{ "openapi": "3.1.0", "info": { "title": "FIDNT Protocol API", "version": "1.0.0", "summary": "Sovereign identity, consent, mandate, and AI-agent authorization rail.", "description": "FIDNT is non-custodial. No endpoint receives, holds, or transmits money. All endpoints either issue proofs (mandates · consent receipts · payment receipts) or verify them.", "contact": { "name": "FIDNT", "url": "https://app.fidnt.com/platforms", "email": "platforms@fidnt.com" }, "license": { "name": "Civil Code 1868 + DPA 2012", "url": "https://app.fidnt.com/whitepaper" } }, "servers": [ { "url": "https://app.fidnt.com", "description": "Production" } ], "tags": [ { "name": "Auth", "description": "Identity assertion and session handling" }, { "name": "Vault", "description": "Mandate · consent · licensing — pillar 2" }, { "name": "Rights", "description": "Data enforcement — DPA 2012 actions — pillar 3" }, { "name": "Agency", "description": "Royalty receipts and AI-agent authorization — pillar 4" }, { "name": "Talk", "description": "Protocol-level communication — pillar 1" }, { "name": "Cross", "description": "Cross-cutting: ledger, instruments, health" }, { "name": "AI Agency", "description": "The 6-endpoint rail every AI agent must use to act on a human behalf" } ], "paths": { "/api/auth": { "post": { "tags": [ "Auth" ], "summary": "Identity assertion · session start", "responses": { "200": { "description": "OK" } } } }, "/api/mandate": { "post": { "tags": [ "Vault" ], "summary": "Issue a signed mandate (scope · expiry)", "responses": { "200": { "description": "OK" } } } }, "/api/consent": { "post": { "tags": [ "Vault" ], "summary": "Issue a consent receipt to a platform", "responses": { "200": { "description": "OK" } } } }, "/api/licensing": { "post": { "tags": [ "Vault" ], "summary": "Data licensing terms (scope · duration · price)", "responses": { "200": { "description": "OK" } } } }, "/api/portability": { "get": { "tags": [ "Rights" ], "summary": "User-initiated data export (DPA Sec.18)", "responses": { "200": { "description": "OK" } } } }, "/api/credit-dispute": { "post": { "tags": [ "Rights" ], "summary": "BSP-defined credit information dispute", "responses": { "200": { "description": "OK" } } } }, "/api/npc-enforcement": { "post": { "tags": [ "Rights" ], "summary": "NPC complaint envelope (DPA Sec.16)", "responses": { "200": { "description": "OK" } } } }, "/api/ppsr": { "post": { "tags": [ "Rights" ], "summary": "PPSR filing (RA 11057)", "responses": { "200": { "description": "OK" } } } }, "/api/earnings": { "get": { "tags": [ "Agency" ], "summary": "Royalty receipts log + earned-but-not-yet-paid attestation. Non-custodial — FIDNT does not hold funds.", "responses": { "200": { "description": "OK" } } } }, "/api/accounting": { "post": { "tags": [ "Agency" ], "summary": "Per-period reconciliation export", "responses": { "200": { "description": "OK" } } } }, "/api/payment-receipt": { "post": { "tags": [ "Agency" ], "summary": "Issue a payment receipt for a buyer→user payment that occurred outside FIDNT. Verifies mandate scope, appends ledger entry. No money movement.", "responses": { "201": { "description": "Receipt issued" } } } }, "/api/messages": { "post": { "tags": [ "Talk" ], "summary": "Send signed, consent-scoped message", "responses": { "200": { "description": "OK" } } } }, "/api/ledger": { "get": { "tags": [ "Cross" ], "summary": "Receipts log · hash-chained · per-user range", "responses": { "200": { "description": "OK" } } } }, "/api/instruments": { "get": { "tags": [ "Cross" ], "summary": "List ceremonial documents (audience-filtered)", "responses": { "200": { "description": "OK" } } } }, "/api/instruments/verify": { "get": { "tags": [ "Cross" ], "summary": "Verify a SHA3-512 hash matches a registered instrument", "responses": { "200": { "description": "OK" } } } }, "/api/health": { "get": { "tags": [ "Cross" ], "summary": "Service health check", "responses": { "200": { "description": "OK" } } } }, "/api/openapi": { "get": { "tags": [ "Cross" ], "summary": "This document", "responses": { "200": { "description": "OK" } } } }, "/api/agent/register": { "post": { "tags": [ "AI Agency" ], "summary": "AI agent registers, receives an agent DID", "responses": { "201": { "description": "Registered" } } } }, "/api/agent/mandate": { "post": { "tags": [ "AI Agency" ], "summary": "Principal grants scoped, time-bounded, revocable authority to an agent", "responses": { "201": { "description": "Mandate issued" } } } }, "/api/agent/verify": { "get": { "tags": [ "AI Agency" ], "summary": "Third party verifies a mandate is live + in-scope at action time", "responses": { "200": { "description": "OK" } } } }, "/api/agent/action": { "post": { "tags": [ "AI Agency" ], "summary": "Agent logs an action with mandate proof attached", "responses": { "201": { "description": "Action logged" } } } }, "/api/agent/revoke": { "post": { "tags": [ "AI Agency" ], "summary": "Principal revokes agent authority; webhook fires", "responses": { "200": { "description": "Revoked" } } } }, "/api/agent/audit": { "get": { "tags": [ "AI Agency" ], "summary": "Per-principal audit trail of every agent action", "responses": { "200": { "description": "OK" } } } } }, "x-fidnt-doctrine": { "custody": "none", "money_transmission": false, "pillars": [ "Talk", "Vault", "Rights", "Agency" ], "tier_ladder": [ "Free", "Pro", "Business" ], "legal_substrate": [ "Civil Code 1868 (PH)", "RA 10173 — DPA 2012", "ISO/IEC 27560:2023" ], "cryptography": { "signature": "ML-DSA-65 (NIST FIPS 204)", "hash": "SHA3-512", "identifier": "W3C DID v1.0" }, "bsp_safe_architecture": "three-transaction shape · buyer→user direct · FIDNT issues proofs · admin fee invoiced as service revenue" } }