![](data:image/svg+xml,%3Csvg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16"%3E%3Crect width="16" height="16" rx="4" fill="%23093bff"/%3E%3Ctext x="8" y="11" text-anchor="middle" font-size="9" font-family="Arial,Helvetica,sans-serif" fill="white"%3EO%3C/text%3E%3C/svg%3E)
Verify a badge
Paste a badge JSON document to confirm its Ed25519 signature and make sure it matches the canonical payload in the registry. The verification runs entirely in your browser—no data is sent anywhere.
Verify now
Public key
The verification tool uses the program public key stored at /public_key.pem. Copy it to integrate automated checks in your pipelines.
Sample badge JSON
json
{
"vendor": "acme-cloud",
"application": "cloud-sso",
"version": "1.0.0",
"badge_type": "free-oidc-support",
"status": "certified",
"issued_at": "2026-05-01T12:00:00Z",
"expires_at": "2027-05-01T12:00:00Z",
"evidence_urls": [
"https://id.acme.test/docs/oidc"
],
"checks": {
"oidc_discovery": "https://id.acme.test/.well-known/openid-configuration",
"docs": "https://id.acme.test/docs/oidc"
},
"notes": "Initial certification release",
"digital_signature": "/S6qUvxFgm3tPuUNSJpYtRyHTJu1t3j836knLPSmfsLllWjt+sw6AgzxxhBbXxdUOMh3GGe2ionkb53ROIxACA=="
}How signature verification works
- The badge JSON is parsed and canonicalized (keys sorted, arrays ordered as provided).
- The
digital_signaturefield is decoded from Base64. - The site public key is imported using the Web Crypto API.
- The Ed25519 signature is checked against the canonical payload.
- The result is displayed with clear success or error messages.
If you see an invalid result, compare the badge against the registry entry and make sure no fields were changed.