Verify Response
curl --request POST \
--url https://api.aethercitadel.cloud/v1/intent/verify \
--header 'Content-Type: application/json' \
--header 'X-Citadel-Key: <x-citadel-key>' \
--data '
{
"original_intent_hash": "<string>",
"response": {
"match_id": "<string>",
"payload": {},
"timestamp": 123,
"signature": "<string>"
}
}
'import requests
url = "https://api.aethercitadel.cloud/v1/intent/verify"
payload = {
"original_intent_hash": "<string>",
"response": {
"match_id": "<string>",
"payload": {},
"timestamp": 123,
"signature": "<string>"
}
}
headers = {
"X-Citadel-Key": "<x-citadel-key>",
"Content-Type": "application/json"
}
response = requests.post(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {'X-Citadel-Key': '<x-citadel-key>', 'Content-Type': 'application/json'},
body: JSON.stringify({
original_intent_hash: '<string>',
response: {match_id: '<string>', payload: {}, timestamp: 123, signature: '<string>'}
})
};
fetch('https://api.aethercitadel.cloud/v1/intent/verify', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.aethercitadel.cloud/v1/intent/verify",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'original_intent_hash' => '<string>',
'response' => [
'match_id' => '<string>',
'payload' => [
],
'timestamp' => 123,
'signature' => '<string>'
]
]),
CURLOPT_HTTPHEADER => [
"Content-Type: application/json",
"X-Citadel-Key: <x-citadel-key>"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://api.aethercitadel.cloud/v1/intent/verify"
payload := strings.NewReader("{\n \"original_intent_hash\": \"<string>\",\n \"response\": {\n \"match_id\": \"<string>\",\n \"payload\": {},\n \"timestamp\": 123,\n \"signature\": \"<string>\"\n }\n}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("X-Citadel-Key", "<x-citadel-key>")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.post("https://api.aethercitadel.cloud/v1/intent/verify")
.header("X-Citadel-Key", "<x-citadel-key>")
.header("Content-Type", "application/json")
.body("{\n \"original_intent_hash\": \"<string>\",\n \"response\": {\n \"match_id\": \"<string>\",\n \"payload\": {},\n \"timestamp\": 123,\n \"signature\": \"<string>\"\n }\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.aethercitadel.cloud/v1/intent/verify")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["X-Citadel-Key"] = '<x-citadel-key>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"original_intent_hash\": \"<string>\",\n \"response\": {\n \"match_id\": \"<string>\",\n \"payload\": {},\n \"timestamp\": 123,\n \"signature\": \"<string>\"\n }\n}"
response = http.request(request)
puts response.read_body{
"cleared": true,
"reason": {},
"payload": {}
}Intent API
Verify Response
Verifies an AI response against its original intent signature via Bharat-Shield
POST
/
v1
/
intent
/
verify
Verify Response
curl --request POST \
--url https://api.aethercitadel.cloud/v1/intent/verify \
--header 'Content-Type: application/json' \
--header 'X-Citadel-Key: <x-citadel-key>' \
--data '
{
"original_intent_hash": "<string>",
"response": {
"match_id": "<string>",
"payload": {},
"timestamp": 123,
"signature": "<string>"
}
}
'import requests
url = "https://api.aethercitadel.cloud/v1/intent/verify"
payload = {
"original_intent_hash": "<string>",
"response": {
"match_id": "<string>",
"payload": {},
"timestamp": 123,
"signature": "<string>"
}
}
headers = {
"X-Citadel-Key": "<x-citadel-key>",
"Content-Type": "application/json"
}
response = requests.post(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {'X-Citadel-Key': '<x-citadel-key>', 'Content-Type': 'application/json'},
body: JSON.stringify({
original_intent_hash: '<string>',
response: {match_id: '<string>', payload: {}, timestamp: 123, signature: '<string>'}
})
};
fetch('https://api.aethercitadel.cloud/v1/intent/verify', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.aethercitadel.cloud/v1/intent/verify",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'original_intent_hash' => '<string>',
