SDK and API Surface
API Baseline
APIS integrations rely on a small set of canonical endpoints:
POST /v2/passport-initPOST /v2/passport-init/challengePOST /v2/passportsGET /v2/passports/{passport_did}GET /v2/passports/{passport_did}/statusPOST /v2/passports/{passport_did}/renewPOST /v2/passports/{passport_did}/revokeGET /.well-known/openid-configurationGET /.well-known/jwks.json
Artifacts
Verifier SDK Responsibilities
A verifier-oriented SDK should implement:
- discovery metadata retrieval
- JWKS caching and rotation handling
- signature verification for passport/mandate/action
- Machine Passport and trust-tier validation
- revocation nonce checking
- policy and scope enforcement hooks
Issuer SDK Responsibilities
An issuer-oriented SDK should provide:
- nonce generation and lifecycle handling
- proof-of-possession verification
- DID and fingerprint generation
- Machine Passport and Agent Passport issuance
- APIS-APP provisioning, renewal, and revocation flows
- credential minting and status transitions
- immutable audit event publishing
Compatibility Guidance
Treat schemas in /spec/*.json|yaml as contract artifacts and pin versions in your integration pipeline.