# Passpod Trust Action API — Full AI-readable summary

The Passpod Trust Action API is a receipt-backed API for sensitive digital actions. It helps a company normalize a request, check customer policy and source-labeled evidence, require consent or owner approval when needed, sign the business decision, and publish only safe receipt state for DIDX verification.

## Canonical flow
1. Requester requests.
2. Customer policy checks.
3. User, owner, or authorized approver approves when needed.
4. Customer signs the business decision and receipt digest.
5. Passpod records receipt conformance.
6. DIDX verifies safe receipt state only.

## Modules
- AgentTrust Sensitive Action Control: controls sensitive AI-agent actions before execution.
- Vendor Access Receipts: time-bound, approval-backed, revocable third-party access receipts.
- Remote Worker TrustPass: consent-bound remote worker readiness receipts without private document folders.
- Transaction Trust Receipts: receipt-backed review for high-risk money movement.
- Future modules: Call Center Trust Receipts, Age Trust Receipts, and other Trust Action verticals.

## Liability boundary
Requester owns the request. Customer policy controls the decision. User or owner approves when required. The customer signs the decision. Passpod records receipt conformance. DIDX verifies safe receipt state only. Passpod does not need to custody customer documents, logs, keys, policies, secrets, or final decisions.

## Developer testing
Developers can select a scenario in the developer portal, inspect the selected endpoint, copy curl examples, review sample payloads and expected responses, check live or preview status, and request a scoped pilot key.

## URLs
- Developer Portal: https://api.passpal.app/developer-portal/
- OpenAPI: https://api.passpal.app/openapi.json
- Sitemap: https://api.passpal.app/sitemap.xml
- Robots: https://api.passpal.app/robots.txt