Skip to main content
GET
/
verification
/
{businessTransactionId}
Get latest Verification
curl --request GET \
  --url http://localhost:3000/verification/{businessTransactionId} \
  --header 'Authorization: Bearer <token>'
import requests

url = "http://localhost:3000/verification/{businessTransactionId}"

headers = {"Authorization": "Bearer <token>"}

response = requests.get(url, headers=headers)

print(response.text)
const options = {method: 'GET', headers: {Authorization: 'Bearer <token>'}};

fetch('http://localhost:3000/verification/{businessTransactionId}', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_PORT => "3000",
CURLOPT_URL => "http://localhost:3000/verification/{businessTransactionId}",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
package main

import (
"fmt"
"net/http"
"io"
)

func main() {

url := "http://localhost:3000/verification/{businessTransactionId}"

req, _ := http.NewRequest("GET", url, nil)

req.Header.Add("Authorization", "Bearer <token>")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.get("http://localhost:3000/verification/{businessTransactionId}")
.header("Authorization", "Bearer <token>")
.asString();
require 'uri'
require 'net/http'

url = URI("http://localhost:3000/verification/{businessTransactionId}")

http = Net::HTTP.new(url.host, url.port)

request = Net::HTTP::Get.new(url)
request["Authorization"] = 'Bearer <token>'

response = http.request(request)
puts response.read_body
{
  "verificationId": "63aac300-e0a8-47e9-9bb1-fd4b7d6cfdce",
  "businessTransactionId": "44b34a79-e0f2-49d7-a48e-e52fff88182e",
  "status": "VERIFIED",
  "message": "Execution Trust Record verified successfully.",
  "verifiedAt": "2026-07-13T17:42:11.002Z",
  "trustRecordHash": "e20a8861864f1a0a6c5fe00e64abca04de18a7d165a82ef9d7beb458c2096b3f"
}
{
"error": "authentication required"
}
{
"error": "Execution Trust Record not found."
}

Authorizations

Authorization
string
header
required

Caller API key issued by scripts/generate-api-key.ts. Sent as Authorization: Bearer . Verified against a stored SHA-256 hash in constant time by packages/api/src/auth/StaticKeyAuthenticator.ts. Required on every route except GET /health. See /api-reference/authentication.

Path Parameters

businessTransactionId
string
required

Response

Verification found.

Immutable result of verifying an entire Execution Trust Record: recomputed hash matches the stored hash, signature verifies, and every APPROVED Execution carries a non-empty authorizationId. All checks always run and are reported together in message; a failure in one does not skip the others.

verificationId
string
required

Unique Verification identifier.

businessTransactionId
string
required

Business Transaction being verified.

status
enum<string>
required

Verification result.

Available options:
VERIFIED,
FAILED
verifiedAt
string<date-time>
required

UTC timestamp when verification completed.

trustRecordHash
string
required

Hash of the verified Execution Trust Record, proving exactly which record was verified.

message
string

Human-readable verification summary: either the success message, or every failed check's message joined with "; ".