Appearance

Fake Bayeux Tapestry - Test Transport Dataset

Test Transport - Not for Production

This is a TEST TRANSPORT using a fake Bayeux Tapestry for validating the S-MA-C-H platform (v0.x) before the real v1.0.0 release in May/June 2026.

Purpose:

  • Validate core functionalities of back, front, and StaRT mobile apps
  • Test limited external user (courier) access
  • Demonstrate transport workflow from Bayeux to London and back

Real Transport: Scheduled for May/June 2026 with v1.0.0 release, full role management, and production data.

For Mobile Developers

This page is optimized for StaRT mobile app development. Jump to Quick Start for authentication and testing workflows.

Overview

This test transport simulates a real-world scenario: the loan of a fake Bayeux Tapestry replica to the British Museum for system validation. This demo includes a complete round-trip transport from Bayeux, France to London, UK and back.

Test Transport Period: January 8-18, 2026

  • First Leg: Bayeux → London (Jan 8, 2026 at 10:00 UTC)
  • Second Leg: London → Bayeux (Jan 16, 2026 at 14:00 UTC)
  • Duration: 32 hours per leg
  • Artifact: Fake Bayeux Tapestry (replica for testing)

Validation Focus:

  • ✅ Transport creation and management (Web UI)
  • ✅ Operator workflows (StaRT mobile app)
  • ✅ Courier read-only access (StaRT mobile app)
  • ✅ IoT datalogger integration (Bluetooth connectivity)
  • ✅ Multi-organization access control
  • ✅ Real-time sensor monitoring

Quick Start for Mobile Developers

API Configuration

Configure StaRT mobile app with these endpoints:

typescript
const config = {
  apiBaseUrl: 'https://api.smach.science',
  keycloakUrl: 'https://id.smach.science/realms/smach',
  keycloakClient: 'front-prod'
}

Authentication Flow

Step 1: Get JWT Token

bash
curl -X POST "https://id.smach.science/realms/smach/protocol/openid-connect/token" \
  -d "client_id=front-prod" \
  -d "username=admin@bayeuxmuseum.test" \
  -d "password=PASSWORD" \
  -d "grant_type=password"

Step 2: Use Token in API Requests

bash
curl -X GET "https://api.smach.science/transports" \
  -H "Authorization: Bearer $TOKEN" \
  -H "X-Organization: bayeux"

Mobile App Testing (StaRT)

Test Scenarios for Jay

Scenario 1: Administrator Transport Execution

User: admin@bayeuxmuseum.test (Administrator role)

  1. Login to StaRT app with administrator credentials
  2. View active transports (filter: past=false)
  3. Select "Fake Bayeux Tapestry - Test Transport" transport
  4. View transport details:
    • Artwork: Fake Tapisserie de Bayeux (replica for testing, 68.58m × 0.50m, 350 kg)
    • Crate: CRT001 (BAYEUX CRATE)
    • Dataloggers: 3 units (DLG001, DLG002, DLG003)
  5. Execute Pre-Departure:
    • Complete checklist tasks
    • Connect to dataloggers via Bluetooth
    • Push configuration to dataloggers
    • Take installation photos
    • Press "Ready to Start" → Creates destination with status Pending
  6. Start Journey:
    • Press START → Updates destination to InTransit
    • Captures GPS location and timestamp
  7. Monitor During Journey:
    • View real-time sensor data
    • Receive alerts if thresholds exceeded
  8. Complete Journey:
    • Press STOP → Destination status Arrived
    • Take photos after STOP

Expected Behavior: Full transport execution capabilities, can start/stop destinations

Scenario 2: Super Admin Multi-Organization Access

User: super.admin@smach.science (Super Admin role)

  1. Login to StaRT app
  2. Organization Selection: Choose bayeux from organization list
  3. View active transports for Bayeux
  4. Execute transport workflow (same as Administrator)
  5. Switch Organization: Change to smach
  6. Verify data isolation between organizations

Expected Behavior: Can access any organization, same transport permissions as Administrator

