Skip to content

Developers

API changelog

Every change to the Partner API lands here, dated. Email is reserved for what needs your attention — breaking changes, security issues, and terms updates. API reference · Integration guide

Change policy

  • Additive changes— new endpoints, new optional parameters, new response fields — ship anytime, changelog-only. Don't rely on field order or on unknown fields being absent.
  • Breaking changes are announced by email and here at least 6 monthsbefore they take effect (12 if you're in production on the old behavior), with a migration guide and Sunset headers on affected responses.
  • Terms changes are emailed at least 30 days before the effective date.
  • Security issues — immediate email, no waiting.
  1. Added

    Beta integration environment

    • https://beta.api.proofofhuman.fm/v1 is the pre-production endpoint for integration testing: the same contract and authentication as production on isolated infrastructure with separate API keys, a separate registry, and disposable test proofs.
    • Beta and production keys are different secrets and never interchangeable. Ask for a beta key alongside your production key, point staging at the beta base URL, and switch to production at go-live.
    • No production request or response behavior changed.
  2. Changed

    TypeScript SDK 2.4.1 — quickstart and partner monitoring

    • The generated reference, SDK README, curl samples, and AI-agent context now lead with one-file credentialed WAV verification and retain the legacy audio + .poh fallback.
    • The integration guide now covers request IDs, safe client telemetry, health/quota checks, retries, and recommended alerts. PoH operations now tracks one-file versus legacy verification verdicts per opaque client ID.
    • No request or response field changed; existing integrations are unaffected. This ships as an SDK documentation patch.
  3. Added

    TypeScript SDK 2.4.0 — interpretation policy provenance

    • Ready process notes can include policyVersion so integrations can identify the fixed presentation policy that produced the report-only summary.
    • The field is optional and backward-compatible; credential validity and grade calculations are unchanged.
  4. Added

    TypeScript SDK 2.3.0 — one-file credentialed audio

    • POST /verify now accepts uploadId without poh for a PoH credentialed WAV; the legacy audio + .poh body remains supported.
    • POST /uploads accepts purpose=verify for a 65 MiB slot, GET /proofs/{proofId}/asset retrieves an owned credentialed deliverable, and responses can include embeddedCredential.
  5. Added

    TypeScript SDK 2.2.0 — local device seals

    • Verification can return local_seal when an intact artist-device seal was never registered with PoH. Treat unknown future verdict values as failed verification.
    • This distinguishes an opt-out/local proof from tampering without accepting it as PoH-issued.
  6. Added

    TypeScript SDK 2.0.1

    • client.health() liveness check; PoHError.requestId on failures; require()/CommonJS support fixed (the SDK now bundles its one dependency — zero runtime deps).
    • 2.0.0 carries the deployedAt unix-seconds change below — no other API surface change. npm install @proof-of-human/ts-sdk@^2.
  7. Added

    Durable audit trail for key lifecycle events

    • Every key rotation and expiry now leaves a durable, append-only audit record on your account.
    • No API surface change — your integration is unaffected.
  8. Changed

    Request IDs on every response · unix timestamps

    • Every API response now carries an X-Request-Id header — quote it when reporting an issue.
    • GET /health deployedAt is now unix epoch seconds (was an ISO string). SDK 2.0.0 surfaces requestId on errors.
  9. Added

    Partner key self-service + TypeScript SDK

    • GET /partner/keys, POST /partner/keys/rotate (72h grace, Idempotency-Key), GET /partner/usage.
    • @proof-of-human/ts-sdk on npm, generated from the same model as the API.