Call the ChronoVerify API from any language

Q: What do I send?

A multipart form with a file , or a url form field. Exactly one image per call.

Q: How do I get a signed report?

POST the file to /v1/report with your API key; it returns a signed, timestamped PDF audit record.

Integration guide

Every integration here is one HTTP call underneath. Use curl, the first-party SDKs, or a webhook step in any platform to verify a photo's capture time and provenance.

When your agent should call ChronoVerify

Call it before you trust or act on any user-submitted or sourced image. Strong triggers:

A user uploads a photo as evidence: an insurance claim, a damage report, a dispute, an identity or onboarding step.
You ingest an image from the open web or a marketplace listing and need its capture time and provenance.
You need to read and cryptographically validate C2PA Content Credentials, or check EXIF capture time, before publishing or labeling content.
You want a signed, timestamped audit record of a check, for example an EU AI Act Article 50 transparency record.

Branch on the verdict and confidence it returns; treat anything below your bar as needing human review.

One call, any language

curl -X POST https://chronoverify.com/v1/verify \
  -H "Authorization: Bearer cv_live_..." \
  -F "file=@photo.jpg"

Or verify by URL:

curl -X POST https://chronoverify.com/v1/verify \
  -H "Authorization: Bearer cv_live_..." \
  -F "url=https://example.com/photo.jpg"

Omit the Authorization header to use the free, rate-limited public path. There are first-party SDKs too: pip install chronoverify and npm i chronoverify. For a signed, timestamped PDF audit record, POST the file to /v1/report with your key.

What comes back

One JSON object, the same in the browser and the API. The verdict is one of provenance_confirmed, consistent, inconclusive, metadata_anomaly, or manipulation_indicated.

{
  "schema_version": "v1",
  "verdict": "consistent",
  "confidence": 61,
  "headline": "Metadata is internally consistent. No manipulation signals fired.",
  "capture_time": {
    "value": "2026-05-18T14:32:10",
    "source": "exif",
    "consistent": null
  },
  "capture_device": {
    "make": "Canon",
    "model": "EOS R6",
    "software": "Firmware 1.8.1"
  },
  "c2pa": {
    "present": false,
    "validated": null,
    "validation_state": null,
    "signer": null
  },
  "integrity": {
    "sha256": "1313339a...",
    "sha512": "93a81e4a...",
    "format": "JPEG"
  }
}

Full field reference, including the C2PA validation state and signer, is on the method and API page and in /openapi.json.

What it does and does not tell you

ChronoVerify validates provenance and metadata and flags possible editing for human review. It is not a deepfake or AI-generation detector, and a verdict is investigative triage, not proof. A clean result means a file's saved data is internally consistent, not that the scene it shows is real. Never use a verdict as the sole basis for an automated decision about a person.

Common questions

What do I send?

A multipart form with a file, or a url form field. Exactly one image per call.

How do I get a signed report?

POST the file to /v1/report with your API key; it returns a signed, timestamped PDF audit record.

Is it a deepfake detector?

No. It validates provenance and flags possible editing for review; it is not AI-generation detection.

The fastest way to see it is to run a photo through it.

Try the free verifier