ManifideRequest a demo
How it works

Signals in. Certificate out.

We produce none of the signals. Manifide sits between the tools that produce trust signals about an API and the parties that consume it: it ingests, normalizes into one vocabulary, composes across the chain, and exposes a certificate anything can verify.

step 1

Ingest

Connect to the gateways, scanners, attestation bodies, monitors, and the published policy. We connect to what others produce — we don't run the pen test or probe every endpoint ourselves, and we say so.

step 2

Normalize & compose

Map every signal into one machine-readable claim vocabulary, then walk the chain — parent provider, IaaS host, model, subprocessors — to compute the effective trust of the whole composed service.

step 3

Issue & verify

Sign a certificate into a shared graph, with a short-lived status token for the hot path. Consumers verify locally, offline, before the call — no phone-home in the common case.

Composition

The effective certificate

An API's certificate references the pinned certificates of what it's built on. Manifide computes the effective trust of the whole — residency unions, assurance takes the weakest link, throughput takes the minimum — with a chain-validation summary that surfaces a stale or revoked dependency several hops down.

Vertical — inherit

A per-API cert inherits cross-cutting claims (SOC 2, residency, privacy) from the provider-level cert. Declared once, never duplicated across a provider's many APIs.

Horizontal — compose

The API composes the certs of its host, its model provider, its upstream dependencies — aggregated per claim type, so you evaluate the API and its supply chain in one shot.

Chain validation

Each link reports valid? still live? The verdict — valid / valid-with-warnings / invalid — is the one thing a consumer reads. The US-subprocessor-three-hops-down case stops being invisible.

Runtime verification · the TLS model

Verified in the hot path, before the call leaves.

We borrow the proven PKI pattern: a heavy certificate that changes rarely, plus a lightweight, short-lived, signed status token — the OCSP-stapling analog — carrying live monitoring and revocation state.

Local, offline signature check

Like a TLS handshake — no round-trip in the common case. An agent runtime, an API gateway, or a CI pipeline verifies before it acts.

Stapled status token

A fresh, signed, short-lived snapshot of monitoring + revocation, cheap to carry. Expired or absent? Fetch a fresh signed status; otherwise proceed.

Freshness contract

Every claim and the certificate carry asOf + recheckAfter. Staleness is explicit — consumers never silently trust old data.

Policy-as-code

Express requirements once; get allow / alert / block + why against the effective certificate, evaluated in milliseconds.

GET trust · verify signature locally · check freshness · evaluate vs policy
allow · ~2ms · offline

We run it on our own catalog before we ask anyone to rely on it.

See it on live APIs →