# Truthlocks Documentation ## Docs - [Create API Key](https://docs.truthlocks.com/api-reference/api-keys/create.md): Creates a new API key. The secret is returned once and cannot be retrieved again. - [List API Keys](https://docs.truthlocks.com/api-reference/api-keys/list.md): Returns all API keys for the authenticated organization. Secrets are masked. - [Revoke API Key](https://docs.truthlocks.com/api-reference/api-keys/revoke.md): Permanently revokes an API key. This action cannot be undone. - [Upload asset](https://docs.truthlocks.com/api-reference/assets/upload.md): Upload a file to the Truthlocks asset store for use with issuers, evidence, and branding. - [Get Attestation](https://docs.truthlocks.com/api-reference/attestations/get.md): Returns details for a specific attestation. - [List Attestations](https://docs.truthlocks.com/api-reference/attestations/list.md): Returns attestations for the authenticated tenant with pagination. - [Mint Attestation](https://docs.truthlocks.com/api-reference/attestations/mint.md): Legacy alias for `POST /v1/attestations`. Kept for backward compatibility and rewritten by the gateway. - [Get Proof Bundle](https://docs.truthlocks.com/api-reference/attestations/proof-bundle.md): Returns a complete proof bundle for offline verification. Includes: - The attestation itself - Issuer information - Public key used for signing - Transparency log inclusion proof - Signed tree head - [Revoke Attestation](https://docs.truthlocks.com/api-reference/attestations/revoke.md): Revokes an attestation, marking it as invalid for future verification. This action is recorded in the transparency log and cannot be undone. - [Supersede Attestation](https://docs.truthlocks.com/api-reference/attestations/supersede.md): Creates a new attestation that supersedes an existing one. The original attestation is marked as SUPERSEDED. - [Export Audit Logs](https://docs.truthlocks.com/api-reference/audit/export.md): Creates an asynchronous audit event export job. - [Query Audit Events](https://docs.truthlocks.com/api-reference/audit/query.md): Returns audit events for the authenticated tenant. - [Get retention policy](https://docs.truthlocks.com/api-reference/audit/retention-get.md): Retrieve the current audit log retention policy for the authenticated tenant. - [Update retention policy](https://docs.truthlocks.com/api-reference/audit/retention-update.md): Update the audit log retention policy for the authenticated tenant. - [Create SIEM destination](https://docs.truthlocks.com/api-reference/audit/siem/create.md): Configure a new real-time audit log streaming destination. - [Delete SIEM destination](https://docs.truthlocks.com/api-reference/audit/siem/delete.md): Remove a SIEM streaming destination. In-flight events are flushed before deletion. - [List SIEM destinations](https://docs.truthlocks.com/api-reference/audit/siem/list.md): Retrieve all configured SIEM streaming destinations for the authenticated tenant. - [Update SIEM destination](https://docs.truthlocks.com/api-reference/audit/siem/update.md): Update the endpoint, credentials, or enabled state of an existing SIEM destination. - [Manage add-ons](https://docs.truthlocks.com/api-reference/billing/addons.md): Attach or detach add-ons to extend your plan with additional features and quotas. - [Cancel subscription](https://docs.truthlocks.com/api-reference/billing/cancel.md): Cancel the active subscription for the authenticated tenant at the end of the current billing period. - [Create checkout session](https://docs.truthlocks.com/api-reference/billing/checkout.md): Initiate a payment session to upgrade or change your plan. - [Get billing configuration](https://docs.truthlocks.com/api-reference/billing/config.md): Returns the effective payment provider and current plan for the authenticated tenant. - [Get entitlements](https://docs.truthlocks.com/api-reference/billing/entitlements.md): Returns the current plan, feature flags, and usage quotas for the authenticated tenant. - [Estimate plan cost](https://docs.truthlocks.com/api-reference/billing/estimate.md): Get a plan recommendation and estimated monthly cost based on your expected usage. - [List invoices](https://docs.truthlocks.com/api-reference/billing/invoices.md): Returns a list of invoices for the authenticated tenant, with optional accounting export. - [List plans](https://docs.truthlocks.com/api-reference/billing/plans.md): Returns the available plan tiers with pricing, features, and quotas. - [Create portal session](https://docs.truthlocks.com/api-reference/billing/portal.md): Generate a URL to redirect the user to their payment provider's self-service billing portal. - [Projected invoice](https://docs.truthlocks.com/api-reference/billing/projected-invoice.md): Calculate a projected invoice breakdown based on expected mint and verification volumes. - [Get rates](https://docs.truthlocks.com/api-reference/billing/rates.md): Returns the effective per-use rates for the authenticated tenant, including regional pricing adjustments. - [Get billing