OpenAPI specifications for authentication, consent management, registry integration, verifiable credentials, decisions, audit, and rate limiting
OAuth2 authorization code flow endpoints for user authentication, token exchange, and user info retrieval.
Purpose-based consent management with support for granting, revoking, and listing user consents.
Identity verification and sanctions screening through external registry integration with caching and data minimization support.
Issue and verify AgeOver18 credentials with consent and regulated mode claim minimization.
Evidence-driven decision evaluation for age verification and sanctions screening.
User audit data export and compliance search across audit events.
Admin-only endpoints to manage allowlists and reset rate limiting counters for abuse prevention.