Scenario 3: Bluetooth IoT Connection

User: admin@bayeuxmuseum.test or super.admin@smach.science

  1. Open active transport in StaRT
  2. Navigate to IoT devices screen
  3. Scan for dataloggers:
    • DLG001 (top right position: 3.23, 2.12)
    • DLG002 (center position: 0.0, 0.0)
    • DLG003 (bottom left position: -3.23, -2.12)
  4. Connect to each datalogger via Bluetooth
  5. Read sensor data:
    • Accelerometer (vibration)
    • Hygrometer (humidity %)
    • Thermometer (temperature °C)
  6. Push configuration to dataloggers
  7. Sync alerts to backend API during journey

Expected Behavior: Successful Bluetooth pairing, real-time data streaming

Test Users & Authentication

All users authenticate via Keycloak OAuth2 JWT at: https://id.smach.science/realms/smach

Available Test Users

UsernameRoleOrganizationsMobile Use Case
super.admin@smach.sciencesuper-adminsmachPlatform admin - StaRT execution (most likely)
admin@bayeuxmuseum.testadministratorbayeuxMuseum admin - plans transports (web UI)
viewer@bayeuxmuseum.testviewerbayeuxView-only access (web only)

Passwords

Contact the S-MA-C-H admin team for test user passwords.

Primary Mobile Users

For StaRT mobile testing, focus on:

  • super.admin@smach.science - Full transport execution capabilities (S-MA-C-H experts)
  • admin@bayeuxmuseum.test - Full transport execution capabilities (museum staff)

User Capabilities by Role

Super Admin (super.admin@smach.science) - PRIMARY StaRT USER

Organizations: All (via X-Organization header)

Permissions:

  • ✅ View all transports across all organizations
  • ✅ Create and execute transports using StaRT mobile app
  • ✅ Update transport status (DraftReadyPendingInTransitReady)
  • ✅ Complete destination tasks
  • ✅ Connect to IoT dataloggers via Bluetooth
  • ✅ Record sensor measurements
  • ✅ Start/stop destinations (creates/completes destinations)
  • ✅ Manage organizations and users

Mobile Workflow:

  1. Select organization to work with
  2. View transports for that organization
  3. Use StaRT to execute transport workflow
  4. Start destination when carrier takes charge
  5. Monitor IoT sensors during transit
  6. Stop destination upon arrival
  7. Perform expert analysis

API Example:

bash
# Get transports for Bayeux organization
curl -X GET "https://api.smach.science/transports?past=false" \
  -H "Authorization: Bearer $TOKEN" \
  -H "X-Organization: bayeux"

# Start destination
curl -X POST "https://api.smach.science/transports/{id}/events" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"type": "start", "date": "2026-01-08T14:00:00Z", "location": {...}}'

Administrator (admin@bayeuxmuseum.test) - StaRT USER

Organizations: bayeux

Permissions:

  • ✅ View own organization's transports
  • ✅ Create and execute transports using StaRT mobile app (same as Super Admin)
  • ✅ Update transport status
  • ✅ Complete destination tasks
  • ✅ Connect to IoT dataloggers via Bluetooth
  • ✅ Start/stop destinations
  • ✅ Manage inventory
  • ❌ Cannot access other organizations

Mobile Workflow:

  1. Use StaRT to execute transport workflow for own organization
  2. Start destination when carrier takes charge
  3. Monitor IoT sensors during transit
  4. Stop destination upon arrival
  5. Perform analysis (own organization only)

API Example:

bash
# Get own organization's transports (X-Organization auto-detected from JWT)
curl -X GET "https://api.smach.science/transports?past=false" \
  -H "Authorization: Bearer $TOKEN"

Viewer (viewer@bayeuxmuseum.test) - WEB ONLY (NO MOBILE)

Organizations: bayeux

Permissions:

  • ✅ View own organization's transports (read-only)
  • ✅ View transport details, destinations, alerts (read-only)
  • ✅ View IoT sensor data (read-only)
  • ❌ Cannot use StaRT mobile app
  • ❌ Cannot modify anything
  • ❌ No inventory access

Web Workflow:

  1. View transport list for own organization
  2. Monitor transport progress
  3. View alerts and notifications
  4. No data entry or modifications

API Example:

bash
# View transports (read-only)
curl -X GET "https://api.smach.science/transports" \
  -H "Authorization: Bearer $TOKEN"