status](https://docs.truthlocks.com/api-reference/billing/status.md): Returns the current billing state, feature mode, and grace period for the authenticated tenant. - [Get subscription](https://docs.truthlocks.com/api-reference/billing/subscription.md): Returns the current subscription status and plan for the authenticated tenant. - [Get usage](https://docs.truthlocks.com/api-reference/billing/usage.md): Returns current billing cycle usage counters for the authenticated tenant. - [Create consumer API key](https://docs.truthlocks.com/api-reference/consumer/api-keys/create.md): Creates a new personal API key. The full secret is returned once and cannot be retrieved again. Consumers may hold up to 5 active keys. Keys expire after 90 days. - [List consumer API keys](https://docs.truthlocks.com/api-reference/consumer/api-keys/list.md): Returns all API keys for the authenticated consumer. Secrets are never returned in list responses. - [Revoke consumer API key](https://docs.truthlocks.com/api-reference/consumer/api-keys/revoke.md): Permanently revokes a consumer API key. All requests using this key will immediately return 401. - [Deliver to Consumer Inbox](https://docs.truthlocks.com/api-reference/consumer/deliver.md): Delivers an attestation to a consumer's inbox via email address. Requires API key (issuer-facing). - [Consumer Inbox](https://docs.truthlocks.com/api-reference/consumer/inbox.md): Returns pending credential deliveries for the authenticated consumer. - [Consumer Login](https://docs.truthlocks.com/api-reference/consumer/login.md): Authenticates a consumer and returns a session token. No API key required. - [Protect Content (Consumer Mint)](https://docs.truthlocks.com/api-reference/consumer/mint.md): Mint a cryptographic attestation for content you want to protect. Your personal issuer and signing key are resolved automatically. Hash the content client-side (SHA-256) and submit the hash with file metadata. - [Public Portfolio](https://docs.truthlocks.com/api-reference/consumer/portfolio.md): Returns the public portfolio for a consumer by username. No authentication required. - [Request account deletion](https://docs.truthlocks.com/api-reference/consumer/privacy/delete-account.md): Request permanent deletion of your account and all associated data. Deletion requests are processed within 30 days in compliance with data protection regulations. - [Request data export](https://docs.truthlocks.com/api-reference/consumer/privacy/export.md): Request a full export of all data associated with your account. Exports are delivered in JSON format and include your profile, protections, credentials, and activity history. - [List privacy jobs](https://docs.truthlocks.com/api-reference/consumer/privacy/jobs.md): List all privacy requests for the authenticated consumer. Returns export and deletion jobs sorted by creation date with real-time status updates. - [Consumer profile](https://docs.truthlocks.com/api-reference/consumer/profile.md): Retrieve and update your consumer account profile. - [Get Proof Page Metadata](https://docs.truthlocks.com/api-reference/consumer/proof-metadata.md): Returns metadata for a consumer content protection, used to render public proof pages. No authentication required. - [List Protections](https://docs.truthlocks.com/api-reference/consumer/protections.md): Returns all content protections (attestations) for the authenticated consumer. - [Consumer Signup](https://docs.truthlocks.com/api-reference/consumer/signup.md): Creates a new consumer account. No authentication required. - [Content similarity check](https://docs.truthlocks.com/api-reference/consumer/similarity.md): Check whether a content hash already has existing public protections. - [Consumer Stats](https://docs.truthlocks.com/api-reference/consumer/stats.md): Returns statistics for the authenticated consumer's protections and portfolio. - [Update protection visibility](https://docs.truthlocks.com/api-reference/consumer/update-visibility.md): Toggle a content protection between public and private. - [Health Check](https://docs.truthlocks.com/api-reference/health/check.md): Returns service health status. No authentication required. - [Readiness Probe](https://docs.truthlocks.com/api-reference/health/ready.md): Returns service readiness. No authentication required. - [Programmatic status](https://docs.truthlocks.com/api-reference/health/status.md): Query real-time service health for all Truthlocks services. No authentication required. - [Assign role](https://docs.truthlocks.com/api-reference/identity/assign-role.md): Bind a role to a user within your tenant. - [Create custom role](https://docs.truthlocks.com/api-reference/identity/create-role.md): Create a custom role with a name and description for your tenant. - [List Organizations](https://docs.truthlocks.com/api-reference/identity/orgs.md): Returns organizations for the authenticated tenant. - [Get Organization](https://docs.truthlocks.com/api-reference/identity/orgs/get.md): Returns details for a specific organization. - [Manage