Verify your first action in five minutes.
You’ll mint a key, verify an action in sandbox mode (no system to connect), watch Postcept catch a false completion, and verify the signed receipt yourself.
1Get an API key
Create an account, then open Dashboard → API keys → Create key with the write scope. Copy the secret, it starts with pcpt_sk_ and is shown once.
Every request authenticates with a bearer token against the base URL https://api.postcept.com.
2Verify an action
Post the action your agent claims it took. With "test": true, Postcept checks it against a deterministic sandbox instead of a live system, so you can try the full flow immediately.
curl https://api.postcept.com/v1/verifications \
-H "Authorization: Bearer pcpt_sk_..." \
-H "Content-Type: application/json" \
-d '{
"operation_id": "op_quickstart_1",
"agent_id": "my-agent",
"test": true,
"claim": {
"refund_id": "re_4md82k",
"amount_cents": 12000,
"currency": "usd",
"customer": "mara.ellis@example.com"
}
}'The claim matches the sandbox record, so every postcondition passes and the result is verified, sealed in a signed receipt.
{
"id": "ver_3f9c2a1b7e0d",
"operation_id": "op_quickstart_1",
"action": "refund",
"connector": "mock",
"result": "verified",
"test": true,
"postconditions": [
{ "name": "refund_exists", "status": "passed" },
{ "name": "amount_matches", "status": "passed", "expected": "12000", "actual": "12000" },
{ "name": "customer_matches", "status": "passed" },
{ "name": "not_duplicate", "status": "passed" }
],
"receipt": {
"id": "pcpt_rcpt_01HY9Q8F3X",
"result": "verified",
"connectors_checked": ["mock"],
"signing_key_id": "ed25519:6Q_Dp...",
"signature": "MEUCIQ...",
"issued_at": "2026-06-27T10:14:02Z"
}
}3Catch a false completion
Now send the same action with the wrong amount, "amount_cents": 9900. The refund exists, but the amount doesn’t match the system of record, so Postcept returns mismatched with the failing postcondition. This is the completion gap, caught.
{
"id": "ver_8b21d4e90af3",
"result": "mismatched",
"connector": "mock",
"test": true,
"postconditions": [
{ "name": "refund_exists", "status": "passed" },
{ "name": "amount_matches", "status": "failed", "expected": "9900", "actual": "12000" }
],
"receipt": { "id": "pcpt_rcpt_01HY9XB2K0", "result": "mismatched", "signature": "MEQCIB..." }
}4Verify the receipt yourself
A receipt is proof you can check without trusting Postcept. Verify its Ed25519 signature against the published key with the open @postcept/receipt package, in Node, the browser, Deno, or an edge runtime.
import { verifyReceipt } from "@postcept/receipt";
// The public signing key (also returned at GET /v1/signing-key).
const { public_key } = await fetch(
"https://api.postcept.com/v1/signing-key"
).then((r) => r.json());
const ok = await verifyReceipt(receipt, public_key);
// ok === true → authentic, unmodified, signed by Postcept.5Go live
Drop test and name a connector you’ve linked under Dashboard → Connections. Postcept now checks the real system of record, 15 systems across payments, support, commerce, and accounting are supported.
curl https://api.postcept.com/v1/verifications \
-H "Authorization: Bearer pcpt_sk_..." \
-H "Content-Type: application/json" \
-d '{
"operation_id": "op_refund_8F31",
"agent_id": "SupportAgent-04",
"connector": "stripe",
"claim": {
"refund_id": "re_4md82k",
"amount_cents": 12000,
"currency": "usd",
"customer": "mara.ellis@example.com"
}
}'Or use an official SDK
Typed clients wrap the same API. The TypeScript client mirrors the calls above:
import { PostceptAgent } from "@postcept/sdk";
const postcept = new PostceptAgent({ apiKey: process.env.POSTCEPT_API_KEY! });
const result = await postcept.verifyRefund({
operationId: "op_quickstart_1",
agentId: "my-agent",
refundId: "re_4md82k",
amountCents: 12000,
currency: "usd",
customer: "mara.ellis@example.com",
test: true,
});
result.result; // "verified"Python is published too, pip install postcept, with the same method names (verify_refund, verify_cancellation, verify_ticket).
For MCP clients like Claude, the @postcept/mcp server exposes verification as tools, so an agent can check its own actions:
{
"mcpServers": {
"postcept": {
"command": "npx",
"args": ["-y", "@postcept/mcp"],
"env": { "POSTCEPT_API_KEY": "pcpt_sk_..." }
}
}
}