Developer Docs

ProofMe API Reference

Integrate cryptographically secure document verification directly into your workflows. Our REST API is fast, simple, and strictly respects privacy.

Authentication

All API endpoints (except public checks) require an API key. Include it in the `Authorization` header as a Bearer token.

Authorization: Bearer dp_live_abc123...

Generate and manage your API keys in the Dashboard.

Core Endpoints

POST/api/v1/register

Registers a new document hash.

Request Body (JSON)

{
  "doc_hash": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
  "doc_type": "certificate", // enum: certificate, contract, transcript, generic
  "label": "John Doe - React Bootcamp 2024",
  "expires_at": "2025-12-31T23:59:59Z" // optional
}

Response (200 OK)

{
  "status": "success",
  "doc_hash": "e3b0c...",
  "verify_url": "https://app.docproof.io/v/e3b0c...",
  "qr_png_base64": "data:image/png;base64,iVBORw0K...",
  "qr_svg": "<svg>...</svg>" // Raw SVG string suitable for embedding
}

GET/api/v1/check/[hash]

Verify a document hash publicly (No API Key Required).

This endpoint allows anyone (or your own apps) to check the real-time status of a hash.

{
  "status": "valid", // enum: valid, expired, revoked, not_found
  "doc_hash": "e3b0c...",
  "doc_type": "certificate",
  "label": "John Doe - React Bootcamp 2024",
  "issued_at": "2024-03-13T10:00:00Z",
  "expires_at": null,
  "revoked_at": null,
  "issuer": {
    "name": "Acme Academy"
  }
}

POST/api/v1/revoke/[hash]

Permanently revoke a previously issued document.

{
  "status": "revoked",
  "doc_hash": "e3b0c...",
  "revoked_at": "2024-05-10T14:30:00Z"
}

Rate Limits

API requests are limited to 100 requests per 10 seconds per IP address to ensure platform stability. If exceeded, the API returns a 429 Too Many Requests response.