Additional properties personalise your passes. You define the fields that change for each holder, then use them anywhere on the pass as placeholders. When you create a pass, Passcreator asks for those values and fills the placeholders with the real data.
You do not have to show a property to the holder. You can also store data you need behind the scenes, for example a contact number from your CRM that you later search by.
Open your template, go to the Personalization section, and add a field. Give it a name and a type. The name becomes the placeholder you use elsewhere on the template.
Additional properties also drive email and SMS sendouts. Those fields hold the email address or phone number of each holder.
Create a property named Name and you reference it anywhere with {Name}. Passcreator swaps in the real value when the pass is created.
Two helper functions extend what placeholders can do.
Wrap a placeholder in {urlencode({yourPlaceholder})} to convert it into a form that is safe inside a URL.
For example, to put a first and last name into a link inside your QR code, use https://yourdomain.de/?name={urlencode({firstName} {lastName})}.
Wrap a placeholder in {sign({yourPlaceholder})} to create a signature of the value. You use this to protect data from tampering.
Signing proves that a value came from you and that nobody changed it on the way.
When Passcreator signs the data, it creates a hash of the value with a cryptographic hash function. Even a tiny change to the value produces a different hash. Passcreator then encrypts that hash with a private key, which gives you the signature. The pass carries both the data and the signature.
On your side you verify it. You decrypt the signature with the matching public key to recover the original hash. You can fetch the public key through the API. You then hash the received data yourself with the same function. If your hash matches the decrypted hash, the data is authentic and untouched. If the two hashes differ, someone changed the data.