Quick Start — Sign and Verify Content

Get started signing content with Verimago in under 10 minutes. This guide covers account setup, signing your first video, and verifying the credential.

> Note: Verimago's primary value is capture-time attestation — signing content at the moment of recording using your phone's hardware security. The camera app handles this automatically. The API below is for programmatic signing workflows.

Prerequisites

A Verimago account (sign up at verimago.io/creators)
Your login credentials

Option A: Camera App (Recommended)

The fastest way to create hardware-attested content credentials:

Download the Verimago camera app (iOS or Android)

Record a photo or video — the app signs it automatically using your device's Secure Enclave (iOS) or StrongBox (Android)

Share the signed content — the C2PA Content Credential is embedded in the file metadata

No additional steps needed. The hardware attestation proves the content was captured on a real, unmodified device.

Option B: API Signing

For programmatic workflows and CMS integration.

Step 1: Log in and get your API key

curl -X POST https://api.verimago.io/v1/auth/login \
  -H "Content-Type: application/json" \
  -d '{"email": "you@example.com", "password": "your-password"}'

Save the returned token. Use it as Authorization: Bearer .

Generate a persistent API key

curl -X POST https://api.verimago.io/v1/keys \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{"name": "Production"}'

Save the returned apiKey immediately — it is shown only once.

Step 2: Sign content

Verimago never touches your file. You send the SHA-256 hash plus metadata:

# Hash your file locally
shasum -a 256 my-video.mp4

Submit for signing
curl -X POST https://api.verimago.io/v1/sign \
  -H "Authorization: Bearer veri_live_..." \
  -H "Content-Type: application/json" \
  -d '{
    "contentHash": "sha256:e3b0c44298fc1c14...",
    "headline": "Field report from downtown",
    "recordedAt": "2026-03-28T14:30:00Z",
    "contentType": "AUTHENTIC",
    "captureMode": "VIDEO"
  }'

Response includes a verifyUrl — a public link anyone can use to check the credential.

Step 3: Verify

Anyone can verify — no account required:

curl https://api.verimago.io/v1/verify/sha256:e3b0c44...

Or visit the verification URL in any browser.

Content types

Value	Shield	Use when
`AUTHENTIC`	Green	Raw footage — no AI processing or manipulation
`AI_ENHANCED`	Purple	AI-assisted editing (noise reduction, upscaling, color correction)
`AI_GENERATED`	Amber	AI-generated content (synthetic, composited)

How capture-time attestation differs from API signing

Camera App	API Signing
Attestation	Hardware-rooted (Secure Enclave / StrongBox + App Attest / Play Integrity)	Session-based (authenticated user)
Trust level	Proves content came from a real, unmodified device	Proves content was signed by an authenticated account
Best for	Field capture, breaking news, on-the-ground reporting	CMS integration, bulk signing, editorial workflows

Both produce C2PA-compliant Content Credentials. The camera app provides stronger attestation because it's hardware-rooted.

Next steps

API Reference — full endpoint documentation
Shield System — understand green, purple, amber, and grey shields
Verification Guide — how verification works under the hood