# View transport details (read-only)
curl -X GET "https://api.smach.science/transports/{id}" \
  -H "Authorization: Bearer $TOKEN"

API Endpoints for Mobile App

Core Transport Endpoints

EndpointMethodDescriptionRequired HeaderMobile Priority
/transports?past=falseGETList active transportsX-Organization⭐⭐⭐
/transports/{id}GETGet transport detailsAuto from context⭐⭐⭐
/transports/{id}/destinationsGETGet transport destinationsAuto from context⭐⭐⭐
/transports/{id}/tasks/{taskId}PATCHUpdate task completionAuto from context⭐⭐⭐
/transports/{id}PATCHUpdate transport stateAuto from context⭐⭐
/collectionsGETList collectionsX-Organization
/collections/{ref}/artworks/{ref}GETGet artwork detailsX-Organization⭐⭐
/loggersGETList dataloggersX-Organization⭐⭐⭐
/sensorsGETList sensorsX-Organization⭐⭐⭐
/cratesGETList cratesX-Organization⭐⭐

Organization Header

For multi-org users (like super.admin@smach.science), always include:

bash
-H "X-Organization: bayeux"

Transport State Transitions

Destination State Transitions

Transport Dataset Details

Transport: "Fake Bayeux Tapestry - Test Transport"

Basic Information:

  • Name: Fake Bayeux Tapestry - Test Transport
  • Type: Test/Demo Transport (v0.x validation)
  • Artwork: TAPISSERIE (from collection B3)
  • Organization: bayeux
  • State: active
  • Crate: CRT001 (BAYEUX CRATE - Secured Container)
  • Duration: January 8-18, 2026 (10 days total)

Permissions:

  • Editors: admin@bayeuxmuseum.test
  • Operators: admin@bayeuxmuseum.test
  • Viewers: viewer@bayeuxmuseum.test

Destination 1: Bayeux → London (Way In)

json
{
  "type": "wayIn",
  "date": "2026-01-08T10:00:00Z",
  "origin": {
    "address": "13B Rue de Nesmond, 14400 Bayeux, France",
    "coordinates": [49.274411, -0.7005935]
  },
  "destination": {
    "address": "Great Russell St, London WC1B 3DG, UK",
    "coordinates": [51.5194133, -0.1269566]
  },
  "weight": 1560,
  "estimatedDuration": 32,
  "courier": {
    "company": "Artport",
    "contact": "John Doe",
    "phone": "+33123456789"
  },
  "vehicle": "Camion blindé (Armored truck)"
}

Distance: ~450 km Expected Arrival: January 9, 2026 at 18:00 UTC (32 hours later)

Destination 2: London → Bayeux (Way Back)

json
{
  "type": "wayBack",
  "date": "2026-01-16T14:00:00Z",
  "origin": {
    "address": "Great Russell St, London WC1B 3DG, UK",
    "coordinates": [51.5194133, -0.1269566]
  },
  "destination": {
    "address": "13B Rue de Nesmond, 14400 Bayeux, France",
    "coordinates": [49.274411, -0.7005935]
  },
  "weight": 1560,
  "estimatedDuration": 32,
  "courier": {
    "company": "Transpart",
    "contact": "Jane Doe",
    "phone": "+33123456789"
  },
  "vehicle": "Camion blindé (Armored truck)"
}

Expected Arrival: January 18, 2026 at 22:00 UTC (transport end)

IoT Equipment

Dataloggers (3 units)

IDSensorPositionCoordinates (x, y)Bluetooth IDMeasurements
DLG001SEN0265Top Right(3.23, 2.12)BLE_DLG001Accelerometer, Hygrometry, Thermometer
DLG002SEN0385Center(0.0, 0.0)BLE_DLG002Accelerometer, Hygrometry, Thermometer
DLG003SEN0405Bottom Left(-3.23, -2.12)BLE_DLG003Accelerometer, Hygrometry, Thermometer

Sensor Capabilities:

  • Accelerometer: Vibration detection (G-force)
  • Hygrometer: Relative humidity (%)
  • Thermometer: Temperature (°C)

Bluetooth Connection

Dataloggers use BLE (Bluetooth Low Energy) for connectivity. Ensure StaRT app has Bluetooth permissions enabled.

