Documents API
Anchor any document to the append-only ledger by its SHA-256 hash. Invoance signs a canonical payload with your tenant's private key and returns a verifiable proof. Optionally store the original bytes (encrypted) for later retrieval, and verify a document's integrity at any time.
All endpoints require API key authentication via the x-api-key header. Anchoring a document counts against your existing quota.
Overview
sha256(document) → POST /document/anchor → GET /document/:id → POST /document/:id/verifyYou anchor a document by submitting its SHA-256 hash. The document itself never has to leave your infrastructure, only the hash is required. If you want Invoance to keep a copy for later retrieval, pass the original bytes (base64) and they are stored encrypted. Anchoring the same hash again returns 409 Conflict with the existing event details.
To prove a document is unchanged later, hash it again and compare against the anchored hash, either via the verify endpoint or against the public proof page. A matching hash is cryptographic proof the bytes are identical to what was anchored.
Endpoints
/document/anchorAnchors a document hash into the append-only ledger. The server signs a canonical payload using the tenant's private key and returns a verifiable proof. Optionally pass trace_id to attach the document to an open trace. If the same document hash is anchored again, the API returns 409 Conflict with the existing event details.
To store the original for later download, add original_bytes_b64 (base64 of the file). Without it, only the hash is anchored.
POST /document/anchor
Authorization: Bearer invoance_live_xxx
Idempotency-Key: <uuid>
Content-Type: application/json
{
"document_hash": "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3…",
"document_ref": "Invoice #1042",
"event_type": "invoice",
"metadata": { "department": "finance" },
"trace_id": "9549c332-…" // optional, attach to a trace
}{
"event_id": "9549c332-a52b-4202-8298-ddbf975ab0d5",
"created_at": "2026-02-07T12:04:11Z",
"document_hash": "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3…",
"status": "accepted"
}/documentReturns a paginated list of document events for the authenticated tenant. Supports filtering by date range and document reference. Maximum 500 results per page, cached for 30 seconds.
GET /document?page=1&limit=50&date_from=2026-01-01&document_ref=Invoice
Authorization: Bearer invoance_live_xxx{
"documents": [
{
"event_id": "9549c332-a52b-…",
"document_ref": "Invoice #1042",
"document_hash": "a94a8f…",
"event_type": "invoice",
"has_original": true,
"created_at": "2026-02-07T12:04:11Z"
}
],
"page": 1,
"limit": 50,
"total": 142,
"has_more": true
}/document/:event_idRetrieves an immutable ledger record including cryptographic signatures and metadata. Read-only. Requires the read scope.
GET /document/9549c332-a52b-…
Authorization: Bearer invoance_live_xxx{
"event_id": "9549c332-a52b-…",
"tenant_id": "org_01…",
"document_ref": "Invoice #1042",
"document_hash": "a94a8f…",
"signature_b64": "…",
"signed_payload_b64":"…",
"public_key_b64": "…",
"has_original": true,
"metadata": { "department": "finance" },
"created_at": "2026-02-07T12:04:11Z"
}/document/:event_id/originalReturns the original document file as raw bytes. Only available if the document was anchored with original_bytes_b64. Response is application/octet-stream. Cached server-side for 5 minutes.
Returns 404 if the document was anchored hash-only (no original stored).
GET /document/9549c332-a52b-…/original
Authorization: Bearer invoance_live_xxx
Accept: application/octet-streamHTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Disposition: inline
<raw document bytes>/document/:event_id/verifyCompares a submitted SHA-256 hash against the anchored document hash. Returns whether the hash matches. No authentication is required for public proof verification, but this API-scoped endpoint requires a valid key.
POST /document/9549c332-a52b-…/verify
Authorization: Bearer invoance_live_xxx
Content-Type: application/json
{
"document_hash": "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3…"
}{
"event_id": "9549c332-a52b-…",
"match_result": true,
"document_ref": "Invoice #1042",
"anchored_hash": "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3…",
"submitted_hash": "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3…",
"anchored_at": "2026-02-07T12:04:11Z"
}SDK reference
Every official SDK exposes the documents namespace under client.documents — anchor, list, get, download the original, and verify, in all eight languages.
Verification
To prove a document is unaltered, re-compute its SHA-256 hash and compare it against the anchored hash. A match is cryptographic proof the bytes are byte-for-byte identical to what was anchored, and the Ed25519 signature on the ledger record proves it was signed by your tenant key at the recorded time. Use POST /document/:id/verify for an API-scoped check, or the public proof page for anyone to verify without an API key.
Verification never requires the original bytes, only the hash. You can verify a document you anchored hash-only just as easily as one whose original Invoance stored.