Roles](https://docs.truthlocks.com/api-reference/identity/roles.md): Returns available roles for the organization. - [Create application](https://docs.truthlocks.com/api-reference/issuer-applications/create.md): Create a new issuer application in draft status. - [Get application](https://docs.truthlocks.com/api-reference/issuer-applications/get.md): Retrieve a single issuer application with its evidence and review history. - [List applications](https://docs.truthlocks.com/api-reference/issuer-applications/list.md): List issuer applications for your tenant with optional status filtering. - [Submit application](https://docs.truthlocks.com/api-reference/issuer-applications/submit.md): Submit a draft issuer application for platform review. - [Create Issuer](https://docs.truthlocks.com/api-reference/issuers/create.md): Registers a new issuer. Newly created issuers start in PENDING status. - [List Issuer Events](https://docs.truthlocks.com/api-reference/issuers/events.md): Returns the event history for a specific issuer. - [Get Issuer](https://docs.truthlocks.com/api-reference/issuers/get.md): Returns details for a specific issuer. - [Register Key](https://docs.truthlocks.com/api-reference/issuers/keys.md): Registers a new cryptographic key for an issuer. Only Ed25519 is supported. - [Report Key Compromise](https://docs.truthlocks.com/api-reference/issuers/keys-compromise.md): Reports a key as compromised. Immediately disables the key and flags all attestations signed with it for review. - [Rotate Key](https://docs.truthlocks.com/api-reference/issuers/keys-rotate.md): Rotates a cryptographic key, creating a new key and disabling the old one. - [List Issuers](https://docs.truthlocks.com/api-reference/issuers/list.md): Returns all issuers for the authenticated tenant. - [Get Agent](https://docs.truthlocks.com/api-reference/machine-identity/agents/get.md): Retrieve full details for a specific machine agent identity - [List Agents](https://docs.truthlocks.com/api-reference/machine-identity/agents/list.md): List all machine agent identities for the authenticated tenant with filtering and pagination - [Register Agent](https://docs.truthlocks.com/api-reference/machine-identity/agents/register.md): Register a new machine agent identity with cryptographic key pair and scoped permissions - [Revoke Agent](https://docs.truthlocks.com/api-reference/machine-identity/agents/revoke.md): Permanently revoke a machine agent identity, terminating all sessions and blocking future operations - [Suspend Agent](https://docs.truthlocks.com/api-reference/machine-identity/agents/suspend.md): Temporarily suspend a machine agent, blocking all sessions and tool invocations - [Update Agent](https://docs.truthlocks.com/api-reference/machine-identity/agents/update.md): Update an agent's display name, description, metadata, or status - [Report Anomaly](https://docs.truthlocks.com/api-reference/machine-identity/anomalies/report.md): Report a behavioral anomaly detected in an AI agent's activity. - [Resolve Anomaly](https://docs.truthlocks.com/api-reference/machine-identity/anomalies/resolve.md): Resolve an open anomaly with a resolution type and investigator notes. - [Create Compliance Check](https://docs.truthlocks.com/api-reference/machine-identity/compliance/create-check.md): Run an automated compliance check against a regulation for an entity - [Generate Compliance Report](https://docs.truthlocks.com/api-reference/machine-identity/compliance/reports.md): Generate a comprehensive compliance report for an entity over a time period - [Attest Dataset](https://docs.truthlocks.com/api-reference/machine-identity/datasets/attest.md): Create a provenance and integrity attestation for a dataset used by AI agents. - [Get Dataset Lineage](https://docs.truthlocks.com/api-reference/machine-identity/datasets/lineage.md): Retrieve the full lineage graph for a dataset, including upstream sources and downstream consumers. - [List Dataset Attestations](https://docs.truthlocks.com/api-reference/machine-identity/datasets/list.md): Retrieve a paginated list of dataset attestations with optional filters. - [Accept Cross-Tenant Delegation](https://docs.truthlocks.com/api-reference/machine-identity/delegations/accept.md): Accept a cross-tenant trust delegation offer, activating scoped permissions for the accepting agent. - [Offer Cross-Tenant Delegation](https://docs.truthlocks.com/api-reference/machine-identity/delegations/offer.md): Offer a scoped trust delegation to an agent in another tenant. - [Get Document Verification](https://docs.truthlocks.com/api-reference/machine-identity/documents/get.md): Retrieve the verification status and result for a submitted document - [Submit Document for Verification](https://docs.truthlocks.com/api-reference/machine-identity/documents/verify.md): Submit a document for AI and human verification with integrity hashing - [Check Guardrails](https://docs.truthlocks.com/api-reference/machine-identity/guardrails/check.md): Evaluate content or an agent action against configured safety guardrails