Utility
Retrieve the current C2PA trust bundle
Fetches the latest C2PA trust list containing trusted certificate authorities, hardware manufacturers, and trust policies.
The trust list is used during manifest verification to:
- Validate signer certificates against trusted Certificate Authorities
- Verify hardware manufacturer claims for camera-captured content
- Apply trust policies for different validation scenarios
Trust lists are versioned and should be refreshed periodically as new trusted entities are added or certificates expire.
x-api-key<token>
API Key provided by Que. Obtain your key from the developer dashboard.
In: header
Response Body
fetch("https://dev-api.addque.org/v1/trust-list", { method: "GET"}){
"version": "dev-1",
"issued_at": "2024-01-15T10:00:00Z",
"data": {
"manufacturers": [],
"cas": [],
"policy": {
"default": "allow"
}
}
}{
"type": "about:blank",
"title": "unauthorized",
"status": 401,
"code": "unauthorized",
"detail": "invalid API key"
}{
"type": "about:blank",
"title": "forbidden",
"status": 403,
"code": "forbidden",
"detail": "you do not have permission to perform this action"
}{
"type": "about:blank",
"title": "rate_limited",
"status": 429,
"code": "rate_limited",
"detail": "try again in 5000 ms",
"details": {
"try_again_in_ms": 5000
}
}{
"type": "about:blank",
"title": "internal_error",
"status": 500,
"code": "internal_error",
"detail": "unexpected panic in verification engine"
}