Using Automation Tiles with Your Own App
  • 12 Apr 2022
  • 2 Minutes to read

Using Automation Tiles with Your Own App

Article Summary

All automation tiles have a URL encoded in them. When a phone reads the NFC chip or the QR code, the encoded URL is launched. You can register your own app to handle that URL so the phone launches your app instead of just browsing the URL.

For more information, check out this article on how to set that up in Android and iOS.

We already handle the generation of the apple-app-site-association and assetlinks.json files for the tiles domain.

You can define your team / bundle IDs for iOS and Android through Settings > Companion apps > Passport.


If the user doesn't have your app installed or you haven't registered for universal/deep links, the default browser will be launched and the user will be sent to the tile URL. This URL requires the user to log in their customer account.

The URL encoded in the tile always includes the unique ID of the tile. You need that ID to make a request to the Nexudus API and trigger the action for the tile.

The tile URL typically looks like this:

0A2FCD29-BD20-49ED-B107-B71B42DF53BA is the unique key ID in this case.

You can find this URL in the record of each tile you've created in Nexudus under the Execute tile URL field.

Once you have obtained your tiles ID, you can use it to make a request to execute the action of the tile. You do this by calling the following API endpoint.

You need a bearer token for the user that is executing the tile. You do this by calling:

username:[email protected]
POST http://yourspace_nexudus_domain/api/tiles/execute/0A2FCD29-BD20-49ED-B107-B71B42DF53BA
Authorization Bearer 9qxHKEp3n_DMS-....

You'll get a response similar to the one below:

  "tileName": "Unlock Front Door",
  "result": {
    "Status": 200,
    "Message": "OK",
    "WasSuccessful": true

If the tile is geofenced, you need to provide three additional parameters: latitude and longitude with the location of the customer and signature that ensures the requests was issued by your app.

The signature is calculated by computing the SHA256 hash of the following string:


The request would look similar to the one below in this scenario:

POST https://yourspace_nexudus_domain/api/tiles/execute/0A2FCD29-BD20-49ED-B107-B71B42DF53BA
Authorization Bearer 9qxHKEp3n_DMS-....

You can configure the shared secret for each of your locations via Settings > Companion apps> Passport.

Make sure you keep this secret protected. If you use React Native to develop your own app, check out this article on React Native security to secure your app.

Was this article helpful?