and policy rules. - [Kill Switch](https://docs.truthlocks.com/api-reference/machine-identity/killswitch/kill.md): Emergency kill switch: immediately revoke an agent, terminate all sessions, and void pending receipts. - [Attest Model](https://docs.truthlocks.com/api-reference/machine-identity/models/attest.md): Create a provenance attestation for an AI model, linking it to training datasets and recording framework metadata. - [Get Model Lineage](https://docs.truthlocks.com/api-reference/machine-identity/models/lineage.md): Retrieve the full lineage graph for a model, including training datasets and parent models. - [Emit Event](https://docs.truthlocks.com/api-reference/machine-identity/observability/events.md): Emit a service observability event for auditing, alerting, and operational monitoring. - [Get Metrics](https://docs.truthlocks.com/api-reference/machine-identity/observability/metrics.md): Retrieve aggregated service metrics including event counts, latency percentiles, and error rates. - [Execute Orchestration](https://docs.truthlocks.com/api-reference/machine-identity/orchestrations/execute.md): Start an AI orchestration execution with full provenance tracking and step-level auditing. - [Get Orchestration](https://docs.truthlocks.com/api-reference/machine-identity/orchestrations/get.md): Retrieve the full execution result of an orchestration, including step-level details and cost tracking. - [Record LLM Inference](https://docs.truthlocks.com/api-reference/machine-identity/orchestrations/llm-inference.md): Record an LLM inference call within an orchestration for cost tracking and provenance auditing. - [Create MAIP Policy](https://docs.truthlocks.com/api-reference/machine-identity/policies/create.md): Create a new agent enforcement policy with conditional rules for runtime access control - [Evaluate MAIP Policy](https://docs.truthlocks.com/api-reference/machine-identity/policies/evaluate.md): Evaluate all active agent policies against a specific agent and requested scope - [List MAIP Policies](https://docs.truthlocks.com/api-reference/machine-identity/policies/list.md): List all agent enforcement policies for the authenticated tenant - [Create Scope](https://docs.truthlocks.com/api-reference/machine-identity/scopes/create.md): Create a custom tenant-scoped permission scope for fine-grained agent access control - [List Scopes](https://docs.truthlocks.com/api-reference/machine-identity/scopes/list.md): List all available permission scopes including platform built-ins and tenant custom scopes - [Create Session](https://docs.truthlocks.com/api-reference/machine-identity/sessions/create.md): Create a time-bound authenticated session for a machine agent with scoped access tokens - [List Sessions](https://docs.truthlocks.com/api-reference/machine-identity/sessions/list.md): List agent sessions with filtering by agent, status, and pagination - [Terminate Session](https://docs.truthlocks.com/api-reference/machine-identity/sessions/terminate.md): Immediately terminate an active agent session, invalidating its tokens - [Invoke Tool](https://docs.truthlocks.com/api-reference/machine-identity/tools/invoke.md): Request tool invocation with scope validation, rate limiting, and audit receipt generation - [Register Tool](https://docs.truthlocks.com/api-reference/machine-identity/tools/register.md): Register a tool in the MAIP tool registry with scope requirements, risk classification, and rate limits - [Compute Trust Score](https://docs.truthlocks.com/api-reference/machine-identity/trust-scores/compute.md): Recompute the trust score for a machine agent based on current behavioral signals - [Get Trust Score](https://docs.truthlocks.com/api-reference/machine-identity/trust-scores/get.md): Retrieve the current trust score for a machine agent - [Trust Score History](https://docs.truthlocks.com/api-reference/machine-identity/trust-scores/history.md): Retrieve historical trust score data for a machine agent over time - [Create Truth Claim](https://docs.truthlocks.com/api-reference/machine-identity/truth-claims/create.md): Submit a new truth claim from a machine agent for verification - [Get Truth Claim](https://docs.truthlocks.com/api-reference/machine-identity/truth-claims/status.md): Retrieve a truth claim with its current status and verification result - [Verify Truth Claim](https://docs.truthlocks.com/api-reference/machine-identity/truth-claims/verify.md): Trigger verification of a pending truth claim using a specified method - [Submit Witness Attestation](https://docs.truthlocks.com/api-reference/machine-identity/witness/attest.md): Submit a witness attestation for a pending witness request - [Get Witness Consensus](https://docs.truthlocks.com/api-reference/machine-identity/witness/consensus.md): Retrieve the consensus result for a witness verification request - [Create Witness Request](https://docs.truthlocks.com/api-reference/machine-identity/witness/create.md): Initiate a multi-agent witness verification for a truth claim - [Create