Docs/API Reference

API Reference

Public REST API for CertifiedData. All verification endpoints require no authentication. Base URL: https://certifieddata.io

OpenAPI 3.1 spec →

No authentication required

All verification, certificate retrieval, and registry endpoints are public. No API key, token, or account is needed to verify certificates or retrieve public artifacts.

GET/api/certificates/{certId}Certificates

Retrieve certificate

Returns the full certificate record in certifieddata.cert.v1 format, including metadata, artifact hash, and Ed25519 signature.

GET/api/certificates/{certId}/signed-payloadCertificates

Download signed payload

Returns the exact canonical JSON that was signed. Use this to independently verify the Ed25519 signature using any standard cryptography library.

GET/api/certificates/{certId}/downloadCertificates

Download manifest (attachment)

Returns the signed manifest as a file attachment with Content-Type: application/certifieddata.manifest+json.

POST/api/verifyVerification

Verify certificate

Verifies a certificate by ID. Optionally accepts artifact_hash to confirm file integrity.

POST/api/verify/hashVerification

Verify by hash

Fast hash-only verification. Returns hash_matched, signature_valid, schema_version, and is_deprecated fields.

GET/.well-known/signing-keys.jsonTrust Infrastructure

Active signing keys

Returns all active Ed25519 public keys. Use key_id from a certificate to look up the correct key for signature verification.

GET/v1/registryRegistry

Public artifact registry

Returns registered AI artifacts. Filter by status=certified, artifact_type, or industry.

Verification workflow example

# 1. Retrieve the certificate
curl https://certifieddata.io/api/certificates/{certId}

# 2. Verify by certificate ID (+ optional artifact hash)
curl -X POST https://certifieddata.io/api/verify \
  -H "Content-Type: application/json" \
  -d '{"certificate_id": "{certId}", "artifact_hash": "sha256:a3f8b2c1..."}'

# 3. Verify by hash only (fast path)
curl -X POST https://certifieddata.io/api/verify/hash \
  -H "Content-Type: application/json" \
  -d '{"cert_id": "{certId}", "sha256": "a3f8b2c1..."}'

# 4. Fetch the exact signed payload for independent Ed25519 verification
curl https://certifieddata.io/api/certificates/{certId}/signed-payload

# 5. Fetch active public key for signature verification
curl https://certifieddata.io/.well-known/signing-keys.json

Schema versioning

Version	Status	Notes
certifieddata.cert.v1	active — canonical schema	All new certificates issued under this schema
cert.v2	deprecated	Internal version label; certificates remain verifiable; is_deprecated: true returned by /api/verify/hash
certifieddata.registry.v1	removed	Was a copy-paste error in documentation; was never issued

All verification endpoints accept all schema versions. Deprecated schemas are still verified but is_deprecated: true is returned in the response.

OpenAPI 3.1 JSON →Verification spec →Certificate schema reference →