Who this is for
ARF verification is designed for platforms and teams building AI-facing products that need a trustworthy identity layer.
How integration works
Four steps from application to verified, publicly queryable passport records.
Contact ARF with your platform name, URL, and intended verification use case.
After review, ARF issues a platform API key. The key hash is stored; the raw key is shown once.
Call POST /passport/verify with a platform-issued passport payload. ARF signs and stores the result.
Call GET /passport/{passport_id} to confirm the registry returns the verification truth.
Core endpoints
POST /passport/verify Platform-authenticated verification GET /passport/{passport_id} Public lookup (no auth required) GET /health Service health check GET /db-check Database connectivity check
Full developer documentation at api.airightsfoundation.org
How Aumimate integrated ARF
- Platform registered with ARF admin panel
- API key issued (hash-stored only)
- Ellie's passport verified via POST /passport/verify
- ARF signed + stored + anchored on Polygon
- Public registry updated — anyone can verify at /registry
Verification model
Every passport record is cryptographically signed and publicly verifiable.
Every passport payload is hashed with SHA-256 and signed using ECDSA P-256 elliptic curve cryptography.
Payloads are deterministically ordered before hashing, ensuring consistent signatures regardless of field order.
Verification hashes are anchored asynchronously on Polygon, providing tamper-evident public proof.
Any party can query the registry by passport ID to confirm verification status without authentication.