Base URL


Proof String

The proof string represents that an individual has gone through the steps in the required order and maintains the client state at all times. The client needs to concatenate the proof string crucially at these points in time:

  • The first response from the /[platform]/oauth route.
  • All responses from /[platform]/submit that return a success.

The client must send the proof string they have to-date to move onto the next step. It must be in order, and not modified.


The client will not know ahead of time each and every future step they will be instructed to complete. It is for this reason that the client must maintain session state correctly and can account for the dynamic representation of the variant returned by either of the API routes.

Each Step has a variant of which it represents. Each step may require input, or may not. Each step may be critical (that is to say, a failure of it may not stop the flow) or not - and each step may or may not allow the retiring of it.

Available Variants:

  • Verification

Future Variants:

  • Twitter (Require to be following the target account to proceed, or a retweet/like)
  • Blockchain (Require the possession of an ERC-20 or ERC-721 / or SPL token)
  • Allow List (Allow users based on a predetermined list, or geography, or language)
  • Platform specific requirements (Have a certain profile picture or link in the bio of that persons account)