Who is it for?
Institutions issue credentials individually or in bulk, manage their registry, attach document proofs, and review complete audit logs of every verification attempt. Employers and regulators verify credentials publicly using a verification code, QR scan, or PDF upload — without a platform account. Administrators manage team roles, institution settings, and access controls through a four-tier role hierarchy.Key capabilities
Credential registry
Issue credentials with unique verification codes, QR payloads, and public verification URLs backed by a PostgreSQL registry.
Blockchain anchoring
Every credential hash is anchored to Polygon Amoy testnet. Verification returns the transaction hash, block number, and anchor timestamp.
Document integrity proof
Register a SHA-256 hash of any document. Verifiers re-upload the file — Certiva confirms whether it has been modified down to the byte level.
Batch issuance
Upload a CSV to issue hundreds of credentials in a single operation. A background worker processes the batch and tracks per-row results.
Role-based access
Four roles — Owner, Super Admin, Admin, Auditor — with enforced permission boundaries and an append-only audit trail.
Public verification
Verification requires no login. Anyone with the code, QR code, or original PDF can confirm authenticity at any time.
How verification works
Public verification goes through two modes depending on what the verifier has:
Both modes return a structured result with
result: VALID, REVOKED, INVALID, or NOT_FOUND, plus blockchain proof fields when anchoring is enabled.
Architecture
Certiva is a pnpm monorepo orchestrated with Turborepo:Next steps
Quickstart
Issue your first credential and run a public verification in four steps.
Concepts
Understand the credential lifecycle, verification modes, and role hierarchy.
Configuration
All environment variables for API, web, and worker.
API Reference
Full REST API with endpoint details and response shapes.