner app does is available on the public API: record scans (single or bulk), list and filter scan history, stream scans in real time (SSE), reverse scans, and pull aggregated stats. See the Scans endpoints and give your integration a token scoped toscans:write / scans:read.
Where scans show up
- Pass detail — per-pass scan history and activity timeline.
- Projects — per-project scan panels and stats.
- API —
GET /v1/scans,GET /v1/scans/stats, andGET /v1/scans/stream.