Workflow](https://docs.truthlocks.com/api-reference/machine-identity/workflows/create.md): Create a workflow definition as a directed acyclic graph (DAG) of steps for repeatable AI orchestrations. - [Execute Workflow](https://docs.truthlocks.com/api-reference/machine-identity/workflows/execute.md): Execute a published workflow definition, creating a tracked orchestration run. - [Create policy](https://docs.truthlocks.com/api-reference/policies/create.md): Create a new issuance policy with rules that control minting, verification, or proof-bundle export. - [Delete policy](https://docs.truthlocks.com/api-reference/policies/delete.md): Permanently remove a policy and its bindings. - [Evaluate policy](https://docs.truthlocks.com/api-reference/policies/evaluate.md): Simulate a policy evaluation against a sample input to test rules before enforcing them. - [List policies](https://docs.truthlocks.com/api-reference/policies/list.md): Retrieve all policies for the authenticated tenant. - [Create Receipt Type](https://docs.truthlocks.com/api-reference/receipts/create-type.md): Registers a custom receipt type with a JSON Schema for payload validation. - [Export Receipts](https://docs.truthlocks.com/api-reference/receipts/export.md): Queue a bulk export and download receipts as JSON or CSV. - [Get Receipt](https://docs.truthlocks.com/api-reference/receipts/get.md): Retrieve a receipt event by ID with full signature and log anchor. - [Get receipt type](https://docs.truthlocks.com/api-reference/receipts/get-type.md): Retrieves a single receipt type by name. - [List Receipts](https://docs.truthlocks.com/api-reference/receipts/list.md): Returns a paginated list of receipt events for the authenticated tenant. - [List receipt types](https://docs.truthlocks.com/api-reference/receipts/list-types.md): Returns all registered receipt types for the authenticated tenant. - [Mint Receipt](https://docs.truthlocks.com/api-reference/receipts/mint.md): Create a cryptographically signed, transparency-log-anchored receipt event. - [Receipt Proof Bundle](https://docs.truthlocks.com/api-reference/receipts/proof-bundle.md): Download a self-contained proof bundle for offline receipt verification. - [Redact Receipt](https://docs.truthlocks.com/api-reference/receipts/redact.md): Remove PII from a receipt payload while preserving cryptographic proof. - [Revoke Receipt](https://docs.truthlocks.com/api-reference/receipts/revoke.md): Revoke a receipt and record the event in the transparency log. - [Search Receipts](https://docs.truthlocks.com/api-reference/receipts/search.md): Search receipts using full-text search and faceted filters. - [Set Signing Policy](https://docs.truthlocks.com/api-reference/receipts/signing-policy.md): Configure which issuers and algorithms may sign receipts of a given type. - [Verify Receipt](https://docs.truthlocks.com/api-reference/receipts/verify.md): Verify a receipt's cryptographic signature and current status. - [Get risk signal](https://docs.truthlocks.com/api-reference/risk-signals/get.md): Retrieves a specific risk signal by its unique ID. - [List risk signals](https://docs.truthlocks.com/api-reference/risk-signals/list.md): Returns risk signals for the authenticated tenant with pagination. Filter by source, signal type, entity, or minimum score. - [List ATO alerts](https://docs.truthlocks.com/api-reference/risk/ato-alerts.md): List account takeover alerts triggered by the ATO heuristic engine. Alerts are created automatically when a subject crosses a risk threshold. - [Evaluate ATO risk](https://docs.truthlocks.com/api-reference/risk/ato-evaluate.md): Evaluate a login event against account takeover heuristics. Tracks failed login velocity per subject and triggers alerts when thresholds are exceeded. - [Get ATO profile](https://docs.truthlocks.com/api-reference/risk/ato-profile.md): Retrieve the current account takeover risk profile for a subject, including failed login count, risk level, and known devices. - [Get deepfake scan results](https://docs.truthlocks.com/api-reference/risk/deepfake-results.md): Retrieve the most recent deepfake and impersonation scan result for a given subject reference. - [Deepfake & impersonation scan](https://docs.truthlocks.com/api-reference/risk/deepfake-scan.md): Submit a subject for deepfake and impersonation analysis. Returns scores, verdict, and indicators. Automatically ingests a risk signal if scores exceed the auto-trigger threshold (60). - [Risk Evaluate](https://docs.truthlocks.com/api-reference/risk/evaluate.md): Unified risk evaluation endpoint. Ingests a signal, evaluates it against your tenant policies, creates a signed risk decision, and optionally mints a fraud_decision_receipt for non-repudiation. - [Ingest Risk Signal](https://docs.truthlocks.com/api-reference/risk/ingest-signal.md): Ingest a raw risk signal event. Risk signals are the foundation of the Anti-Fraud Identity Firewall — they represent a single suspicious observation about a subject. - [Normalize Identity Event](https://docs.truthlocks.com/api-reference/risk/normalize-event.md): Submit