Skip to content
Postcept
Guides

Verification results

Every verification that runs returns a result and a signed receipt. Here’s what each result means, how to tell “couldn’t check” apart from “didn’t happen,” and how to wire outcomes into recovery.

The five results

resultMeaningWhat to do
verifiedEvery postcondition passed.The action completed correctly. Store the receipt and move on.
incompleteThe action isn't in the system of record.The work didn't happen. Reopen, retry, or escalate.
duplicatedThe action happened more than once.Reconcile or compensate the duplicate.
mismatchedThe action exists but a field disagrees (amount, customer, status...).Route to review, the claim doesn't match reality.
policy_failedA required policy or approval step was missing.Route per your policy before treating it as done.

Postconditions: passed, failed, skipped

The receipt lists every postcondition with a status. passed and failed are self-explanatory. skipped is the important one: Postcept couldn’t make the check, an email it couldn’t resolve, a duplicate check with no correlatable id. A skipped check is never counted as a pass. It means “not confirmed,” so a result is only verified when the checks that matter actually ran and passed.

When a verification can’t run

A well-formed request returns 201 with a result. Other responses tell you to retry, fix the request, or check billing.

StatusMeaning
201Verification ran. Read result.
200Idempotent replay, the original verification for a repeated Idempotency-Key.
401Missing or invalid API key.
402Free-trial allowance reached, subscribe to keep verifying.
422Malformed request body.
429Rate limited. Back off and honor Retry-After.
503The system of record couldn't be reached, retryable.

The one to handle deliberately is 503. It means the system of record was unreachable, not that the action failed. Postcept refuses to record a false incomplete when it couldn’t actually check, so a 503 is your signal to retry with backoff, not to start recovery.

Recovery

Treat verified as done. Route incomplete, duplicated, mismatched, and policy_failed into your recovery workflow, human review, retry reconciliation, or compensation. Postcept surfaces these for you in the recovery queue, and the signed receipt is the evidence of exactly what was and wasn’t confirmed.

Idempotency

Send an Idempotency-Key header, the operation id is a natural choice. A repeat with the same key returns the original verification (200) instead of re-running, so a retry after a network blip never double-verifies or double-charges.

Idempotency-Key header
curl https://api.postcept.com/v1/verifications \
  -H "Authorization: Bearer pcpt_sk_..." \
  -H "Idempotency-Key: op_refund_8F31" \
  -H "Content-Type: application/json" \
  -d '{ "operation_id": "op_refund_8F31", "agent_id": "...", "claim": { ... } }'

Want the mechanics behind the checks? See postcondition verification.