Which tier applies to you?
Two tiers cover every verification case:- Standard tier — JWT verification alone. Use this for identity-only flows: age gates, proof of personhood, KYC attestation.
- Enhanced tier — JWT plus EIP-712 PINT signature verification. Use this for spend authorisation and any flow carrying
sr:us:pint:spend:execute.
Start here
Read in this order:- Verifier overview — what you receive and what to verify.
- The quickstart that matches your tier:
- If you’re accepting PINTs at a checkout endpoint specifically, also run Accept a PINT at checkout.
Reference material you’ll come back to
- Verify a JWT — step-by-step JWT validation.
- Verify a PINT signature — EIP-712 signature verification for enhanced tier.
- JWKS endpoint — public key set for JWT verification.
- Revocation — checking token status against SIS.
- Error reference — SIS error codes and handling.
- Scopes reference — how scopes map to tiers.
What to skip for now
- The Platform API is for partners creating users and wallets, not for verifiers. You do not need a Platform API account to verify JWTs.
- The JWKS endpoint is public — you do not need a SIS API key to verify signatures. An API key is only needed if you intend to call the revocation endpoint.
Next up
- Verifier overview — what you receive and what to verify.
- Verification tiers — pick the right tier for your endpoint.
- Verify a standard PINT — JWT-only verification quickstart.
- JWKS endpoint — where to fetch SIS public keys.
Related
- Platform map
- Verified checkout use case
- Payment request links — PINT-backed checkout shape you may receive at settlement