a raw identity event for automatic normalization into a risk signal. The normalization layer maps platform events to standardized signal types with pre-calibrated risk scores. - [List velocity anomalies](https://docs.truthlocks.com/api-reference/risk/velocity-anomalies.md): List subjects with velocity scores above a threshold. Use this to identify high-velocity anomalies across your tenant. - [Record velocity action](https://docs.truthlocks.com/api-reference/risk/velocity-record.md): Record a subject action and evaluate it against velocity-based anomaly scoring. Auto-ingests a risk signal when the velocity score reaches 60 or above. - [Get velocity windows](https://docs.truthlocks.com/api-reference/risk/velocity-windows.md): Retrieve current rolling window counts and velocity scores for all tracked action types of a subject. - [Invite User](https://docs.truthlocks.com/api-reference/users/invite.md): Invites a new user to the organization. - [Create Verification Pack](https://docs.truthlocks.com/api-reference/verification-packs/create.md): Creates a new custom verification pack for the tenant. - [Get Verification Pack](https://docs.truthlocks.com/api-reference/verification-packs/get.md): Returns details of a specific verification pack. - [List Verification Packs](https://docs.truthlocks.com/api-reference/verification-packs/list.md): Returns all verification packs for the authenticated tenant, including built-in enterprise templates and custom packs. - [Update Verification Pack](https://docs.truthlocks.com/api-reference/verification-packs/update.md): Updates a verification pack's name, description, or configuration. - [Update Pack Status](https://docs.truthlocks.com/api-reference/verification-packs/update-status.md): Activates, deactivates, or archives a verification pack. - [Verify Attestation](https://docs.truthlocks.com/api-reference/verify.md): Performs a full cryptographic and status verification of an attestation. - [Create webhook endpoint](https://docs.truthlocks.com/api-reference/webhooks/create-endpoint.md): Registers a new webhook endpoint for the authenticated tenant. - [List deliveries](https://docs.truthlocks.com/api-reference/webhooks/list-deliveries.md): Returns delivery history for a webhook endpoint. - [List webhook endpoints](https://docs.truthlocks.com/api-reference/webhooks/list-endpoints.md): Returns all configured webhook endpoints for the authenticated tenant. - [Rotate endpoint secret](https://docs.truthlocks.com/api-reference/webhooks/rotate-secret.md): Generates a new signing secret for the webhook endpoint. The old secret is immediately invalidated. - [Send test delivery](https://docs.truthlocks.com/api-reference/webhooks/test-delivery.md): Sends a test event to a webhook endpoint to verify connectivity. - [Billing System](https://docs.truthlocks.com/billing/overview.md): Pay-per-use pricing, plan tiers, and usage management for your Truthlocks organization. - [Provider Routing](https://docs.truthlocks.com/billing/provider-routing.md): How Truthlocks routes payments through the optimal gateway based on your region. - [Product Changelog](https://docs.truthlocks.com/changelog.md): New updates, feature releases, and improvements to Truthlocks - [Core Concepts](https://docs.truthlocks.com/concepts.md): Understanding tenants, issuers, attestations, and verification. - [Environments](https://docs.truthlocks.com/environments.md): Manage sandbox, development, staging, and production environments for safe integration and testing. - [Account security](https://docs.truthlocks.com/guides/account-security.md): Set up multi-factor authentication, manage passwords, and control active sessions. - [Agent Authorization](https://docs.truthlocks.com/guides/agent-authorization.md): Scope-based authorization, session management, and tool invocation for AI agents. - [AI metadata extraction](https://docs.truthlocks.com/guides/ai-metadata.md): How Truthlocks uses AI to automatically categorize and describe your protected content. - [AI Orchestration](https://docs.truthlocks.com/guides/ai-orchestration.md): Multi-agent workflow execution with cost tracking, safety guardrails, and cryptographic audit trails. - [Account takeover detection](https://docs.truthlocks.com/guides/ato-detection.md): Detect account takeover attempts with velocity-based heuristics, automatic risk scoring, and real-time alerts. - [B2B2C Verification Flows](https://docs.truthlocks.com/guides/b2b2c.md): How businesses issue credentials to consumers, who then share them with verifiers. - [Embeddable badges](https://docs.truthlocks.com/guides/badges.md): Add verification badges to your website, README, or portfolio to prove content authenticity. - [Code Authorship Protection](https://docs.truthlocks.com/guides/code-authorship.md): Prove you wrote the code with cryptographic attestations. - [Compliance exports](https://docs.truthlocks.com/guides/compliance-exports.md): Export audit data in SOC 2, GDPR, and HIPAA formats for regulatory reporting and evidence collection. - [Compliance