Verified API·developer preview

Verification you can call. Receipts you can replay.

Rōvn is the operating network for the healthcare workforce. The Verified API is the read-only rail into it, query a clinician's verified readiness, with consent, and get back the exact hash-chained receipt the network locked.

Verify a clinician at the point of staffing, scheduling, or onboarding, without re-running primary-source checks your network already locked.

The receipt object

One object. The whole proof.

Every verification returns a receipt: the source, the method, the result, the tier, and the hash chain. It is the same object the audit replays, so what you read is exactly what was proven.

tier

A truth tier, every time

attested, processed, verified, or approved. You always know how strong the claim is.

source

The authority and method

Which primary source confirmed it, and whether it was a live API or manual PSV.

hash

The chain link

This receipt's hash and the previous one, so the record is tamper-evident.

GET /v1/workers/{id}/readiness 200 OK

{
  "worker": "wrk_4f8a21",
  "consent": "granted", // scoped, revocable
  "readiness": {
    "start_ready": true,
    "practice_ready": true,
    "bill_ready": true
  },
  "receipt": {
    "claim": "rn_license",
    "tier": "verified",
    "source": "nursys_e_notify",
    "method": "live_api",
    "result": "active_no_action",
    "checked_at": "2026-06-05T14:22:07Z",
    "hash": "0x9f3ca1be77d04e2a",
    "prev_hash": "0x41a0be12c9f40d88",
    "replayable": true
  }
}

Illustrative response on a synthetic worker — no real roster has run through the API. Shows the shape only; field names and structure may change during the developer preview.

What it is

Read-only by design. The network decides nothing for you.

The Verified API exposes proof, not control. You read verified readiness and receipts. Every credentialing, hiring, and deployment decision still happens with a human, the same firewall as the rest of Rōvn.

AI operates the workflow. Source systems prove the facts. Humans make every regulated decision.

Capability 01

Read-only access

Query verified readiness and receipts. No write endpoints. The API cannot change a record or make a decision.

Capability 02

Cached replay

Receipts are cached and replayable. Re-fetch the exact proof that was locked, with its timestamp and source intact. A fresh primary-source check is expensive; a cached, replayable receipt is near-free, the same proof, re-served.

Capability 03

Consent-scoped

Access is bounded by worker consent. A worker grants and can revoke what an integration may read, per scope.

Honest status

What is live, and what is not, yet.

Built today

The readiness read and the receipt object, implemented against our source layer — 43 roles, 51 jurisdictions, 36 primary sources, all exercised on a synthetic corpus. Pre-launch: no production verification traffic yet; preview access opens with the first design partners we sign.

Not yet

Public self-serve keys, webhooks, and roadmap sources (ABMS, AMA, FSMB, access in progress, targeting Q3 2026). We will say so when they ship.

Pricing No public pricing tiers during the developer preview. API access opens with the first design partners we sign. We will publish terms when the surface is generally available.

Developer preview

Build on verification you can trace.

Request access to the developer preview, the source-verified rail behind the Operator.

Request access → See the receipt & audit