Plug into your stack. We meet you where you are.
60+ native integrations across ERP, PIM, PLM, CRM, data warehouses, and compliance tooling — plus a typed REST and GraphQL API for everything else.
Three connectors that put a DPP in production in a week.
The most-deployed data flows for teams launching their first wave of ESPR passports.
Sync product master data and supplier hierarchies in real time.
- Bidirectional sync of materials and SKU variants with SAP S/4HANA
- Ingest supplier hierarchies and production batches from MM and PP
- Audit webhooks on passport create, update, and retire events
Pull released records, financial data, and compliance documents from Dynamics 365.
- Released-product and variant mapping from Dynamics 365 Supply Chain
- Connect to Dataverse and Power Platform via OAuth 2 and Entra ID
- Audit logs land natively in Microsoft Purview
Consolidate passport telemetry and compliance analytics in your warehouse.
- Near-real-time replication into Snowflake via Snowpipe Streaming
- Secure Data Sharing for downstream auditor access
- Pre-built dbt models for ESPR, DPP, and ESG reporting
Every connector we ship.
Grouped the way you think.
Eight categories, 50+ native integrations maintained by our team. Missing one? Our REST and GraphQL API covers the rest.
Connect to your financial and operational backbone.
Pull product attributes and bill of materials at the source.
Replicate passport telemetry into your warehouse.
Share compliance evidence with customers and channels.
Collect supplier data through the networks you already use.
Align passports with your existing ESG reporting machinery.
Bring passport approvals into the tools your teams already use.
SSO, MFA, and provisioning driven by your IdP.
REST. GraphQL. Webhooks.
Built in from day one.
Every passport, audit, and supplier feature sits behind the same typed APIs our own product uses. OAuth 2, mTLS, SAML SSO, API keys. Full sandbox, official SDKs for TypeScript, Python, and Java, plus native webhooks with event replay and signed payloads.
Read the API docs →REST API
Typed endpoints, fully OpenAPI 3.1 conformant, cursor pagination, idempotency on every write.
GraphQL API
One endpoint, one query. Built-in persisted queries and cost-complexity analysis.
Webhooks
HMAC-signed payloads, automatic retries, dashboard replay, and a dead-letter queue.
Native SDKs
Official libraries for TypeScript, Python, and Java with full type coverage and autocompletion.
The questions platform
teams ask us most.
What we don't cover natively, the API covers. What the API doesn't cover, we build alongside your team during onboarding.
Book a technical briefing →Do you support custom integrations on our internal systems?+
Yes. Every one of our native connectors is a thin layer on top of the same public REST and GraphQL APIs our customers use. Teams ship custom integrations against internal systems (homegrown ERPs, bespoke PLMs, data buses) in a single sprint. Enterprise plans include engineering support for the first two rollouts.
What authentication methods are supported?+
OAuth 2.0 (authorization code, client credentials, PKCE), mTLS for server-to-server integrations, long-lived API keys with scopes, and SAML 2.0 and OIDC SSO for user sign-in. Enterprise plans add SCIM 2.0 for automated provisioning from Okta, Entra ID, and OneLogin.
Is there a sandbox environment for testing?+
Every account gets an isolated sandbox tenant — identical to production for schema, integrations, and the public viewer, but fully separated from regulator indexes. The sandbox is included from Pilot upward and supports webhooks, API keys, and full passport editing.
Can we embed the public passport widget on our own site?+
Yes. We ship an embeddable JavaScript widget and a native Web Component. Both inherit your brand tokens, are fully WCAG 2.1 AA compliant, and render offline-first for low-connectivity regions. Every passport also retains a persistently resolvable public page on your own custom domain.
What is the API rate limit and how is it scoped?+
600 requests per minute per API key on Operator, 6,000 requests per minute per tenant on Enterprise. Limits reset on rolling per-second windows rather than rigid buckets, so bursts are tolerated. We return RFC-compliant RateLimit-* headers so your SDK client can throttle adaptively.
How do you handle data residency across cross-region integrations?+
You pick a residency region (EU-Frankfurt, EU-Zurich, US-Virginia, APAC-Singapore) at the tenant level. Webhooks, warehouse replication, and supplier syncs all honor the source tenant's region; cross-region traffic only moves through signed mTLS tunnels with an audit journal forwarded to your SIEM.