review](https://docs.truthlocks.com/guides/compliance-review.md): Submit compliance evidence and track the review process for your Truthlocks tenant. - [Console onboarding](https://docs.truthlocks.com/guides/console-onboarding.md): Set up your organization, issuer, and signing keys with the guided onboarding wizard. - [Consumer portal guide](https://docs.truthlocks.com/guides/consumer-portal.md): How end-users view, manage, and share their verified credentials. - [B2C Content Protection](https://docs.truthlocks.com/guides/content-protection.md): How individual creators prove authorship of their work with cryptographic attestations. - [Cross-Tenant Delegation](https://docs.truthlocks.com/guides/cross-tenant-delegation.md): Enable AI agents to operate across organizational boundaries with cryptographic delegation chains. - [Custom domains](https://docs.truthlocks.com/guides/custom-domains.md): Set up branded URLs for your verification portal and console with custom domain configuration and DNS verification. - [Deepfake and impersonation detection](https://docs.truthlocks.com/guides/deepfake-detection.md): Scan subjects for deepfake and impersonation indicators, review verdicts, and feed results into the risk signal pipeline automatically. - [Custom branding](https://docs.truthlocks.com/guides/enterprise-branding.md): Customize your verification pages, emails, and proof bundles with your organization's branding. - [Issuance policies](https://docs.truthlocks.com/guides/issuance-policies.md): Define rule-based policies that control who can mint, verify, and export attestations in your tenant. - [Issuer application review](https://docs.truthlocks.com/guides/issuer-applications.md): Apply for a higher trust tier and track your application through the review process. - [Machine Identity (MAIP)](https://docs.truthlocks.com/guides/machine-identity.md): Register, authorize, and monitor AI agents with cryptographic identity and behavioral constraints. - [MAIP integrations](https://docs.truthlocks.com/guides/maip-integrations.md): Connect your AI agents to the tools and platforms your team already uses. - [MAIP policies](https://docs.truthlocks.com/guides/maip-policies.md): Define runtime enforcement rules that control what AI agents can do based on trust scores, scopes, delegation depth, and agent type. - [Observability dashboard](https://docs.truthlocks.com/guides/observability.md): Monitor attestation volume, service health across 10 backend services, latency percentiles, and plan usage from the console. - [Onboarding checklist](https://docs.truthlocks.com/guides/onboarding.md): Step-by-step guide to setting up your Truthlocks tenant and going live. - [Public portfolio](https://docs.truthlocks.com/guides/portfolio.md): Showcase your protected content on a public profile page with a shareable URL. - [Privacy center](https://docs.truthlocks.com/guides/privacy-center.md): Export your data, request account deletion, and manage your privacy rights. - [Protect GitHub Action](https://docs.truthlocks.com/guides/protect-action.md): Automatically protect code and artifacts with cryptographic proofs on every push or release. - [Protect CLI](https://docs.truthlocks.com/guides/protect-cli.md): Protect code, research, designs, and digital content from the terminal. - [Receipts](https://docs.truthlocks.com/guides/receipts.md): Cryptographically signed, transparency-log-anchored receipts for any event - [Risk signals](https://docs.truthlocks.com/guides/risk-signals.md): Ingest fraud-detection signals from any source, normalize identity events into scored signals, and query them by entity, score, or type. - [SDK Examples](https://docs.truthlocks.com/guides/sdk-examples.md): Production-ready code patterns for integrating Truthlocks into your applications. - [SIEM integration](https://docs.truthlocks.com/guides/siem-integration.md): Stream audit log events in real time to your SIEM or log management platform. - [Subscription management](https://docs.truthlocks.com/guides/subscription-management.md): Choose a plan, subscribe via checkout, manage add-ons, and handle cancellation using the API or console. - [Transparency settings](https://docs.truthlocks.com/guides/transparency-settings.md): Control your organization's public profile on the Trust Explorer directory. - [Trust Scores](https://docs.truthlocks.com/guides/trust-scores.md): Continuous behavioral trust evaluation for AI agents with configurable scoring factors. - [Truth Explorer](https://docs.truthlocks.com/guides/truth-explorer.md): Browse checkpoints, search the transparency log, validate proof bundles, and view issuer profiles. - [Velocity and anomaly scoring](https://docs.truthlocks.com/guides/velocity-scoring.md): Track action frequency across rolling time windows, detect velocity anomalies, and auto-ingest risk signals when thresholds are exceeded. - [Verification packs](https://docs.truthlocks.com/guides/verification-packs.md): Use pre-built verification pack templates for common compliance and identity