Core
POST /verify
Submit identifier (pseudonymised or hashed) and circuit_id. Get back eligible (boolean), optional signed token, latency_ms, and data_retained: null. Auth: API key (X-AffixIO-Key), Bearer JWT, or mTLS.
Identification via API
Identify anything. One API, binary result.
Send an identifier and a circuit ID. Get a cryptographically verified yes or no. Age, KYC, voting eligibility, health, finance, education. The circuit defines what you’re verifying; we never store PII.
No PII stored. Stateless. Zero-knowledge verification.
How identification works through the API
One request with identifier and circuit_id. The circuit resolves against the right data source and returns a binary outcome. No personal data is retained.
Your app
identifier + circuit_id
POST /verify
AffixIO API
Circuit
External data / proof
Response
eligible: true | false
Typical response time around 43ms. You can pass optional metadata (e.g. timestamp, source); it is never logged. data_retained is always null.
API endpoints for identification
Use these endpoints to identify or verify anything. Base URL: https://api.affix-io.com/v1. Full spec: openapi.json.
Discovery
GET /circuits
List available verification circuits. Filter by sector (health, finance, government, education, motoring, travel, hospitality, entertainment, ticketing, cross-sector). Each circuit has id, name, description, sector, input_methods.
Tokens
GET /tokens/{id}/verify
Re-verify a previously issued token without re-running the circuit. Useful for caching. Returns valid, eligible, circuit_id, issued_at, expires_at.
Example request body (POST /verify)
{
"identifier": "3a7bd3e27785e7b7a6c0e7c1f4f3f6b8",
"circuit_id": "health-age-verification"
}
Example response (200)
{
"eligible": true,
"circuit_id": "health-age-verification",
"token": "eyJ...",
"expires": "2026-03-06T12:00:00Z",
"latency_ms": 43,
"data_retained": null
}
Demo: factual code using the real API
The following uses the live base URL https://api.affix-io.com. Replace YOUR_API_KEY with your key (from hello@affix-io.com).
1. List available circuits (GET /v1/circuits)
curl -s -X GET "https://api.affix-io.com/v1/circuits" \ -H "Authorization: Bearer YOUR_API_KEY" \ -H "Content-Type: application/json"
Response shape: {"circuits": [{"id": "health-age-verification", "name": "...", "description": "...", "sector": "health", ...}], "total": N}
2. Run a verification (POST /v1/verify)
curl -s -X POST "https://api.affix-io.com/v1/verify" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"identifier":"3a7bd3e27785e7b7a6c0e7c1f4f3f6b8","circuit_id":"health-age-verification"}'
JavaScript (fetch) equivalent:
const API_BASE = 'https://api.affix-io.com/v1';
const apiKey = 'YOUR_API_KEY';
// List circuits
const circuitsRes = await fetch(`${API_BASE}/circuits`, {
headers: { 'Authorization': `Bearer ${apiKey}`, 'Content-Type': 'application/json' }
});
const { circuits, total } = await circuitsRes.json();
// Verify (use a circuit_id from the list, e.g. circuits[0].id)
const verifyRes = await fetch(`${API_BASE}/verify`, {
method: 'POST',
headers: { 'Authorization': `Bearer ${apiKey}`, 'Content-Type': 'application/json' },
body: JSON.stringify({
identifier: '3a7bd3e27785e7b7a6c0e7c1f4f3f6b8',
circuit_id: 'health-age-verification'
})
});
const result = await verifyRes.json();
// result.eligible (boolean), result.data_retained === null, result.latency_ms
Authentication can also use X-API-Key: YOUR_API_KEY or mTLS (see openapi.json). Health check (no auth): GET https://api.affix-io.com/health.
What you can identify
Circuits define the type of verification. Same API, different circuit_id for different use cases.
- Health: age verification, eligibility for services.
- Finance: KYC-style verification, compliance checks.
- Government: voting eligibility, benefits, entitlements.
- Education, motoring, travel, hospitality, entertainment, ticketing: access or eligibility by sector.
- Recommended: send a hashed (e.g. SHA-256), client-salted identifier so raw PII never leaves your system.
Identification through the AffixIO API is stateless and binary. You send an identifier and a circuit_id to the verify endpoint; the circuit resolves against the relevant data source (API, database, government registry, etc.) and returns a single eligibility result. AffixIO does not validate the identifier format; the circuit defines how it is resolved. We never store PII or identifier data (data_retained is always null). Use GET /circuits to discover circuits by sector. Authentication is via API key, Bearer token, or mTLS. For full schema and examples, see openapi.json. Contact hello@affix-io.com or the contact page for API access.
Frequently asked questions
Answers on identifying anything via the API, circuit IDs, and PII.
How do I identify something using the AffixIO API?
Send a POST to /verify with an identifier (pseudonymised or hashed) and a circuit_id. You get a binary eligible true or false. The circuit defines what you’re verifying (e.g. age, KYC, voting). We don’t store PII.
What is a circuit ID?
It tells the API which verification rule or data source to use. Examples: health-age-verification, finance-kyc-verification, govt-voting-eligibility. List them with GET /circuits, optionally filtered by sector.
What can I use as an identifier?
A string. We don’t validate format; the circuit resolves it. Best practice: SHA-256 hex of the raw identifier, salted on the client, so you never send raw PII.
Does AffixIO store the identifier or any PII?
No. The API is stateless. The response includes data_retained: null. You get only a binary result.
Where is the API documented?
OpenAPI 3.1 at openapi.json. Production: https://api.affix-io.com/v1. For keys and access, email hello@affix-io.com.
Get API access
Use one API to identify or verify anything. Binary result, no PII stored. OpenAPI spec on the site; contact us for keys and integration.
Contact our team Contact pageAffixIO home · How it works · Agentic payments · OpenAPI · hello@affix-io.com