> ## Documentation Index
> Fetch the complete documentation index at: https://docs.vouchmark.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Verify a badge token

> Public endpoint to confirm a Trust Badge.

Verifies a badge token. **No authentication required** — anyone can call it. The endpoint validates the JWT signature, confirms the badge is still active, and checks it hasn't been superseded or expired.

Always returns `200 OK`. Inspect `data.valid` to tell whether the badge is genuine.

## Query parameters

<ParamField query="token" type="string" required>
  The badge JWT token.
</ParamField>

<RequestExample>
  ```bash cURL theme={null}
  curl "https://api.vouchmark.com/v1/trust-badge/verify?token=eyJhbGciOiJIUzI1NiIs..."
  ```
</RequestExample>

<ResponseExample>
  ```json theme={null}
  {
    "success": true,
    "data": {
      "valid": true,
      "vendorId": "cmp_...",
      "customerId": "usr_...",
      "score": 90,
      "status": "active",
      "issuedAt": "2026-05-12T00:00:00Z",
      "expiresAt": "2026-08-10T00:00:00Z"
    }
  }
  ```
</ResponseExample>

When the badge cannot be verified, `valid` is `false` with a `reason`, and most other fields are omitted:

```json theme={null}
{
  "success": true,
  "data": {
    "valid": false,
    "vendorId": "cmp_...",
    "status": "revoked",
    "reason": "Badge has been revoked."
  }
}
```

## Response fields

<ResponseField name="success" type="boolean" />

<ResponseField name="data" type="object">
  <Expandable title="data">
    <ResponseField name="valid" type="boolean">
      Whether the badge is genuine and currently active.
    </ResponseField>

    <ResponseField name="vendorId" type="string">
      Present when the token decoded to a known badge. Omitted on signature failure.
    </ResponseField>

    <ResponseField name="customerId" type="string">
      Present only when `valid` is `true`.
    </ResponseField>

    <ResponseField name="score" type="number">
      Trust score. Present only when `valid` is `true`.
    </ResponseField>

    <ResponseField name="status" type="string">
      Badge status. One of `active`, `revoked`, `expired`.
    </ResponseField>

    <ResponseField name="issuedAt" type="string">
      Present only when `valid` is `true`.
    </ResponseField>

    <ResponseField name="expiresAt" type="string">
      Present only when `valid` is `true`.
    </ResponseField>

    <ResponseField name="reason" type="string">
      Human-readable explanation. Present only when `valid` is `false`. Example values: `Invalid or expired badge token.`, `No badge record found for this vendor.`, `Badge has been revoked.`, `Badge token has been superseded.`, `Badge has expired.`
    </ResponseField>
  </Expandable>
</ResponseField>