workflows. - [Webhooks](https://docs.truthlocks.com/guides/webhooks.md): Receive real-time HTTP notifications when events occur in your Truthlocks tenant. - [Introduction](https://docs.truthlocks.com/introduction.md): Enterprise-grade attestation infrastructure for digital credentials. - [Error Codes Reference](https://docs.truthlocks.com/ops/errors.md): Canonical error codes and verdicts used across the Truthlocks platform. These codes are stable and can be used for programmatic error handling. - [Health & Readiness](https://docs.truthlocks.com/ops/health.md): Monitoring API health, readiness endpoints, and status page. - [Rate Limits & Quotas](https://docs.truthlocks.com/ops/limits.md): Understanding rate limits, quotas, and handling 429 responses. - [B2B Onboarding Pack](https://docs.truthlocks.com/packs/enterprise/b2b-onboarding.md): Strategic Integration Guide for Enterprise Issuers - [B2G Procurement Pack](https://docs.truthlocks.com/packs/enterprise/b2g-procurement.md): Institutional Security, Privacy, and Data Governance - [Enterprise Verification Packs](https://docs.truthlocks.com/packs/enterprise/overview.md): Buyer-ready assets and onboarding kits tailored for Enterprise & Government partners. - [Security & Compliance Language](https://docs.truthlocks.com/packs/enterprise/security-compliance.md): Standard Clauses & Technical Safeguards - [Technical Integration Pack](https://docs.truthlocks.com/packs/enterprise/technical-integration.md): Developer's Quickstart & API Strategy - [Verification Program Guide](https://docs.truthlocks.com/packs/enterprise/verification-program.md): Operational Blueprint for Proof-Based Trust - [Policy engine](https://docs.truthlocks.com/policy.md): Enterprise-grade policy evaluation for B2C, B2B, B2G, and B2B2C scenarios. - [Quick Start](https://docs.truthlocks.com/quickstart.md): Issue your first attestation in under 5 minutes. - [Go SDK](https://docs.truthlocks.com/sdk/go.md): Official Go SDK for the Truthlocks platform. Idiomatic Go with full context propagation, typed request/response structs, automatic retries, and comprehensive error handling. - [JavaScript / TypeScript SDK](https://docs.truthlocks.com/sdk/js.md): Official TypeScript/JavaScript SDK for the Truthlocks platform. Fully typed, with automatic authentication, idempotency keys, retry with exponential backoff, and tree-shakeable exports. - [Python SDK](https://docs.truthlocks.com/sdk/python.md): The official Python SDK for the Truthlocks verification platform. Type-safe, with automatic retries and comprehensive error handling. - [Abuse Hardening & Security Controls](https://docs.truthlocks.com/security/abuse-hardening.md): Enterprise-grade protections against DoS, abuse, and noisy tenants. Multi-tenant fairness with per-IP and per-tenant rate limiting. - [Audit Logs](https://docs.truthlocks.com/security/audit.md): Track all API activity, security events, and compliance auditing. - [Authentication](https://docs.truthlocks.com/security/auth.md): API authentication methods, key management, and security best practices. - [Data residency](https://docs.truthlocks.com/security/data-residency.md): Pin your tenant data to a specific geographic region for GDPR, data sovereignty, and compliance requirements. - [Email delivery & SES integration](https://docs.truthlocks.com/security/email-delivery.md): Production-grade email delivery using AWS Simple Email Service (SES) with bounce handling, suppression management, custom SMTP, and a complete template reference. - [RBAC & Permissions](https://docs.truthlocks.com/security/rbac.md): Role-based access control and permission management. - [Row-Level Security (RLS)](https://docs.truthlocks.com/security/rls.md): Defense-in-depth tenant isolation at the database layer. - [SAML SSO](https://docs.truthlocks.com/security/saml-sso.md): Configure SAML 2.0 single sign-on for your organization. - [SCIM provisioning](https://docs.truthlocks.com/security/scim.md): Automate user and group lifecycle management with SCIM 2.0. - [Support access sessions](https://docs.truthlocks.com/security/support-access.md): How Truthlocks customer support accesses your tenant with time-limited, scoped impersonation sessions. - [DID & JWKS discovery](https://docs.truthlocks.com/specification/did-jwks.md): Resolve issuer identities and public keys using standard discovery protocols. - [Proof Bundle Format](https://docs.truthlocks.com/specification/proof-bundle.md): Specification for the cryptographic Truthlocks Proof Bundle format version 1.0. - [Compliance & Certifications](https://docs.truthlocks.com/trust/compliance.md): Adherence to global standards for verifiable and trustworthy identity. - [Privacy Policy Summary](https://docs.truthlocks.com/trust/privacy.md): A summary of how Truthlocks handles and protects your data. - [Security Architecture](https://docs.truthlocks.com/trust/security.md): How Truthlocks secures the platform at the core level. ## OpenAPI Specs - [mint-openapi](https://docs.truthlocks.com/mint-openapi.yaml) - [openapi](https://docs.truthlocks.com/openapi.yaml)