Manav signed the canonical JSON below with its server secret. Hash the JSON with HMAC-SHA256 using the MANAV_SERVER_SIGNING_SECRET and compare - if it matches, this proof is authentic.
Canonical proof JSON
{"actionPayloadHash":"bf9c1425a5ef0b277ac12c7c763e659581849b45dc57869f5dd11f969f2cbe3a","actionTitle":"Identity verification · passkey · arivu","actionType":"verify_identity","actorHandle":"arivu","externalReference":null,"organizationSlug":null,"signatureSlug":"mnav_sig_JR-l2UKFqsBm","signedAt":"2026-06-03 13:02:50"}
Action payload hash · SHA-256 of the canonical action payload
bf9c1425a5ef0b277ac12c7c763e659581849b45dc57869f5dd11f969f2cbe3a
Server signature · HMAC-SHA256 over canonical JSON above
ea45135d281c1f0a275b247c08a3ca9061ac21509629a247afd056e7e9a6850f
Recompute it yourself
$ printf '%s' '{"actionPayloadHash":"bf9c1425a5ef0b277ac12c7c763e659581849b45dc57869f5dd11f969f2cbe3a","actionTitle":"Identity verification · passkey · arivu","actionType":"verify_identity","actorHandle":"arivu","externalReference":null,"organizationSlug":null,"signatureSlug":"mnav_sig_JR-l2UKFqsBm","signedAt":"2026-06-03 13:02:50"}' \
| openssl dgst -sha256 -hmac "$MANAV_SERVER_SIGNING_SECRET" -hex
$ # expected: ea45135d281c1f0a275b247c08a3ca9061ac21509629a247afd056e7e9a6850f