Crate: CRT001 (BAYEUX CRATE)

json
{
  "identity": "CRT001",
  "name": "BAYEUX CRATE",
  "type": "Isotherme (Insulated)",
  "materials": ["Acier (Steel)", "Inox (Stainless steel)"],
  "thermalRating": 4,
  "vibrationProtection": {
    "method": "Amortissement par mousse (Foam dampening)",
    "rating": 3
  },
  "dimensions": {
    "length": 1.00,
    "width": 1.50,
    "height": 0.80,
    "unit": "meters"
  },
  "weight": 150,
  "weightUnit": "kg"
}

Artwork: Fake Tapisserie de Bayeux (Replica)

json
{
  "reference": "TAPISSERIE",
  "collection": "B3",
  "name": "Fake Tapisserie de Bayeux (Replica)",
  "description": "Test replica for S-MA-C-H platform validation",
  "artist": "Test Artifact",
  "creationPeriod": "2025 (Replica)",
  "location": "13B Rue de Nesmond, 14400 Bayeux, France",
  "dimensions": {
    "length": 68.58,
    "width": 0.50,
    "height": 0.02,
    "unit": "meters"
  },
  "weight": 350,
  "weightUnit": "kg",
  "isTestArtifact": true
}

Test Artifact

This is a fake replica of the Bayeux Tapestry created for testing purposes only. The real Bayeux Tapestry is an 11th-century embroidered cloth depicting the Norman Conquest of England and remains at the Bayeux Museum. This replica is used to validate the S-MA-C-H transport monitoring system before the v1.0.0 production release.

Organizations

OrganizationAliasDescription
S-MA-C-HsmachPlatform administrator organization
Bayeux MuseumbayeuxMuseum owning the Bayeux Tapestry

Dataset Entities

Collection

  • Reference: B3
  • Organization: bayeux
  • Name: BAYEUX MUSEUM
  • Description: Bayeux Museum collection including the famous tapestry

API Testing Workflows (Backend/Web Developers)

Workflow 1: Administrator Creates Transport

  1. Login as administrator
bash
# Get JWT token from Keycloak
TOKEN=$(curl -X POST "https://id.smach.science/realms/smach/protocol/openid-connect/token" \
  -d "client_id=front-prod" \
  -d "username=admin@bayeuxmuseum.test" \
  -d "password=PASSWORD" \
  -d "grant_type=password" | jq -r '.access_token')
  1. List collections
bash
curl -X GET "https://api.smach.science/collections" \
  -H "Authorization: Bearer $TOKEN"
  1. View artwork details
bash
curl -X GET "https://api.smach.science/collections/B3/artworks/TAPISSERIE" \
  -H "Authorization: Bearer $TOKEN"
  1. Create new transport
bash
curl -X POST "https://api.smach.science/transports" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d @new-transport.json

Workflow 2: Administrator Executes Transport (StaRT Mobile)

  1. Login as administrator
bash
TOKEN=$(curl -X POST "https://id.smach.science/realms/smach/protocol/openid-connect/token" \
  -d "client_id=front-prod" \
  -d "username=admin@bayeuxmuseum.test" \
  -d "password=PASSWORD" \
  -d "grant_type=password" | jq -r '.access_token')
  1. Get assigned transports
bash
curl -X GET "https://api.smach.science/transports?past=false" \
  -H "Authorization: Bearer $TOKEN"
  1. Send "Ready to Start" event (creates destination)
bash
curl -X POST "https://api.smach.science/transports/{id}/events" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"type": "setup", "date": "2026-01-08T10:00:00Z", "location": {...}}'
  1. Send START event (carrier takes charge)
bash
curl -X POST "https://api.smach.science/transports/{id}/events" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"type": "start", "date": "2026-01-08T14:00:00Z", "location": {...}}'
  1. Send STOP event (arrival)
bash
curl -X POST "https://api.smach.science/transports/{id}/events" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"type": "stop", "date": "2026-01-09T18:00:00Z", "location": {...}}'

Workflow 3: Viewer Views Transport (Read-Only)

