Platform Architecture

15 Modules.
Pick What You Need.

tap2.cloud is built as a composable module library. Every module ships as open-source code you can self-host, extend, or purchase as a managed service. No monolith, no lock-in.

View on GitHub Request Demo

Module availability by deployment tier

Core

Open-source, self-hosted

Extended

Managed cloud add-on

Enterprise

Private cloud / on-premise

Data Foundation

The backbone modules every DPP implementation requires.

DPP Core

Core

Create, store, and retrieve Digital Product Passports conforming to ESPR and battery regulation data models. REST + GraphQL APIs included.

REST API GraphQL ESPR-ready

Data Model Registry

Core

Versioned attribute schemas for each regulated industry. Maps your product data fields to the correct regulatory taxonomy automatically.

Schema versioning Multi-industry

Identity & Access

Core

Role-based access control for suppliers, manufacturers, regulators, and consumers. Supports OAuth 2.0, OIDC, and API key authentication.

RBAC OAuth 2.0 OIDC

Audit Log

Core

Immutable record of every data write, update, and access event. Required for regulatory traceability and GDPR accountability obligations.

Immutable GDPR Exportable

Supply Chain

Connect upstream suppliers and downstream partners to a single data thread.

Supplier Data Intake

Core

Web portal and API for Tier-1 and Tier-2 suppliers to submit material declarations, certifications, and substance data in structured format.

Portal UI API intake Multi-tier

Bill of Materials Linker

Extended

Parse ERP exports (CSV, XML, STEP) and link component-level DPPs into parent product passports. Handles deep nesting and mass attribution.

ERP import CSV / XML Nested BoM

Certification Vault

Extended

Store, version, and auto-expire third-party certificates (REACH, RoHS, ISO, etc.). Sends renewal alerts before compliance gaps occur.

Auto-expiry REACH / RoHS Alerts

Cross-Actor Messaging

Enterprise

Encrypted, audited data-sharing between supply chain actors using selective disclosure. No third-party intermediary required.

Encrypted Selective disclosure P2P

Compliance & Verification

Turn regulatory requirements into automated checks and audit-ready reports.

Compliance Engine

Core

Rule-based validation against ESPR delegated acts, Battery Regulation Annex XIII, and SCIP database requirements. Flags gaps before submission.

ESPR rules Battery Regulation SCIP

Report Generator

Extended

One-click export of compliance evidence packages for notified bodies, customs, and market surveillance authorities. PDF and structured XML formats.

PDF export XML / JSON-LD Notified bodies

QR / NFC Issuer

Core

Generate persistent, regulation-compliant QR codes and NFC tag payloads pointing to live DPP endpoints. Batch generation for large catalogues.

QR code NFC Batch

Third-Party Verification

Enterprise

Integration layer for accredited conformity assessment bodies to digitally sign and timestamp DPP records. Cryptographic proof of third-party attestation.

Digital signature Timestamping CAB integration

Consumer & Stakeholder Access

Serve the right data slice to each audience — consumer, recycler, regulator.

Public Product View

Core

Embeddable, multilingual consumer-facing DPP page. Scannable from QR/NFC. Renders materials, certifications, repairability, and end-of-life info.

Multilingual Embeddable Mobile-first

Recycler API

Extended

Machine-readable endpoint exposing dismantling instructions, hazardous substance locations, and material recovery potential for circular economy operators.

Dismantling Material recovery Machine-readable

Regulator Dashboard

Enterprise

Read-only authority portal for market surveillance bodies to query DPP records by GTIN, batch, or economic operator. Full audit trail included.

Read-only GTIN search Audit trail

All 15 Modules at a Glance

Compare availability across deployment tiers

Module Core Extended Enterprise
DPP Core
Data Model Registry
Identity & Access
Audit Log
Compliance Engine
QR / NFC Issuer
Supplier Data Intake
Public Product View
Bill of Materials Linker
Certification Vault
Report Generator
Recycler API
Cross-Actor Messaging
Third-Party Verification
Regulator Dashboard

Start with Core. Expand anytime.

All Core modules are MIT-licensed and production-ready. Fork the repo, deploy in your infrastructure, and add Extended or Enterprise modules when your roadmap demands it.

View on GitHub See Pricing

No account needed to explore the Core modules. MIT license.