'response' => [
'match_id' => '<string>',
'payload' => [
],
'timestamp' => 123,
'signature' => '<string>'
]
]),
CURLOPT_HTTPHEADER => [
"Content-Type: application/json",
"X-Citadel-Key: <x-citadel-key>"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://api.aethercitadel.cloud/v1/intent/verify"
payload := strings.NewReader("{\n \"original_intent_hash\": \"<string>\",\n \"response\": {\n \"match_id\": \"<string>\",\n \"payload\": {},\n \"timestamp\": 123,\n \"signature\": \"<string>\"\n }\n}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("X-Citadel-Key", "<x-citadel-key>")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.post("https://api.aethercitadel.cloud/v1/intent/verify")
.header("X-Citadel-Key", "<x-citadel-key>")
.header("Content-Type", "application/json")
.body("{\n \"original_intent_hash\": \"<string>\",\n \"response\": {\n \"match_id\": \"<string>\",\n \"payload\": {},\n \"timestamp\": 123,\n \"signature\": \"<string>\"\n }\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.aethercitadel.cloud/v1/intent/verify")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["X-Citadel-Key"] = '<x-citadel-key>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"original_intent_hash\": \"<string>\",\n \"response\": {\n \"match_id\": \"<string>\",\n \"payload\": {},\n \"timestamp\": 123,\n \"signature\": \"<string>\"\n }\n}"
response = http.request(request)
puts response.read_body{
"cleared": true,
"reason": {},
"payload": {}
}Overview
Passes an AI response through Bharat-Shield for verification. Confirms that the response legitimately corresponds to the original intent, and hasn’t been tampered with, replayed, or generated outside the expected context. Call this after your AI service responds, before serving the output to the user.Request
Your Aether Citadel API key (
ack_live_...)The
intent_hash returned by /v1/intent/generate. Must be in the format sha256:<64 hex chars>.The
ScaleResponse object from your AI service.Show ScaleResponse fields
Show ScaleResponse fields
Unique ID for this response, generated by your AI service.
The AI output payload — any JSON object.
Unix timestamp when the AI generated this response.
HMAC-SHA256 signature of the payload, generated by AetherScale/your AI service.
Response
true if Bharat-Shield approved the response. false if blocked.If
cleared is false, the block reason. See block reasons.The verified AI payload. Only present when
cleared is true. Serve this to the user.Example
curl -X POST https://api.aethercitadel.cloud/v1/intent/verify \
-H "X-Citadel-Key: ack_live_YOUR_KEY" \
-H "Content-Type: application/json" \
-d '{
"original_intent_hash": "sha256:a3f8c2d1...",
"response": {
"match_id": "resp_abc123",
"payload": { "text": "Here is your answer..." },
"timestamp": 1718001000,
"signature": "3a4b5c6d..."
}
}'
const res = await fetch('https://api.aethercitadel.cloud/v1/intent/verify', {
method: 'POST',
headers: {
'X-Citadel-Key': process.env.CITADEL_API_KEY!,
'Content-Type': 'application/json',
},
body: JSON.stringify({
original_intent_hash: intentHash,
response: scaleResponse,
}),
});
const { cleared, reason, payload } = await res.json();
if (!cleared) {
// Block the response — do not show to user
logger.warn('Citadel blocked AI response:', reason);
return res.status(403).json({ error: 'AI response blocked' });
}
// Safe to serve
return res.json(payload);
{
"cleared": true,
"reason": null,
"payload": { "text": "Here is your answer..." }
}
{
"cleared": false,
"reason": "ExpiredIntent",
"payload": null
}
Error Responses
| Status | Error | Meaning |
|---|---|---|
400 | intent hash must start with 'sha256:' | Invalid hash format |
400 | intent hash has invalid length | Hash is not 64 hex chars |
401 | invalid or missing X-Citadel-Key | Bad or missing API key |
⌘I