Public API v0
Everything public in the registry is available as JSON. No key, no account, no rate-limit dance: one endpoint, open CORS, cache-friendly.
The API ships with the registry platform. The v0 contract documented here is the launch contract; a v1 with list and search endpoints will follow.
Endpoint
GET https://platform.thehumanbehind.com/api/v0/records/{slug}.json -
slugis the record’s public identifier — the last segment of its page URL (/r/<slug>). - No authentication. No API key.
- CORS:
Access-Control-Allow-Origin: *— you can call it straight from a browser. - Cache: responses are cached for 300 seconds. Perfect freshness is not the point; verifiability is.
Example
curl https://platform.thehumanbehind.com/api/v0/records/nova.json Response — 200 OK, application/json:
{
"registry_code": "THB-2026-00117",
"slug": "nova",
"avatar_name": "Nova",
"type": "avatar",
"scope": "general",
"operates_at": "https://instagram.com/nova.avatar",
"responsible_name": "Maria Lopez",
"status": "active",
"verification_level": "registered",
"verified_at": null,
"registered_at": "2026-07-14T09:21:33.481205Z",
"content_hash": "54a8995c2e0c1c4ab014c18d65243c6527e0f62ff456440ed74bf8473f2b10fc"
} The response contains only public fields. The owner’s email and account data are not part of the API surface — structurally, not just by policy: the API reads from a database view that simply does not contain them.
Fields
The fields are exactly the public record fields documented in Records. Two of them deserve a note here:
-
verification_level—registeredorverified; whenverified,verified_atcarries the date. See Verification. -
content_hash— the SHA-256 of the registration snapshot. You can recompute it from the very fields in the response using the exact public recipe. That is the whole point of the API: independent verification.
Errors
| Status | Meaning |
|---|---|
200 | Record found; JSON body as above. |
404 | No record exists with that slug. |
410 |
The record existed and was de-registered. The slug and THB number are
never reused, so 410 is itself a form of proof: there
was a record here.
|
From JavaScript
const res = await fetch(
"https://platform.thehumanbehind.com/api/v0/records/nova.json"
);
const record = await res.json();
console.log(record.registry_code); // "THB-2026-00117" Fair use
The API is free for any reasonable use — embedding a seal check on your site, building a lookup tool, research. Responses are edge-cached; please do not hammer the origin with cache-busting traffic. If you need bulk access or list endpoints, talk to us — that is what v1 is for.