  1. Login as viewer
bash
TOKEN=$(curl -X POST "https://id.smach.science/realms/smach/protocol/openid-connect/token" \
  -d "client_id=front-prod" \
  -d "username=viewer@bayeuxmuseum.test" \
  -d "password=PASSWORD" \
  -d "grant_type=password" | jq -r '.access_token')
  1. View assigned transports (read-only)
bash
curl -X GET "https://api.smach.science/transports" \
  -H "Authorization: Bearer $TOKEN"
  1. View transport details (read-only)
bash
curl -X GET "https://api.smach.science/transports/{id}" \
  -H "Authorization: Bearer $TOKEN"

Workflow 4: Super Admin Cross-Organization Access

  1. Login as super admin
bash
TOKEN=$(curl -X POST "https://id.smach.science/realms/smach/protocol/openid-connect/token" \
  -d "client_id=front-prod" \
  -d "username=super.admin@smach.science" \
  -d "password=PASSWORD" \
  -d "grant_type=password" | jq -r '.access_token')
  1. Access Bayeux data
bash
curl -X GET "https://api.smach.science/collections" \
  -H "Authorization: Bearer $TOKEN" \
  -H "X-Organization: bayeux"
  1. Access smach organization data
bash
curl -X GET "https://api.smach.science/transports" \
  -H "Authorization: Bearer $TOKEN" \
  -H "X-Organization: smach"

Swagger UI Testing

URL: https://api.smach.science/swagger-ui.html

  1. Click Authorize button
  2. Enter JWT token (from Keycloak login)
  3. Set X-Organization header as needed
  4. Try API endpoints interactively

Interactive API Exploration

Swagger UI is great for understanding API contracts and testing individual endpoints before implementing in StaRT.

Organization Header (X-Organization)

The X-Organization header determines which organization's data to access:

User TypeHeader Behavior
Super-adminMUST specify header to access specific organization
Multi-org userMUST specify which organization to work with
Single-org userOptional - auto-detected from JWT if not provided

Examples

Super admin accessing Bayeux:

bash
curl -H "X-Organization: bayeux" -H "Authorization: Bearer $TOKEN" \
  https://api.smach.science/collections

Operator accessing smach org:

bash
curl -H "X-Organization: smach" -H "Authorization: Bearer $TOKEN" \
  https://api.smach.science/transports

Administrator (auto-detected):

bash
# X-Organization automatically set to "bayeux" from JWT
curl -H "Authorization: Bearer $TOKEN" \
  https://api.smach.science/collections

Troubleshooting

Issue: 401 Unauthorized

  • Check JWT token is valid and not expired
  • Verify token includes correct organization claims
  • Ensure Keycloak realm and client are correct

Solution:

bash
# Refresh token
TOKEN=$(curl -X POST "https://id.smach.science/realms/smach/protocol/openid-connect/token" \
  -d "client_id=front-prod" \
  -d "username=YOUR_USER" \
  -d "password=YOUR_PASS" \
  -d "grant_type=password" | jq -r '.access_token')

Issue: 403 Forbidden

  • User doesn't have permission for the operation
  • Check user role (super-admin, administrator, viewer)
  • Verify organization access in user profile

Example: Viewer cannot update transport status (read-only role)

Issue: 404 Not Found (Organization Context)

  • X-Organization header specifies wrong organization alias
  • User doesn't have access to the specified organization
  • Data doesn't exist in that organization

Solution: Verify organization with:

bash
# Check user's organizations
curl -X GET "https://api.smach.science/users/me" \
  -H "Authorization: Bearer $TOKEN"

Issue: Empty Response

  • Organization filter is active but no data exists
  • Try accessing as super-admin with different X-Organization values
  • Check if test data has been initialized

Issue: Bluetooth Connection Fails (StaRT Mobile)

  • Ensure Bluetooth is enabled on device
  • Check app has Bluetooth permissions granted
  • Verify datalogger is powered on and in range
  • Try scanning again or restarting Bluetooth

Issue: Organization Switcher Not Working (StaRT Mobile)

  • Verify user has multi-org access (e.g., super.admin@smach.science)
  • Check JWT token includes all organization claims
  • Ensure X-Organization header is being sent with each request

Science & Mechanics in Conservation of Heritage

Copyright © 2025 S-MA-C-H