Documentation

Public API v0

Everything public in the registry is available as JSON. No key, no account, no rate-limit dance: one endpoint, open CORS, cache-friendly.

The API ships with the registry platform. The v0 contract documented here is the launch contract; a v1 with list and search endpoints will follow.

Endpoint

GET https://platform.thehumanbehind.com/api/v0/records/{slug}.json
  • slug is the record’s public identifier — the last segment of its page URL (/r/<slug>).
  • No authentication. No API key.
  • CORS: Access-Control-Allow-Origin: * — you can call it straight from a browser.
  • Cache: responses are cached for 300 seconds. Perfect freshness is not the point; verifiability is.

Example

curl https://platform.thehumanbehind.com/api/v0/records/nova.json

Response — 200 OK, application/json:

{
  "registry_code": "THB-2026-00117",
  "slug": "nova",
  "avatar_name": "Nova",
  "type": "avatar",
  "scope": "general",
  "operates_at": "https://instagram.com/nova.avatar",
  "responsible_name": "Maria Lopez",
  "status": "active",
  "verification_level": "registered",
  "verified_at": null,
  "registered_at": "2026-07-14T09:21:33.481205Z",
  "content_hash": "54a8995c2e0c1c4ab014c18d65243c6527e0f62ff456440ed74bf8473f2b10fc"
}

The response contains only public fields. The owner’s email and account data are not part of the API surface — structurally, not just by policy: the API reads from a database view that simply does not contain them.

Fields

The fields are exactly the public record fields documented in Records. Two of them deserve a note here:

  • verification_levelregistered or verified; when verified, verified_at carries the date. See Verification.
  • content_hash — the SHA-256 of the registration snapshot. You can recompute it from the very fields in the response using the exact public recipe. That is the whole point of the API: independent verification.

Errors

Status Meaning
200 Record found; JSON body as above.
404 No record exists with that slug.
410 The record existed and was de-registered. The slug and THB number are never reused, so 410 is itself a form of proof: there was a record here.

From JavaScript

const res = await fetch(
  "https://platform.thehumanbehind.com/api/v0/records/nova.json"
);
const record = await res.json();
console.log(record.registry_code); // "THB-2026-00117"

Fair use

The API is free for any reasonable use — embedding a seal check on your site, building a lookup tool, research. Responses are edge-cached; please do not hammer the origin with cache-busting traffic. If you need bulk access or list endpoints, talk to us — that is what v1 is for.

Next: Claims →